This module is really helpful in terms of network security, it jails unsecured/non-tls users in specified channel (so you can help them to configure their clients for TLS usage) and restrict them from messages (they are only can send messages to the jail channel)/commands/aliases usage, they are also can't leave that channel and can't join any other channels on the network, this will protect your network channels from leaking/etc.. without the need of +z mode, but just do not abuse with it, as it is really powerful. Download Link
This will make sure STS-capable clients will automatically be redirected to an SSL/TLS port. No need to do anything for these users.
All other clients, the clients that are not STS-capable, can be joined to a channel by this module. This allows staff to manually help/instruct those users to enable SSL/TLS in their client.