Cisco recently published their Annual Security Report (ASR) for 2015 and there was quite a bit of interesting information on what happened in 2014, but also trends for 2015. We saw the rise in the number of highly publicized attacks in 2014 and the fact that C-Level Executives are under a lot of pressure to improve the security of their networks and protect sensitive client data. While attackers have always targeted IT users, in 2015 the trend is shifting where the primary target is to take advantage of user behaviors to breach the network. This last point is important because once the user has been compromised or their credentials have been lifted, the attacker then has access to anything important that is connected. The Cisco 2015 ASR shows that only 43% of organizations leverage identity administration and provisioning to properly secure their networks and data. This means that over half of organizations don’t know who is accessing their networks, where they’re going or coming from, or what they’re using and if it is even authorized based on business policy. As we all know, once someone unauthorized gets inside it can be challenging to track down the incursion and negate the threat.
Traditionally, Network Access Control (NAC) has been used to decide who gets access to the network, but was often used for just Guest Access or was just too complicated to implement at all. However, with new IT initiatives like Enterprise Mobility (BYOD), expanding GUEST requirements, and the need to secure a new class of connected devices, the Internet of Things (IoT), the attack surface for cyber threats has increased significantly. NAC has evolved into a technology that has become a critical component in the defense against cyber intrusions and data theft. While Cisco still uses the term “NAC” to describe our offerings since it is the most identifiable term, Enterprise Security Group—a well-known analyst research company—has coined the term endpoint visibility, access, and security (EVAS) to characterize the evolution of NAC.
In the Cisco Annual Security Report for 2015, we talk about how NAC has evolved into EVAS to protect the network from unapproved users or criminal attacks, and EVAS devices must do so in a way that doesn’t impede access by legitimate users. EVAS provides more visibility and security context that user roles, asset connecting, location, and business process considerations. This additional visibility is critical when expanding the role of NAC from just access by traditional compute devices to mobile and IoT devices. IoT is further becoming an area of concern that can be exploited by cyber-attacks since IoT devices are being increasingly network-enabled and not always hardened or evaluated for vulnerabilities.
EVAS also becomes a critical component in managing policies and policy enforcement for the “the network-as-a-sensor” approach to security enforcement, gathering contextual data, and applying to stronger security access policies. This enables EVAS to become the centralized security policy platform for securing anywhere from a remote device (VPN), prior to connecting to network services, at the point of network entry, and finally within the network itself. By controlling access and allowing only the right people to get to the right resources, which is Cisco’s “network-as-an-enforcer” approach to security, EVAS can also help organizations reduce the endpoint and network attack surface, limit the scale and scope of an attack, remediate problem resolution processes, and even harden the network after an attack has occurred.
To learn more about how NAC and EVAS can help protect your networks from threats, you can access the Cisco Annual Security Report for 2015 here:
For more information about Cisco Security products including our product and solutions for securing access, please check out these links:
Securing Remote Access:
Access Enforcement and Segmentation in the Network: