Slideshow 11 Reasons to Consider EVAS for Network Security

Published
  • August 02 2015, 4:47pm EDT
14 Images Total

11 Reasons to Consider EVAS for Network Security

In its 2015 Annual Security Report, Cisco Systems explains the ongoing race between cyber attackers and information network defenders, and defenders aren’t the ones winning. Included is a look at the move away from Network Access Controls (NAC)—which TechTarget defines as a method of increasing security by restricting availability of the network to endpoint devices that comply with a defined security policy—to a more sophisticated method called Endpoint Visibility, Access and Security Controls, or EVAS. Here is a look at EVAS. (Photo: Fotolia)

What is EVAS?

“Unlike older NAC technologies, EVAS uses more granular information to enforce access policies, such as data about user role, location, business process considerations and risk management,” Cisco says. “EVAS controls also help grant access beyond computers, allowing network administrators to provide access through mobile and IoT (Internet of Things) devices.” (Photo: Fotolia)

Content Continues Below


Security Details

“EVAS helps enable a network-as-a-sensor approach to security enforcement, granting or halting access throughout the extended network, whether from a remote device (VPN), prior to connecting to network services, or even within the network itself across sensitive resource pools,” Cisco explains. “EVAS also can help organizations reduce the endpoint and network attack service, limit the scale and scope of an attack, remediate problem resolution processes, and even harden the network after an attack has occurred.”

The company further details EVAS capabilities before an attack, during an attack and after an attack is detected. (Photo: Fotolia)

Before an Attack, EVAS can…

Identify risky assets by monitoring all access connected to the network at any time, identifying non-compliant users, devices and applications, and correlate this information with third-party vulnerability assessment tools. (Photo: Fotolia)

Also Before an Attack EVAS can…

Improve risk mitigation by gathering actionable intelligence that can be shared with other security and network applications to improve workflows, streamline operations and prioritize remediation activity. (Photo: Fotolia)

Content Continues Below


Finally, Before an Attack EVAS can…

Enforce granular network access policies by providing contextual information for granular policy enforcement, and limit access to sensitive content, assets or network segments. (Photo: Fotolia)

During an Attack, EVAS can…

Integrate with advanced network-based threat defense systems by sharing knowledge when malicious activity is detected for the purpose of correlating attack data endpoint connections, configurations and behavior patterns over time. (Photo: Fotolia)

Also During an Attack EVAS can…

Block “kill chain” tactics from compromised systems by limiting lateral attack movement by stopping compromised systems from reaching out to policy-controlled, non-authorized network assets to steal credentials, escalate privileges and exfiltrate valuable data. (Photo: Fotolia)

Content Continues Below


Finally, During an Attack EVAS can…

Limit the scope of an attack by restricting and thereby quarantining systems that exhibit anomalous behavior. (Photo: Fotolia)

After an Attack is Detected, EVAS can …

Assess endpoint profiles for vulnerabilities by sharing information from the EVAS database with vulnerability analysis tools, which can help IT operations prioritize a fix. (Photo: Fotolia)

Also, After an Attack is Detected, EVAS can …

Remediate compromised systems by integrating with security information and event management systems (SIEM), and endpoint security systems. In doing so, EVAS can automate fixes and monitor progress. (Photo: Fotolia)

Content Continues Below


Finally, After an Attack is Detected, EVAS can …

Fine-tune access polices and security controls by working with networking and security equipment to segment application traffic or add new firewall rules or IPS signatures (a distinctive characteristic identifying something). (Photo: Fotolia)

Closing Thoughts

Unlike overly complex network controls of the past, EVAS solutions are business enablers, Cisco says. As organizations embrace BYOD policies, cloud computing, and mobility initiatives, effectively enforcing security policies will become more imperative.

“Cisco security experts predict that chief information security officers will increasingly turn to EVAS solutions to manage the complex web of connections among users, devices, networks and cloud services.”

Want More?

The complete Cisco 2015 Annual Security Report is available here at no cost. Registration is required.