Network-connected end devices remain a major cybersecurity point of vulnerability.
Network Access Control (NAC) technology provides the ability to lock down network access in a way and to an extent that no other cyber defense product category does.
Cyber threats in today’s enterprises are focused on multiple attack surfaces across the entire range of network-connected devices.
Over the past few years, the number of endpoint attack surfaces has expanded considerably.
This trend is expected to continue and increase exponentially in the years immediately ahead.
Endpoint attack surfaces are expanding in terms of client platform diversity, and include:
And also in terms of platform depth:
Each specific device and platform provides its own unique set of attack surface vulnerabilities.
All need to be actively managed from a network connection perspective to ensure they aren’t a threat to the enterprise environment.
This requires ensuring all devices can be accurately identified, that all have been appropriately patched and updated to ensure O/S and application-level vulnerabilities have been remediated, and that devices are operating with the latest anti-malware/anti-virus software definitions prior to gaining network access.
这需要确保所有设备都能够被准确识别，所有设备都经过适当的修补和更新，以确保O / S和应用程序级漏洞得到修复，并且设备使用最新的反恶意软件/防病毒软件定义获得网络访问权限。
Current cybersecurity trends
In short, attack surfaces are expanding quickly, breaches continue to be a major problem, cybersecurity costs are clearly out of control, and the ability of enterprises to successfully manage these challenges continues to fall short – often in the simplest of ways. Indeed, most major breaches turn out to be the result of operational shortfalls in the area of updating and patching operating systems and various application components. Beyond that: Cisco estimates that even when IT departments are alerted to a potential problem via monitoring and alerting, only 56% of active alerts are actually responded to.
简而言之，攻击面迅速扩大，漏洞仍然是一个主要问题，网络安全成本明显失控，企业成功应对这些挑战的能力仍然不足 - 通常以最简单的方式。实际上，大多数重大漏洞都是由于操作系统和各种应用程序组件的更新和修补方面的操作不足造成的。除此之外：思科估计即使IT部门通过监控和警报提醒潜在问题，实际上只有56％的活动警报得到响应。
Clearly, effective operational management of network-connected devices from a cybersecurity perspective in any organization requires a rigorous and disciplined alignment of the correct tools, technologies, people, and processes. NAC technology provides the key, foundational component necessary for enterprises building a modern, effective cyber-defense framework.
NAC As a Key Component of Your Cyber Defense Framework
At our current juncture, with cyber assaults already outstripping enterprises’ ability to respond effectively, there is obviously a pressing need to reevaluate cyber defense strategies. For NAC vendors, a very large opportunity exists for making the case for increased NAC adoption. As the total market value for the sector (~$685M in 2017) is expected to approach $1B in the next 3-4 years, it isn’t a question of whether this market will continue to grow but by how much and how quickly. That said, the lion’s share of press on cyber-defense and cyber thought leadership is currently focused on seemingly newer, higher-profile cyber-defense innovations such as SIEM and ML-AI based predictive analytics rather than on network access control. Yet it is increasingly recognized that there is no “one size fits all” answer to constructing an effective cybersecurity defense framework. The market trend is therefore in the direction of integrating tools from across the cybersecurity product spectrum in a way that provides the best solutions for a given enterprise. Given its foundational role in providing for secure network access, NAC needs to be at the forefront of any network cyber defense architecture.
Legacy strategies and tools must be integrated into this new multi-layered cyber defense approach as well. Traditional firewalls, once the primary, if not the only, tool in the security toolkit, are now recognized as inadequate in and of themselves to provide the necessary defensive bulwark. This is because, as with many security approaches, they address just one aspect of the challenge – in this case protecting the network perimeter. However, if ever breached, whether through brute force attack or simple misconfiguration by a network administrator, perimeter security alone cannot prevent an attack from spreading laterally once inside the network itself. Likewise, with simple endpoint security: the moment the endpoint is compromised, all devices connected to the same network become potentially highly vulnerable as well.
So while it is widely recognized that a multi-layered, integrated approach needs to be taken to ensure effective cyber-defense, the cybersecurity products marketplace has become glutted with a plethora of competing products, platforms, and contradictory claims. Genians has an opportunity to assist prospective customers by clarifying the key security ingredients that matter most in what has become a very confusing marketplace. For example:
Cloud computing brings with it both great flexibility and significantly increased infrastructure complexity. For most enterprises, it is important to keep in mind that “the cloud” will not be a single, monolithic entity, but rather a combined physical/virtual infrastructure platform that will include both on-premise and off-premise components. Indeed, it will very likely include more than one cloud provider. Hence the terms “hybrid” and “multi-cloud” environments.
Security solutions will need to effectively address this new complexity. NAC, SIEM, and ML/AI-based predictive analytics tools should therefore ideally be employed together in a joint, comprehensive cyber defense solution. NAC can play a primary, critical role in this integrated framework by being leveraged as a conductor to orchestrate all meaningful information emanating from SIEM, analytics, and other security tools to ensure action is taken at the right time and in the right way to mitigate cyber threats to your network.
In summary, enterprises need to: