New security and mobility requirements will make EVAS a network requirement.
Published: July 12, 2013
Around 2004, Cisco introduced a new technology initiative called Network Admission Control (now commonly referred to as Network Access Control or NAC). Back then, NAC was really in response to the recent wave of Internet worms where one compromised user PC could log on to the corporate network and subsequently infect the whole enchilada. NAC was seen as a way to alleviate this threat by authenticating (i.e., 802.1X) and inspecting PCs before providing Layer 3 network access.
Cisco’s NAC announcement led to a wave of follow-on industry activity. Microsoft countered NAC with Network Access Protection (NAP). The Trusted Computing Group added a set of standards called the Trusted Network Connect (TNC). Numerous Sand Hill Road lemmings funded NAC/NAP/TNC startups to out innovate and execute the big guys.
Whether from vendor exhaustion, clunky technology implementation, or the global recession, industry ga-ga for NAC faded sometime around 2008. Security and networking firms turned their attention to alternative hyperbole.
Fast forward to 2013 and a funny thing is happening since NAC exited the spotlight: Remaining vendors continued to innovate, products evolved, and requirements changed. In fact, NAC circa 2004 evolved precipitously. So much so that ESG believes it deserves a new categorization – Endpoint Visibility, Access, and Security (EVAS). EVAS is a logical progression:
With this expanded role, EVAS is communicating with everything, working with MDM, SIEM, vulnerability scanning, configuration management, endpoint security software, and so on.
While NAC was a niche technology, a combination of mobile computing, cloud computing, the “Internet of everything,” and security requirements will drive EVAS into the mainstream. ESG believes the EVAS market will grow beyond $700 million in revenue by 2017. The EVAS market is dominated by Bradford Networks, Cisco, Forescout, and Juniper today but with EVAS growth and critical role, other networking, MDM, and security vendors are jumping into the EVAS pool.
NAC was a great concept with flawed execution and market timing. EVAS vendors learned from this experience. Given new requirements and technology innovation, EVAS appears to be in the right place at the right time.
*All views and opinions expressed in ESG blog posts are intended to be those of the post's author and do not necessarily reflect the views of Enterprise Strategy Group, Inc., or its clients. ESG bloggers do not and will not engage in any form of paid-for blogging. Click to see our complete Disclosure Policy.