Zero Trust platform from Pulse Secure is enhanced
|Richard Harris in Security Tuesday, October 29, 2019|
Pulse Secure introduces new secure access management and threat mitigation features within its Zero Trust Platform, enabling enterprise and service provider organizations to progress and mitigate hybrid IT risks while simplifying access to resources.
Pulse Secure announced that it has introduced new Secure Access management and threat mitigation capabilities within its Zero Trust Network Access platform. Through these enhancements, Pulse Secure enables enterprise and service provider organizations to progress Zero Trust security and mitigate hybrid IT risks while simplifying access to multi-cloud and data center resources.
Zero Trust platform from Pulse Secure is enhanced
"The advantages that vendors like Pulse Secure provide are unified visibility and control, broad endpoint and IoT security coverage, consistent policy enforcement and faster mean time to response to access issues. Those advantages result in an improved security posture and reduced attack surface. At the same time, consolidating multiple tools into a Secure Access platform reduces the cost of ownership and operational overhead," said Paula Musich, research director of security and risk management at Enterprise Management Associates.
Pulse Secure's Zero Trust Network Access platform allows organizations to centrally manage policy and automate secure access to applications, data, and services that are delivered on-premise or in private and public cloud environments. The company continues to incorporate open standards and proprietary means to extend platform interoperability and automation that provide customers greater operational oversight, policy management, and threat response economies.
Many enterprises supplement conventional desktop and mobile remote access to hybrid IT applications and resources utilizing Virtual Desktop Infrastructure. Having to manage multiple secure access mechanisms often introduces user experience issues, as well as provisioning delays. Pulse Secure has enhanced its VDI integration with RDS (Remote Desktop Services) Broker to simplify user experience and management support for Citrix XenApp/XenDesktop, VMware Workspace ONE and Microsoft RDP. Additional management enhancements include:
- Pulse VPN can now use DHCP-based networking configuration to automate endpoint access provisioning
- OpenStack interoperability to streamline managing multiple virtual Pulse Secure appliances through popular IT orchestration tools
- Easier, broader network switch support for Layer-2 enforcement utilizing a template-based CLI framework for Pulse NAC that negates the need for RADIUS
- Building in Pulse Secure VPN and NAC attributes within Pulse vADC to facilitate policy-based load balancing to improve user experience and access resiliency
Organizations are seeking means to improve the mobile workforce user experience while assuring data protection measures are always active and audit-ready in order to support numerous internal and regulatory compliance specifications. Pulse Secure has enhanced its popular Pulse VPN Lockdown mode feature that prevents users from modifying VPN Client settings or disconnecting from gateways. Ensuring always-on and protected connections with rich user authentication and device security posture enforcement significantly reduces endpoint and access security threats. Additional threat mitigation enhancements include:
- Bi-directional integration with IBM QRadar and Splunk SIEMs allowing Pulse NAC to receive SIEM alerts and take network threat response actions
- Identity-based integration between Pulse NAC and the FortiGate Next-Gen firewall (NGFW) using RADIUS Accounting allowing Pulse to send identity context to the NGFW for role-based access enforcement to corporate resources
- Pulse NAC can provision users' authentication details and resource/IoT access enforcement policies to specific Palo Alto Network's NGFW virtual instances (VSYS)
- User Entity Behavior Analytics (EUBA) enhancements to further extend adaptive access control based on anomalous and malicious user or device activity
"Our customers have come to expect our solutions to be highly interoperable to address the broadest range of secure access needs, reduce operating costs and enable expedited threat response. With these platform advancements, our customers can further leverage their IT investments and gain greater access visibility, security, compliance, and productivity," said Prakash Mana, vice president of product management.
Pulse Secure's Zero Trust Network Access platform is a foundational component of the Pulse Access Suites. The Suites provide remote, mobile, cloud, network and application security with comprehensive VPN, Mobile Device Management (MDM), Single Sign-on (SSO), endpoint and IoT device security, Network Access Control (NAC) and virtual Application Delivery Controller (ADC) functionality. Pulse SDP is a Suite add-on that activates Software Defined Perimeter (SDP) components within existing Pulse solutions to provide direct device-to-application trusted connectivity only after successful user, device and security state verification. This approach extends the company's foundation of Zero Trust access for hybrid IT with enhanced usability, deployment flexibility, automated provisioning, and resource optimization.