Download PDF version Contact company

Pulse Secure announced new features to its Network Access Control (NAC) solution, Pulse Policy Secure (PPS), that enhance endpoint and IoT device visibility, compliance, remediation, and threat response as organizations embrace expanded remote work flexibility with employees and their devices returning to a hybrid workplace. Available separately or as part of Pulse Access Suite Plus, Pulse Policy Secure (PPS) is an enterprise-class NAC solution that is easy to deploy, manage and scale.

The update release includes over 30 new features and enhancements such as support for additional endpoint detection and response (EDR) and IoT / OT vendors including McAfee and Nozomi. With businesses slowly opening up more modified and social-distanced work settings and accelerating multi-cloud and hybrid IT resource use, organizations are experiencing increased attack vectors and exploits stemming from endpoint and IoT device exposures.

Hybrid work environment

What’s required to ensure user productivity and information security in today’s hybrid work environment is greater managed and unmanaged device oversight, expanded endpoint compliance and remediation capability, and means to unify remote and on-premise access control.

In the “2020 Endpoint and IoT Zero Trust Security” Report, Cybersecurity Insider’s noted the following survey results:

  • 66% saw an “increase to significant increase” in endpoint and IoT security incidents impact over the last 12 months, with the top 3 being malware, insecure network and remote access, and compromised credentials / weak authentication.
  • 50% anticipate “high to likely” that their organization will become compromised due to an endpoint or IoT originated attack in the next 12 months.
  • 48% have “moderate to unlikely means” to discover, identify and respond to unknown, unmanaged, or insecure devices accessing network and cloud resources.

Threat response capabilities

Pulse Secure ranked among the top 3 hybrid NAC vendors by global market share

Modern Network Access Control solutions provide the agent and agentless visibility, contextual access policy control and integrated threat response capabilities necessary to prevent endpoint exposures that yield identity theft, malware and network compromise. Regulated industries, such as financial services and healthcare, need to be especially diligent in enforcing endpoint compliance and segregating IoT access.

According to a recent market report by IDC, NAC is a mainstream market forecasted to grow 10.7%, reaching $1.9B by 2024. NAC has evolved from an admission control tool to enable real-time, on-premises endpoint, cellphone and IoT device discovery, assessment, enforcement and remediation capabilities. In this report, Pulse Secure ranked among the top 3 hybrid NAC vendors by global market share - offering 802.1X, non-802.1X agent-based agentless functions.

High performance appliance

The report’s “Who Shaped the Year” section highlights Pulse Secure’s capabilities: Pulse Policy Secure (NAC) offers the complete range of capabilities, including 802.1X and non-802.1X, agent and agentless Client, and network profiling with UEBA, which gives enterprises flexibility to deploy across a gamut of hybrid IT environments.

This makes Pulse Secure's NAC ideal to support a wide range of use cases, such as: visibility only, full-featured 802.1X, agent-based BYOD (they offer a cellphone VPN and MDM), as well as agentless guest, IoT and IT/OT security. Having a built-in RADIUS server, high performance appliance (up to 50,000 concurrent sessions), centralized management (up to 400 appliances), and ecosystem integrations also provides benefits to NAC scalability and interoperability.

Secure access technologies

Modern NAC solutions are increasingly becoming a critical component of a multifaceted secure access program"

As a Secure Access platform play, competing with Cisco, Fortinet and HP, Pulse Secure provides a portfolio of solutions available separately or as an integrated suite for hybrid IT. Pulse Secure offers all three primary secure access technologies recognized by IDC: VPN, NAC, and SDP. With unified Client, appliance, management and rules engine, this cross functionality allows corporate policy to be set across any combination of solutions.

As the pandemic forces adopting organizations to prioritize securing the growing remote workforce, Pulse Secure is able to provide a comprehensive solution-set which does not requiring sacrificing the continuing need for on-premise security.

Secure access program

“Beyond the merits of device visibility and access enforcement, modern NAC solutions are increasingly becoming a critical component of a multifaceted secure access program, both supporting a wide variety of important uses and adding value through key integrations with other security technologies,” said Peter Finalle, Senior Research Analyst for IDC’s security team.

“Pulse Secure is distinguished among Secure Access platform players as offering extensive hybrid NAC capabilities, device intelligence, scalability and key integrations while delivering user experience, endpoint security, and access management across NAC, VPN and SDP solutions.”

New features enhance endpoint compliance

Pulse Secure offers a portfolio of Secure Access solutions that provide exceptional usability and visibility

“The latest release of Pulse Secure NAC continues to advance our deployment, usability and threat response capabilities while delivering enterprise-class functionality,” said Ganesh Nakhawa, Director of Portfolio Solutions at Pulse Secure. “With our unique means to offer a unified endpoint compliance and protected connectivity capabilities across cellphone, network and cloud environments, organizations can mitigate endpoint and IoT security risks while ensuring productivity no matter where employees work.”

Pulse Secure offers a portfolio of Secure Access solutions that provide exceptional usability, visibility and Zero Trust policy orchestration to enable seamless, compliant user and device access to applications and resources across distributed network and cloud environments.

Security posture assessment

New PPS version 9.1R8 features and enhancements include:

  • Endpoint security compliance enhancements with leading endpoint detection and response (EDR) vendors including new McAfee ePolicy Orchestrator (ePO) integration. This allows organizations to assign role-based access based on device attribute details provided by McAfee ePO, automatically install McAfee ePO client if not detected, and limit or block connectivity based on threat alerts received from ePO, such as non-compliant or compromised devices.
  • Agentless device discovery and security posture assessment advancements, such as expanded passive device fingerprinting using TCP and SMB protocols, to enhance endpoint access control and reduce administrative classification tasks.
  • Greater device visibility and threat response for Industrial Control System (ICS) environments based on increased IoT/IIoT device classifications, and automated access control based on threat severity notifications from IT and OT security vendors such as Nozomi.
  • Management UI improvements that simplify and streamline administrative tasks such as new search and custom reporting options to expedite audits, investigations and operational insight.

Government contractor applications

Pulse Policy Secure has FIPS 140-2 Level 1 certification and is Common Criteria certified extensive deployment in government, military and government contractor applications. Used to satisfy NIST 800-53 controls and Comply-to-Connect requisites, the solution is certified on the U.S. DoD Unified Capabilities (UC) Approved Products List (APL) and for J Joint Warfighting IT Interoperability (JTIC).

NAC Upgrade Program - Organizations can take advantage of Pulse Secure’s Trade-in Program to replace current NAC solutions from companies such as Forescout, Cisco, Aruba, and Fortinet.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

How Have Security Solutions Failed Our Schools?
How Have Security Solutions Failed Our Schools?

School shootings are a high-profile reminder of the need for the highest levels of security at our schools and education facilities. Increasingly, a remedy to boost the security at schools is to use more technology. However, no technology is a panacea, and ongoing violence and other threats at our schools suggest some level of failure. We asked this week’s Expert Panel Roundtable: How have security solutions failed our schools and what is the solution?

Why Visualization Platforms Are Vital For An Effective Security Operation Center (SOC)
Why Visualization Platforms Are Vital For An Effective Security Operation Center (SOC)

Display solutions play a key role in SOCs in providing the screens needed for individuals and teams to visualize and share the multiple data sources needed in an SOC today. Security Operation Center (SOC) Every SOC has multiple sources and inputs, both physical and virtual, all of which provide numerous data points to operators, in order to provide the highest levels of physical and cyber security, including surveillance camera feeds, access control and alarm systems for physical security, as well as dashboards and web apps for cyber security applications. Today’s advancements in technology and computing power not only have increasingly made security systems much more scalable, by adding hundreds, if not thousands, of more data points to an SOC, but the rate at which the data comes in has significantly increased as well. Accurate monitoring and surveillance This has made monitoring and surveillance much more accurate and effective, but also more challenging for operators, as they can’t realistically monitor the hundreds, even thousands of cameras, dashboards, calls, etc. in a reactive manner. Lacking situational awareness is often one of the primary factors in poor decision making In order for operators in SOC’s to be able to mitigate incidents in a less reactive way and take meaningful action, streamlined actionable data is needed. This is what will ensure operators in SOC truly have situational awareness. Situational awareness is a key foundation of effective decision making. In its simplest form, ‘It is knowing what is going on’. Lacking situational awareness is often one of the primary factors in poor decision making and in accidents attributed to human error. Achieving ‘true’ situational awareness Situational awareness isn’t just what has already happened, but what is likely to happen next and to achieve ‘true’ situational awareness, a combination of actionable data and the ability to deliver that information or data to the right people, at the right time. This is where visualization platforms (known as visual networking platforms) that provide both the situational real estate, as well as support for computer vision and AI, can help SOCs achieve true situational awareness Role of computer vision and AI technologies Proactive situational awareness is when the data coming into the SOC is analyzed in real time and then, brought forward to operators who are decision makers and key stakeholders in near real time for actionable visualization. Computer vision is a field of Artificial Intelligence that trains computers to interpret and understand digital images and videos. It is a way to automate tasks that the human visual system can also carry out, the automatic extraction, analysis and understanding of useful information from a single image or a sequence of images. There are numerous potential value adds that computer vision can provide to operation centers of different kinds. Here are some examples: Face Recognition: Face detection algorithms can be applied to filter and identify an individual. Biometric Systems: AI can be applied to biometric descriptions such as fingerprint, iris, and face matching. Surveillance: Computer vision supports IoT cameras used to monitor activities and movements of just about any kind that might be related to security and safety, whether that's on the job safety or physical security. Smart Cities: AI and computer vision can be used to improve mobility through quantitative, objective and automated management of resource use (car parks, roads, public squares, etc.) based on the analysis of CCTV data. Event Recognition: Improve the visualization and the decision-making process of human operators or existing video surveillance solutions, by integrating real-time video data analysis algorithms to understand the content of the filmed scene and to extract the relevant information from it. Monitoring: Responding to specific tasks in terms of continuous monitoring and surveillance in many different application frameworks: improved management of logistics in storage warehouses, counting of people during event gatherings, monitoring of subway stations, coastal areas, etc. Computer Vision applications When considering a Computer Vision application, it’s important to ensure that the rest of the infrastructure in the Operation Center, for example the solution that drives the displays and video walls, will connect and work well with the computer vision application. The best way to do this of course is to use a software-driven approach to displaying information and data, rather than a traditional AV hardware approach, which may present incompatibilities. Software-defined and open technology solutions Software-defined and open technology solutions provide a wider support for any type of application the SOC may need Software-defined and open technology solutions provide a wider support for any type of application the SOC may need, including computer vision. In the modern world, with everything going digital, all security services and applications have become networked, and as such, they belong to IT. AV applications and services have increasingly become an integral part of an organization’s IT infrastructure. Software-defined approach to AV IT teams responsible for data protection are more in favor of a software-defined approach to AV that allow virtualised, open technologies as opposed to traditional hardware-based solutions. Software’s flexibility allows for more efficient refreshment cycles, expansions and upgrades. The rise of AV-over-IP technologies have enabled IT teams in SOC’s to effectively integrate AV solutions into their existing stack, greatly reducing overhead costs, when it comes to technology investments, staff training, maintenance, and even physical infrastructure. AV-over-IP software platforms Moreover, with AV-over-IP, software-defined AV platforms, IT teams can more easily integrate AI and Computer Vision applications within the SOC, and have better control of the data coming in, while achieving true situational awareness. Situational awareness is all about actionable data delivered to the right people, at the right time, in order to address security incidents and challenges. Situational awareness is all about actionable data delivered to the right people Often, the people who need to know about security risks or breaches are not physically present in the operation centers, so having the data and information locked up within the four walls of the SOC does not provide true situational awareness. hyper-scalable visual platforms Instead there is a need to be able to deliver the video stream, the dashboard of the data and information to any screen anywhere, at any time — including desktops, tablets phones — for the right people to see, whether that is an executive in a different office or working from home, or security guards walking the halls or streets. New technologies are continuing to extend the reach and the benefits of security operation centers. However, interoperability plays a key role in bringing together AI, machine learning and computer vision technologies, in order to ensure data is turned into actionable data, which is delivered to the right people to provide ‘true’ situational awareness. Software-defined, AV-over-IP platforms are the perfect medium to facilitate this for any organizations with physical and cyber security needs.

Securing Mobile Vehicles: The Cloud and Solving Transportation Industry Challenges
Securing Mobile Vehicles: The Cloud and Solving Transportation Industry Challenges

Securing Intelligent Transportation Systems (ITS) in the transportation industry is multi-faceted for a multitude of reasons. Pressures build for transit industry players to modernise their security systems, while also mitigating the vulnerabilities, risks, and growth-restrictions associated with proprietary as well as integrated solutions. There are the usual physical security obstacles when it comes to increasingly integrated solutions and retrofitting updated technologies into legacy systems. Starting with edge devices like cameras and intelligent sensors acquiring video, analytics and beyond, these edge devices are now found in almost all public transportation like buses, trains, subways, airplanes, cruise lines, and so much more. You can even find them in the world’s last manually operated cable car systems in San Francisco. The next layer to consider is the infrastructure and networks that support these edge devices and connect them to centralized monitoring stations or a VMS. Without this layer, all efforts at the edge or stations are in vain as you lose the connection between the two. And the final layer to consider when building a comprehensive transit solution is the software, recording devices, or viewing stations themselves that capture and report the video. The challenge of mobility However, the transportation industry in particular has a very unique challenge that many others do not – mobility. As other industries become more connected and integrated, they don’t usually have to consider going in and out or bouncing between networks as edge devices physically move. Obviously in the nature of transportation, this is key. Have you ever had a bad experience with your cellular, broadband or Wi-Fi at your home or office? You are not alone. The transportation industry in particular has a very unique challenge that many others do not – mobility Can you trust these same environments to record your surveillance video to the Cloud without losing any frames, non-stop 24 hours a day, 7 days a week, 365 days a year? To add to the complexity – how do you not only provide a reliable and secure solution when it’s mobile, traveling at varying speeds, and can be in/out of coverage using various wireless technologies? Waiting to upload video from a transport vehicle when it comes into port, the station, or any centralized location is a reactive approach that simply will not do any longer. Transit operations require a more proactive approach today and the ability to constantly know what is going on at any given time on their mobile vehicles, and escalate that information to headquarters, authorities, or law enforcement if needed; which can only occur with real-time monitoring. This is the ultimate question when it comes to collecting, analyzing, and sharing data from mobile vehicles – how to get the video from public transportation vehicles alike to headquarters in real time! Managing video data In order to answer this question, let’s get back to basics. The management and nature of video data differs greatly from conventional (IT) data. Not only is video conducted of large frames, but there are specific and important relationships among the frames and the timing between them. This relationship can easily get lost in translation if not handled properly. This is why it’s critical to consider the proper way to transmit large frames while under unstable or variable networks. The Internet and its protocols were designed more than two decades ago and purposed for conventional data. Although the Internet itself has not changed, today’s network environments run a lot faster, expand to further ranges, and support a variety of different types of data. Because the internet is more reliable and affordable than in the past some might think it can handle anything. However, it is good for data, but not for video. This combination makes it the perfect time to convert video recording to the Cloud! Video transmission protocol One of the main issues with today’s technology is the degradation of video quality when transmitting video over the Internet. ITS are in dire need for reliable transmission of real-time video recording. To address this need a radical, yet proven, video transmission protocol has recently been introduced to the market. It uses AI technology and to adapt to different environments in order to always deliver high quality, complete video frames. This protocol, when equipped with encryption and authentication, enables video to be transmitted reliably and securely over the Internet in a cloud environment. One of the main issues with today’s technology is the degradation of video quality when transmitting video over the Internet Finally, transportation industry has a video recording Cloud solution that is designed for (massive) video that can handle networks that might be experiencing high error rate. Such a protocol will not only answer the current challenges of the transportation industry, but also make the previously risky Cloud environment safe for even the most reserved environments and entities. With revolutionary transmission protocols, the time is now to consider adopting private Cloud for your transportation operations.