Pulse Secure announced new features to its Network Access Control (NAC) solution, Pulse Policy Secure (PPS), that enhance endpoint and IoT device visibility, compliance, remediation, and threat response as organisations embrace expanded remote work flexibility with employees and their devices returning to a hybrid workplace. Available separately or as part of Pulse Access Suite Plus, Pulse Policy Secure (PPS) is an enterprise-class NAC solution that is easy to deploy, manage and scale.
The update release includes over 30 new features and enhancements such as support for additional endpoint detection and response (EDR) and IoT / OT vendors including McAfee and Nozomi. With businesses slowly opening up more modified and social-distanced work settings and accelerating multi-cloud and hybrid IT resource use, organisations are experiencing increased attack vectors and exploits stemming from endpoint and IoT device exposures.
Hybrid work environment
What’s required to ensure user productivity and information security in today’s hybrid work environment is greater managed and unmanaged device oversight, expanded endpoint compliance and remediation capability, and means to unify remote and on-premise access control.
In the “2020 Endpoint and IoT Zero Trust Security” Report, Cybersecurity Insider’s noted the following survey results:
- 66% saw an “increase to significant increase” in endpoint and IoT security incidents impact over the last 12 months, with the top 3 being malware, insecure network and remote access, and compromised credentials / weak authentication.
- 50% anticipate “high to likely” that their organisation will become compromised due to an endpoint or IoT originated attack in the next 12 months.
- 48% have “moderate to unlikely means” to discover, identify and respond to unknown, unmanaged, or insecure devices accessing network and cloud resources.
Threat response capabilities
Pulse Secure ranked among the top 3 hybrid NAC vendors by global market share
Modern Network Access Control solutions provide the agent and agentless visibility, contextual access policy control and integrated threat response capabilities necessary to prevent endpoint exposures that yield identity theft, malware and network compromise. Regulated industries, such as financial services and healthcare, need to be especially diligent in enforcing endpoint compliance and segregating IoT access.
According to a recent market report by IDC, NAC is a mainstream market forecasted to grow 10.7%, reaching $1.9B by 2024. NAC has evolved from an admission control tool to enable real-time, on-premises endpoint, mobile and IoT device discovery, assessment, enforcement and remediation capabilities. In this report, Pulse Secure ranked among the top 3 hybrid NAC vendors by global market share - offering 802.1X, non-802.1X agent-based agentless functions.
High performance appliance
The report’s “Who Shaped the Year” section highlights Pulse Secure’s capabilities: Pulse Policy Secure (NAC) offers the complete range of capabilities, including 802.1X and non-802.1X, agent and agentless Client, and network profiling with UEBA, which gives enterprises flexibility to deploy across a gamut of hybrid IT environments.
This makes Pulse Secure's NAC ideal to support a wide range of use cases, such as: visibility only, full-featured 802.1X, agent-based BYOD (they offer a mobile VPN and MDM), as well as agentless guest, IoT and IT/OT security. Having a built-in RADIUS server, high performance appliance (up to 50,000 concurrent sessions), centralised management (up to 400 appliances), and ecosystem integrations also provides benefits to NAC scalability and interoperability.
Secure access technologies
Modern NAC solutions are increasingly becoming a critical component of a multifaceted secure access programme"
As a Secure Access platform play, competing with Cisco, Fortinet and HP, Pulse Secure provides a portfolio of solutions available separately or as an integrated suite for hybrid IT. Pulse Secure offers all three primary secure access technologies recognised by IDC: VPN, NAC, and SDP. With unified Client, appliance, management and rules engine, this cross functionality allows corporate policy to be set across any combination of solutions.
As the pandemic forces adopting organisations to prioritise securing the growing remote workforce, Pulse Secure is able to provide a comprehensive solution-set which does not requiring sacrificing the continuing need for on-premise security.
Secure access programme
“Beyond the merits of device visibility and access enforcement, modern NAC solutions are increasingly becoming a critical component of a multifaceted secure access programme, both supporting a wide variety of important uses and adding value through key integrations with other security technologies,” said Peter Finalle, Senior Research Analyst for IDC’s security team.
“Pulse Secure is distinguished among Secure Access platform players as offering extensive hybrid NAC capabilities, device intelligence, scalability and key integrations while delivering user experience, endpoint security, and access management across NAC, VPN and SDP solutions.”
New features enhance endpoint compliance
Pulse Secure offers a portfolio of Secure Access solutions that provide exceptional usability and visibility
“The latest release of Pulse Secure NAC continues to advance our deployment, usability and threat response capabilities while delivering enterprise-class functionality,” said Ganesh Nakhawa, Director of Portfolio Solutions at Pulse Secure. “With our unique means to offer a unified endpoint compliance and protected connectivity capabilities across mobile, network and cloud environments, organisations can mitigate endpoint and IoT security risks while ensuring productivity no matter where employees work.”
Pulse Secure offers a portfolio of Secure Access solutions that provide exceptional usability, visibility and Zero Trust policy orchestration to enable seamless, compliant user and device access to applications and resources across distributed network and cloud environments.
Security posture assessment
New PPS version 9.1R8 features and enhancements include:
- Endpoint security compliance enhancements with leading endpoint detection and response (EDR) vendors including new McAfee ePolicy Orchestrator (ePO) integration. This allows organisations to assign role-based access based on device attribute details provided by McAfee ePO, automatically install McAfee ePO client if not detected, and limit or block connectivity based on threat alerts received from ePO, such as non-compliant or compromised devices.
- Agentless device discovery and security posture assessment advancements, such as expanded passive device fingerprinting using TCP and SMB protocols, to enhance endpoint access control and reduce administrative classification tasks.
- Greater device visibility and threat response for Industrial Control System (ICS) environments based on increased IoT/IIoT device classifications, and automated access control based on threat severity notifications from IT and OT security vendors such as Nozomi.
- Management UI improvements that simplify and streamline administrative tasks such as new search and custom reporting options to expedite audits, investigations and operational insight.
Government contractor applications
Pulse Policy Secure has FIPS 140-2 Level 1 certification and is Common Criteria certified extensive deployment in government, military and government contractor applications. Used to satisfy NIST 800-53 controls and Comply-to-Connect requisites, the solution is certified on the U.S. DoD Unified Capabilities (UC) Approved Products List (APL) and for J Joint Warfighting IT Interoperability (JTIC).
NAC Upgrade Program - Organisations can take advantage of Pulse Secure’s Trade-in Program to replace current NAC solutions from companies such as Forescout, Cisco, Aruba, and Fortinet.