SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Pulse Secure launches new access management and threat mitigation features
Wed, 23rd Oct 2019
FYI, this story is more than a year old

Software-defined secure access solutions provider Pulse Secure announced that it has introduced new Secure Access management and threat mitigation capabilities within its Zero Trust Network Access platform.

Through these new features, Pulse Secure aims to enable enterprise and service provider organisations to progress Zero Trust security and mitigate hybrid IT risks while simplifying access to multi-cloud and data center resources.

“The advantages that vendors like Pulse Secure provide are unified visibility and control, broad endpoint and IoT security coverage, consistent policy enforcement and faster mean time to response to access issues,” says Enterprise Management Associates security and risk management research director Paula Musich.

"This results in an improved security posture and reduced attack surface."

Pulse Secure's Zero Trust Network Access platform allows organisations to centrally manage policy and automate secure access to applications, data and services that are delivered on-premise or in private and public cloud environments.

The company continues to incorporate open standards and proprietary means to extend platform interoperability and automation that provide customers greater operational oversight, policy management and threat response economies.

Management

Many enterprises supplement conventional desktop and mobile remote access to hybrid IT applications and resources utilising Virtual Desktop Infrastructure.

Having to manage multiple secure access mechanisms often introduces user experience issues, as well as provisioning delays.

Pulse Secure has enhanced its VDI integration with RDS (Remote Desktop Services) Broker to simplify user experience and management support for Citrix XenApp/XenDesktop, VMware Workspace ONE and Microsoft RDP.

Additional management features include:

  • Pulse VPN can now use DHCP-based networking configuration to automate endpoint access provisioning
     
  • OpenStack interoperability to streamline managing multiple virtual Pulse Secure appliances through popular IT orchestration tools
     
  • Easier, broader network switch support for Layer-2 enforcement utilizing a template-based CLI framework for Pulse NAC that negates the need for RADIUS
     
  • Building in Pulse Secure VPN and NAC attributes within Pulse vADC to facilitate policy-based load balancing to improve user experience and access resiliency
Threat Mitigation

Organisations are seeking means to improve the mobile workforce user experience while assuring data protection measures are always active and audit-ready in order to support numerous internal and regulatory compliance specification.

Pulse Secure has updated its Pulse VPN Lockdown mode feature that prevents users from modifying VPN Client settings or disconnecting from gateways.

Ensuring always-on and protected connections with rich user authentication and device security posture enforcement significantly reduces endpoint and access security threats.

Additional threat mitigation enhancements include:

  • Bi-directional integration with IBM QRadar and Splunk SIEMs allowing Pulse NAC to receive SIEM alerts and take network threat response actions
     
  • Identity-based integration between Pulse NAC and the Fortigate Next Gen firewall (NGFW) using RADIUS Accounting allowing Pulse to send identity context to the NGFW for role-based access enforcement to corporate resources
     
  • Pulse NAC can provision users' authentication details and resource/IoT access enforcement policies to specific Palo Alto Network's NGFW virtual instances (VSYS)
     
  • User Entity Behaviour Analytics (UEBA) enhancements to further extend adaptive access control based on anomalous and malicious user or device activity