Hemanth Kumar K

-July 26, 2019

Enable Zero Trust with Secure Access Policies

Digital adoption and other technological innovations in the last decade have resulted in enterprise data being spread across completely disparate networks. And with this, the proliferation of mobile devices, the influx of IoT, BYOD adoption, cloud migration, and the consumerization of IT, have transformed the security landscape. This has increased the attack surface and introduced new threat factors leading to massive data breaches. To mitigate the risks, companies are now adopting Zero Trust access models, incorporating a verify before trust strategy. One of the major challenges for CISOs and security advisors is to find a Zero Trust security vendor who provides a reliable and consistent access mechanism, whether resources are hosted in the cloud or on-premise. CISOs are also looking for solutions that enable flexibility to users while providing a secure connection from anywhere and any device.

Let’s first look at the policy and access requirements of various organizations adopting Zero Trust.

SMBs and SMEs are fast to adopt latest technologies. They need all-in-one solutions and would prefer solutions with simplified admin experience. Large enterprises face other challenges, where different functional units require access to specific resources. The challenge here is to have unified access policies and ensure that everybody is within the purview of Enterprise Security Policy. Requirements become even more stringent with security conscious business verticals like financial institutions, banking, healthcare, and government agencies. They require Always-On connectivity, continuous posture assessments, and compliance to various data regulatory organizations.

Various aspects of Pulse Secure’s Secure Access Policies that makes it the de facto choice for enterprises and businesses are:

A robust policy engine for hybrid IT: Pulse Secure’s robust policy engine, has been solving all types of enterprise access and security challenges for the past 15+ years. Its role based access mechanism defines differentiated access privileges and allows granular resource access policies.

Conditional access policies: With the support of conditional access policies, Pulse Secure is adding additional elements to its policy engine to support Hybrid IT deployments with simplified and better configuration controls.

Application and location awareness: Policies allow On-Demand connectivity making it a seamless access experience for end-users with simple on-boarding and end-user self-provisioning enables connectivity from multiple devices.

Stateful posture assessments: Posture assessments continuously monitor endpoints throughout the session lifetime and instant remediation policies ensure your network is secure from any breaches.

The Pulse Secure platform is a tried and tested solution by over 25,000 customers from different verticals. Having integrations with various authentication engines like AD, LDAP, RADIUS, SAML etc along with leading IdP and MDM vendors offers a broad set of policy attributes and caters to a wide spectrum of access methodologies.

The crux of this policy framework is the ability to effectively integrate various access requirements like location awareness, Always-On, On-Demand connectivity, with security controls like posture assessments, multi-factor authentication, behavioral analytics etc.

It provides just the right blend of client and server-side enforcement mechanisms to allow data access only to compliant devices and gives enough flexibility in architecting an enterprise’s security solutions.

Centralized policy management

Pulse Secure provides a single pane view of all the appliances with centrally managed access polices. It assists administrators to replicate configurations and policies to all the appliances in one go. Client-side connection policies in endpoints are updated dynamically with configuration changes in server, thus making your deployment adaptive to changes. It facilitates better Incident response, as the updated policy definitions gets disseminated instantly to all the endpoints and prevents your outdated systems that are prone to attacks from gaining access to networks housing critical data. This reduces the attack surface, becoming the ultimate safeguard of your network.

Pulse SDP

Though Pulse products have supported Zero Trust principles since inception, inclusion of Software Defined Perimeter architecture into Pulse products makes it more explicit and strengthens its position as the only security vendor supporting dual-mode VPN and SDP deployments. Pulse SDP compliments the existing offerings and adds additional policies and capabilities while making resources invisible until users gain authorized access.

Pulse Secure provides unified access policies to enable Zero Trust for Hybrid IT with simplified and consistent access behavior across all platforms and unparalleled posture assessments.