Vikram Navali

-March 5, 2018

Network Visibility with Context

It is not just about seeing and controlling what is connected to your network. It is also about how quickly we are identifying and categorizing endpoints to mitigate the risks. It starts with the visibility of every endpoint connected to the corporate network.

We are no longer talking about just the desktops or smart phones and what operating systems they are running. With advancements in the Mobile market, we have to get the identity of each and every IP-enabled IoT endpoint like IP cameras, printers, bar code readers, sensors and all other things connected locally or remotely to the network.

How do we get classification of all these things connecting to a corporate network?

One solution is to deploy Pulse Policy Secure’s Profiler which provides contextual details of every endpoint’s identity to get visibility into the network devices including both managed and unmanaged endpoints. Profiler also helps the administrators in identifying and classifying by MAC address, IP address, location and type / function. All this can be accomplished by using various collecting techniques such as passive and active discovery methods.

How do we apply and enforce security policies?

Among the many differentiators in our Secure Access solution, integration between Pulse Secure’s core products Pulse Connect Secure and Pulse Policy Secure, enables administrators to not only have visibility but also provides seamless access from all connecting devices to the corporate network.

With standalone Profiler functionality, the administrator enables PPS or PCS to send endpoint contextual information to standalone Pulse Profiler for visibility. Standalone Profiler can be deployed in a PPS Active/Active cluster or Active/Passive cluster or unclustered appliances behind a load balancer environment. Each node in a cluster is configured to fetch profiler data needed from the standalone Profiler and applies consistent role mapping based on the device profiles and defines security policies and enforcement across local and remote endpoints, automatically remediating to mitigate risks.

With increasing use of smartphones and rapidly adopting mobile technologies, Profiler also enables administrators to profile mobile devices by contacting MDM servers and collecting device attributes. This supports integration with Pulse Workspace and third-party MDM servers like AirWatch, MobileIron, and Microsoft Intune.

Device Sponsoring via Profiling allows admins to approve/deny devices connecting to the network based on a specific category. Pulse Secure Profiler optionally notifies admins of new devices needing approval via email. Once approved, devices are placed in the correct role depending on the configured role-mapping rules.

For more information, visit https://www.pulsesecure.net/policy-secure/

 

Categories