Orchestrating Secure Access to Your Critical Applications…Where Ever They May Reside
In February, we hosted over 150 guests at our Partner Sales Events in Tokyo and Singapore, and we took the opportunity to meet with some of our strategic customers in the region. The events coincided with the launch of our SDP solution suite, which was demonstrated at the RSA event a couple of weeks later in San Francisco.
One of our customers, a mobile application provider, wanted to know more about the Zero Trust framework, our SDP solution, and how they can integrate with their existing deployment of Pulse Secure vADC, which manages customer access to their secure mobile platform. They had initially looked at using technologies such as SDN and microsegmentation using firewalls, but they needed to find a way forward which allowed them to move towards a more scalable Zero Trust architecture, while leveraging their existing investments in Secure Access tools.
One of the key principles of Zero Trust is to apply security policies across the network, and especially close to critical data and applications - and Pulse SDP is the ideal solution to provide centralized application security policies and enforcement along with service protection, then connecting authenticated users to the closest gateway to the application itself. Pulse vADC can then ensure application availability and integrity, apply custom policies to query user and device attributes in real time against all transactions, decrypting and inspecting requests and validating application responses to help protect against data leakage.
In order to help them with their end-to-end Secure Access strategy, I took them back to think about how their users connect to applications, and about the online experience their users are expecting:
- Their users are authenticated using their existing SSO/MFA tools - however, we need to think of those users accessing applications via a range of devices - desktop, mobile, even IoT or home network devices which may act as a proxy for them. Each of those devices needs to be validated, with compliance checks and profiling.
- These devices register and connect through networks or clouds to reach a range of target applications, which may be in a data center, a cloud platform, or even a third-party application provider.
- We need to mediate each of those connection requests to determine whether the user or device is authorized to access each application - and in an extreme case, whether the application is even visible or discoverable by unauthorized users.
- Finally, some of the applications may be legacy applications which cannot be changed, or innovative custom applications built on a microservices architecture to adapt to rapidly-changing requirements.
You can see that each of these elements represents a different type of perimeter - and that the idea of “perimeter” has become more fluid and less well-defined as we move to hybrid IT architectures. So we need to create security policies that can be expressed at the top level in different ways. Pulse Secure Access solutions allow us to apply software-defined policies for users, devices, networks and applications.
Moving forward, it is essential to orchestrate all these elements together, leveraging your existing investments, to give an integrated end-to-end secure access architecture with Pulse SDP solutions.
So our customers are able to push forward on their digital transformation journey, with secure access to distributed applications. Whether their applications are hosted in a data center, cloud or as SaaS platforms, they need fast, secure access through a single, unified platform. Pulse Secure delivers the solutions needed to accelerate our customers’ digital transformation.