June 03, 2020
Pulse Secure Achieves Common Criteria Certification for Virtual Private Network and Network Access Control Solutions
New NIAP Common Criteria certifications for Pulse Secure increase cyber security assurance for remote, cloud and on-premises user, endpoint and IoT visibility, compliant access and Zero Trust control
SAN JOSE, Calif. – June 3, 2020 – Pulse Secure, the leading provider of software-defined Secure Access solutions, today announced achieving Common Criteria certification for both its virtual private network (VPN) and network access control (NAC) solutions under NIAP’s most current collaborative Protection Profile for Network Devices (NDcPP). Pulse Secure’s certified solutions increases cyber security assurance for remote, cloud and on-premises access productivity, visibility and compliance for government agencies, government contractors, as well as private-sector enterprises.
Common Criteria certification is governed by ISO/IEC standards bodies and maintained by the National Information Assurance Partnership (NIAP) according to internationally recognized security testing standards. Common Criteria certification listing for Pulse Connect Secure v9.1 (VPN) and Pulse Policy Secure vv9.1 (NAC) can be found respectively at https://www.niap-ccevs.org/Product/Compliant.cfm?PID=11021 and https://www.niap-ccevs.org/Product/Compliant.cfm?PID=11020. The solutions were awarded certification against the most current NIAP-approved protection profile encompassing security requirements, an evaluation and validation scheme, and rigorous test activities carried out by UL Verification Services Inc. Prior versions of both solutions had achieved Common Criteria certification.
Pulse Secure has been extensively deployed in Federal, military and supporting contractor applications to support: Comply to Connect standards, Command Cyber Readiness Inspections (CCRI), 802.1X port-control and DISA STIGs, NIST’s Risk Management Framework (RMF), Host-based Security System (HBSS) and DFAR 252.204-7012 assurance, and Internet of Things (IoT) security initiatives. In addition, the solutions have also attained FIPS 140-2 Level 1 certification, and are certified on the U.S. DoD Unified Capabilities (UC) Approved Products List (APL) and for JTIC joint warfighting IT interoperability.
“Government IT organizations are always on the defensive, but like commercial entities, they must also assure increased requirements for availability, responsiveness and compliance. This is especially true for users and devices requesting access to and operating on federal and military networks,” said Alex Thurber, chief revenue officer at Pulse Secure. “Pulse Secure is uniquely positioned to give Federal CIOs the means to advance network and cloud access, situational intelligence, and endpoint protection in a timely and cost-effective way that supports compliance mandates. Our recent Common Criteria certifications serves to further validate the design and effectiveness of our Secure Access platform.”
For over a dozen years, Pulse Secure has helped government agencies address secure access challenges for hybrid IT – efficiently, seamlessly and cost-effectively. By implementing Pulse Secure, Federal defense, intelligence and civilian agencies can:
- Assure user experience and protected connectivity with always-on and on-demand VPN, as well as simultaneous and split tunneling
- Satisfy NIST 800-53 controls and specifications regarding 802.1x, Layer 2 Switch STIG, WLAN Authentication Server Security STIG, and Comply-to-Connect requisites
- Centrally manage an easy-to-use VPN and NAC/802.1x solution for wired, wireless and remote connections with flexibility for physical, virtual and cloud deployment
- Gain extensive user insight and unified access control for remote and internal endpoints, whether managed, uncatalogued, unsanctioned or unknown
- Automate endpoint and access situational awareness and security response through end-to-end visibility, policy-based controls, and infrastructure interoperability
- Validate device compliance with continuous remote, pre-network connection and post-connection host checking to efficiently find, assess and mitigate exposures
- Preserve remote and onsite user experience with context-aware identity authentication supporting a range of smartcards, certificate handling and single sign-on (SSO)
- Leverage build-in User Entity Behavior and Analytics (UEBA) anomaly detection and response
- Integrate Pulse Secure via open standards that negates single vendor lock
Pulse Secure’s VPN and NAC solutions can be procured separately or as part of its Pulse Access Suite Plus solution set that provides adaptive identity and device authentication, protected connectivity, extensive visibility and analytics, and threat response across mobile, network and multi-cloud environments. By consolidating disparate security access tools into an integrated platform, government agencies gain easy access for users and a single-pane-of-glass to streamline provisioning, management and scalability. Organizations can centrally orchestrate Zero Trust policy to ensure compliant access to applications, resources and services across distributed network, private cloud and public cloud environments.
“The federal government continues progress cybersecurity and data protection capabilities with mandates to be more proactive, vigilant and agile. Beyond broader mobility, IoT and cloud initiatives, recent work from home and increased remote access capacity have expanded threat vectors and attack surfaces – placing greater requirements to modernize disjointed, legacy VPN and NAC solutions,” said Jerahd Hollis, chief technology officer at immixGroup. “Pulse Secure’s integrated, interoperable and scalable approach to remote and on-premise access control address these challenges and allows agencies to deliver easier accessibility with necessary operational insight, controls and efficiency to satisfy NIST guidelines and achieve Zero Trust readiness.”
For more information on Pulse Secure Access Suite Plus, visit https://www.pulsesecure.net/products/pulse-access-suite-plus/. Pulse Secure solutions are available on Azure, Google AWS and AWS Gov Cloud.
TWEET THIS: Pulse Secure achieves Common Criteria certification for both its VPN and NAC solutions to advance Comply to Connect initiatives for hybrid IT with Zero Trust control #PulseSecure #CommonCriteria #Government #SecureAccess #ZeroTrust #Security
About Pulse Secure
Pulse Secure provides easy, comprehensive software-driven Secure Access solutions for people, devices, things and services that improve visibility, protection and productivity for our customers. Our suites uniquely integrate cloud, mobile, application and network access to enable hybrid IT in a Zero Trust world. Over 24,000 enterprises and service providers across every vertical entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring business compliance. Learn more at www.pulsesecure.net