Pulse Policy Secure

Next-Gen NAC for Zero Trust Networks

NAC Uncomplicated

Pulse Policy Secure (PPS) is a next-gen NAC that enables organizations to gain complete visibility, understand their security posture, and enforce roles-based access and endpoint security policy for network user, guest and IoT devices. Leveraging core network, mobile and security infrastructure integrations, Pulse NAC solution can streamline endpoint compliance and remediation, BYOD onboarding and IoT security, as well as automate threat response to mitigate malware, rogue device, unauthorized access and data leakage risks.

Pulse Policy Secure is a full featured NAC that has been designed for easy deployment, convenient scalability and rapid time-to-value. Through configuration and policy creation wizards, PPS empowers administrators to simply define, implement and enforce policy with the flexibility to enable endpoint discovery, monitoring or alerting or invoke strong enforcement. Organizations gain Zero Trust access capabilities using contextual data such as user, role, device, security posture, location and behavior. Enterprises can expand coverage employing PPS extensive management, robust interoperability, high-performance appliance capabilities.

Read the Datasheet

All details about the Pulse Policy Secure solution in the datasheet. How it
works, how it integrates into your
network and how its unique features
help your organization provide secure
network access.

Check your IoT security

Read how IoT can turn from a business enabler to prime cyber risk. This checklist provides some simple, yet effective
steps for device discovery, management, and access control that organizations
should adopt.

Secure IIoT solutions

As organizations embrace the merge of IIoT and IT, security professionals are tasked to safely guide this connectivity expansion. Pulse Policy Secure and Nozomi Networks are here to help.

Problem Icon White

You Can't Defend What You Can't See

Only 10% of organizations understand what devices are connected to their network. Even then, upwards of 30% of devices are unmanaged or unknown. Visibility gaps open the enterprise to malware, attacks and data leakage exposure

Visibility
Real-time profiling of managed, unmanaged and unauthorized network devices provides comprehensive intelligence on BYOD, IoT and at-risk endpoints. Know who or what is on your network and understand your security posture.

Enforcement
Enforce corporate, personal and IoT device access policy leveraging a high performance, granular, roles-based rules engine.  Grant, deny, or limit network access, or trigger guest management, endpoint remediation or network segmentation actions.

Integration and Automation
Enhance security context and expedite threat response by enabling security ecosystem to take advantage of NAC intelligence and access enforcement. Integrates with popular network and security infrastructure.

Solution Icon White

Workforce mobility, BYOD, IoT and cloud computing have increased cyberthreats, causing organizations to fortify endpoint security strategy.

Visibility of managed and unmanaged devices, endpoint compliance enforcement, and automated remediation and network segregation are integral to reducing and containing security incidents.

Endpoint Intelligence
Dynamically discover, classify and profile endpoint, personal and IoT devices, delivering user, device, location and security posture visibility and reporting.

Endpoint Insight
Actively scan for active antivirus, anti-malware, personal firewalls and other required security and management applications, and conducts fingerprinting to track device profile changes - enabling active access enforcement while supporting inventory true-ups and diagnostics.

Endpoint Security
Enforce device and configuration compliance before and during access to the network to mitigate unsanctioned, exposed and malicious devices from accessing the network. Policy-based enforcement provides automated and self-remediation, BYOD and IOT provisioning, and dynamic network segmentation.

Feature Highlights

Network Visibility

Network Visibility

Automatically detect, classify, profile and monitor managed, IoT and rogue network devices and their security state.

BYOD Onboarding

BYOD Onboarding

Enable personal device use and extend NAC policy enforcement with popular EMM solutions.

Guest Access

Guest Access

Automate guest access provisioning, segmentation including time-limited access and guest sponsorship.

Contextual Access Control

Contextual Access Control

Granular access policy for wired, wireless connections, personal and corporate devices and remote and local users.

Compliance Auto-check

Compliance Auto-check

Ensure that the connecting device complies with your security requirements.

IoT Security

IoT Security

Identify, monitor, segregate and control access to IoT devices.

Centralized Command

Centralized Command

See and centrally control multiple NAC systems and policies from a single management console.

Patch Assessment

Patch Assessment

Minimizes malware risk and downtime through automatic remediation of patches for endpoint device.

Clientless Operation

Clientless Operation

Detect, profile and automate access control without an agent.

Wizards and Templates

Wizards and Templates

Built-in expert guides take the complexity of setting up a NAC Solution.

Rapid Deployment

Rapid Deployment

Expedite implementation leveraging Pulse VPN Client and access policies.

Interoperable

Interoperable

Works with your existing wired, wireless, NGFW, SIEM and EMM infrastructure to automate threat response.

  • Overview

  • Key Features

  • Customer Stories

  • Technical Specs

  • Benefits

Architecture_diagram02

NAC Architecture

Real-time network visibility and enforcement to enable Zero Trust access.

  • Pulse Secure Profiler: Dynamically identify and classify managed and endpoint and IoT devices.
  • Pulse Policy Secure (NAC): Enable guest, BYOD and IoT access provisioning, enforce endpoint compliance, and automate threat response.
  • Pulse Client: Real-time device OS, application, configuration and security posture checking for policy-based access control and remediation. The Client supports agent and agentless operation and supports Pulse NAC and VPN solutions.

Simple. Intuitive. Useful.

NAC Capabilities for Zero Trust Networks

  • Onboard RADIUS/802.1x support: High-performance RADIUS system provides authentication of devices and users attempting to connect to wired and wireless LANs so that only authorized connections are allowed.
  • Session Federation: Federation of user sessions between Pulse Connect Secure and the Pulse Policy Secure enables seamless provisioning of remote access user sessions into LAN access user sessions upon login, or alternatively LAN access user sessions into remote access user sessions at login.
  • UEBA Analytics: Correlation of user access, device data, and system logs in a new analytics engine
  • On-box Pulse Secure Profiler: Collect endpoint device profiling information and maintain dynamic, contextual inventory of networked devices including loT devices
  • Automated patch assessment checks and remediation: Can tie access directly to the presence or absence of specific hot fixes for defined operating systems and applications, and performs role-based, predefined patch management checks according to the severity level of vulnerabilities.
  • Identity-based admission control: Combines identity-aware capabilities of Pulse Policy Secure with the robust networking and security services of Fortinet, Palo Alto Networks, Checkpoint, and Juniper SRX Series Firewalls, enabling each to be employed as policy enforcement points.
  • Automated Threat Response: Leverages next-generation firewall’s intelligence driven threat detection to take automated actions by Pulse Policy Secure at the device and user level. PPS policy engine and rich contextual information allows it to take different actions based on threat severity and mitigate security risk further.
  • Captive portal: Provides network access control for guests and contractors
  • Self-service Guest access support: Enhances and simplifies an organization’s ability to provide secure, differentiated guest user access to its network and resources.
  • Wizard-based configuration: Aides administrators in navigating and familiarizing themselves with configuration tasks in Pulse Policy Secure admin UI.
  • Granular auditing and logging: Provide auditing and logging capabilities delivered in a clear, easy to understand format.
  • Centralized policy management: Saves administrative time and cost and a superior user experience by delivering common remote and local access control policy implementation and enforcement across a distributed enterprise.

Fortune 100 Global Professional Services Company

Aligned access security infrastructure with their service-based business, delivered best possible user experience to their global workforce, simplified by standardizing on ‘Lego-block’ solutions and their cloud-first approach.

Fortune 500 Bank

Addressed PCI-DSS requirements, satisfied 802.1x enforcement requirement, leveraged existing infrastructure to deliver contextual security data that decreased security alerts and improved incident-response times


A Canadian Power Company

Protect & secure power delivery to 58,000+ Ontario customers, flexible but active access control to applications & resources, NAC solution that works with existing infrastructure

SPEC DESCRIPTION
Integrated Profiler Endpoint visibility into on-premise and remote connection via PCS. Collect endpoint device profiling information and maintain dynamic, contextual inventory of networked devices
Role-Based Application Enforcement Enables access control and security policies to be applied to applications and users
Wizard Based Configuration Aids administrators to navigate themselves with configuration tasks from the PPS admin user-interface
Session Federation Enables location awareness and session migration capabilities in Pulse Secure Solution
Identity-enabled firewall support Integrates identity-aware capabilities of Pulse Policy Secure with next-generation firewalls Checkpoint, Palo Alto Networks, Fortinet, and Juniper SRX
Mobile Device Management Integration Reduces complexity and increases policy intelligence to simplify and secure BYOD efforts for both IT and end-users
Support for RADIUS and TACACS+ Network device administration for central management and secure network devices.
Guest Access Support Simplifies ability to provide secure guest user access to its network resources
Centralized Policy Management Central management server where policy, monitoring, and reporting are administered
Auditing and Logging Auditing and Logging Addresses regulatory compliance and audit demands through logging of user activity
UEBA Analytics Correlation of user access, device data, and system logs and normalization of device behavior

Benefits of NAC

Know the who, what and where about devices are on your network and be empowered to take action.

Gain real-time visibility, understand your security posture and mitigate endpoint security, unauthorized access and data leakage risks.

  • Zero Trust Networking: Authorize user and device connectivity by enforcing authentication and control before and during network access
  • Guest Management: Give site visitors and service technicians limited network access without impact on IT
  • BYOD: Enable personal device use
  • Visibility: Real-time discovery, profiling and monitoring of network devices
  • Inventory: Classify, inspect and capture network device and configuration
  • IoT Security: Provision, sanction, segregate and monitor IoT devices
  • Fast Onboarding: Automate device provisioning without IT intervention
  • Compliance: Monitor and enforce endpoint security policies before network access
  • Analytics: Correlation of user, device, and log data to detect IoT anomalies
  • Remediation: Identify endpoint management and security enable automated or self-serve remediation
  • Expedited Threat Response: leverage network and security infrastructure to share NAC intelligence or trigger network enforcement
  • Analytics: Correlate user, device, and log data to understand security posture and detect anomalies
  • Auditing: Report and log user, device and access activity and incidents

What Our Customers Say

icon
icon

“With growing attacks, BYOD and data privacy issues, enterprises must get a handle on users, endpoints and IoT devices accessing their network resources. Pulse Secure is distinguished by offering the benefits of both pure-play and infrastructure NAC providers. Unlike infrastructure NAC, Pulse Secure is integrated and works with popular switches, wireless, and security infrastructure to facilitate deployment and threat response. Unlike pure-play NAC offerings, Pulse Secure offers VPN and NAC solutions that amalgamate mobile, cloud and network oversight. The combination delivers enterprise value for user, endpoint and IoT visibility, as well as threat response.”

Tony Massimini, Senior Industry Analyst, Frost & Sullivan

"Entegrus has a long-standing relationship with Pulse Secure. The level of integration between the SSL and NAC and the extended feature set made it a straightforward choice for us."

Dave Cullen, Manager of Information Systems for Entegrus