Videos

Demo: Guest Access

Presenters:
Vikram Navali Pulse Secure
Read Transcript

Vikram Navali:
Hi, this is Vikram Navali from technical marketing team at Pulse Secure. Pulse Secure is a leader in offering network access control solutions using Pulse Policy Secure. In this video, we will see how Policy Secure provides guest access solutions in a financial environment to their employees. Guests or employees visiting the bank connecting to the corporate network, using laptops or smart phones whether wired switch or wifi connections, get authenticated and authorized by Policy Secure based on the policy set by the IT team. Once approved, they will be granted access to the protected resources behind the firewall or internet.

Vikram Navali:
Bob is an employee visiting the bank, and connecting his laptop to the wired switch. He gets authenticated by Policy Secure, but does not comply with the policy set by the IT team. Hence, Bob's laptop is isolated from the network and denied access to the internet services.

Vikram Navali:
Let us look at the administrator configurations and settings. The first step is to add authentication server. PPS supports different types of authentication servers, including Active Directory, RADIUS server, and so on. If you look at Employee_Auth, Bob and myguest users are added.

Vikram Navali:
Next step is to add user roles. These settings allow administrators to customize user access restrictions and apply Host Checker compliance policy from here.

Vikram Navali:
Next step is to create User Realms, add authentication server, and grouping of role mapping, and then assign roles created in the previous step. For example, as shown here.

Vikram Navali:
Next step is to create sign-in policies. URLs added here redirect to the PPS sign-in page. Administrators can select either default or custom sign-in pages and can be added along with realms and protocols set to the sign-in policy.

Vikram Navali:
Next step is to apply Host Checker policy, anti-virus and Notepad process rules added. For anti-virus rule, administrators are allowed to select specific vendor from the supported list. In this case, Avira Professional Security has been selected. We also have one more policy configured here, which is verifying the Notepad process from the supported rule type to verify and comply the user end point.

Vikram Navali:
This is all about administrator experience point of view. Let's have a look at the client experience. Bob brings his laptop and connects to the corporate wide network, opens a browser to access pulsesecure.net. Browser redirects to Pulse Policy Secure login. Bob logs in and is successfully authenticated. His web traffic is redirected to pulsesecure.net.

Vikram Navali:
Bob also verifies reachability to google.com by opening a ping to google.com. This is the reachable, and opens notepad on his laptop. Pulse Policy Secure validates security posture. In this case, Host Checker compliance has failed, and as you notice, Bob's access to Google will be disconnected. As you see, he will get a request timed out. By closing Notepad, Host Checker compliance check will pass, and ping will work again.

Vikram Navali:
Similarly, by disabling anti-virus on Bob's laptop, Host Checker compliance will fail again, and he will be restricted to access to the internet.