New features include the improvement of Pulse Profiler, the addition of MacOS device support and improved vulnerability assessment capabilities, but from a channel point of view, the most important thing like is likely the deepening of integrations with the major firewall vendors.
Pulse Secure has announced the release of Pulse Policy Secure 9.0, the latest version of their Network Access Control [NAC] solution. It adds several dozen new features and enhancements to improve visibility, usability, endpoint and IoT security, and threat response capabilities. It also deepens integrations with the major firewall vendors.
“The major goal of this release is really about making it easier for IT to implement a ‘comply to connect’ strategy, to improve interoperability,” said Dan Dearing, senior director, product marketing, Pulse Secure. “How can we better supply information to the enforcement points and automate distribution of that data from a policy standpoint. This is something that that it did it before, but we have enhanced it across a wider variety of enforcement points, which makes it much more robust. Customers typically are on this treadmill of keeping things working better together, and these enhancements provide them with the ability to get more out of what they have, and make their enforcement capabilities more intelligent.”
Pulse Policy Secure is a complementary NAC solution to the flagship Pulse Connect Secure offering.
“In the past, many thought of this solution as the access provider for remote, but it also gives the customer an easy way to implement a NAC strategy,” Dearing said. “This becomes the policy engine for switches, routers and firewalls. Many enterprise customers who buy Pulse Connect Secure also buy Pulse Policy Secure, but they are two separate solutions because not every customer needs NAC capability.”
Significant enhancements have been made to Pulse Profiler, which is embedded within the NAC and which automatically identifies both managed and unmanaged devices that connect to the network and dynamically monitors for device profile and security state changes.
“We have significantly enhanced the fingerprint database for Profiler,” Dearing said. IoT device discovery, classification and management capabilities are all improved.
“We have also extended endpoint discovery mechanisms by adding the ability to host check for MacOS devices as well as Windows devices, to accommodate customer wishes to let employees use their Mac devices in a way that ensures the device is secure,” Dearing said.
“We have also extended some capabilities around vulnerability assessment to better assess if a device might be vulnerable,” he added. “This includes improved OS and patch management verification, which have become central to a more rigorous ‘comply to connect’ strategy.” Support of TACACS+ has been added for role-based network device support. Host checking caching, directory, authentication and firewall integration techniques have also been improved to reduce login prompts, authorization and device compliance time.
An important part of this release is the deepening of integration with Palo Alto Networks, Checkpoint, Juniper and Fortinet firewalls to enrich their operational context, and to let the firewalls to invoke NAC endpoint network segregation or blocking.
Dom Grillo, president of Branchburg N.J.-based Atrion Communications, a Pulse Secure channel partner, emphasized the importance of the extension of these integrations from their perspective.
“All these additional integrations are what is really important for us in this release,” he said. “The customer’s ability to integrate well with different firewall vendors is key to a successful go-to-market strategy. Our value to the customer is our ability to perform those integrations and automate things for them. The extension of those integrations allow us to do more with those disparate technologies and provide more valuable services.”
Pulse Policy Secure 9.0 is available now, on either physical or virtual Pulse Secure Appliances. Customers with existing Pulse Policy Secure subscription or software maintenance agreements can upgrade at no charge.