Pulse Secure’s NAC solution has addressed the IoT market before, but for the first time they have added functionality specifically designed for Industrial IoT environments.
Today, secure access solutions provider Pulse Secure is releasing Pulse Policy Secure 9.0R3, the latest version of their Network Access Control [NAC] solution, and one which, for the first time adds Industrial Internet of Things [IIoT] capabilities.
“This major new release of Pulse Policy Secure means quick remediation and less downtime for factory environments with are dependent on IIoT devices,” said James Tolosa, senior product marketing manager at Pulse Secure. “We have taken our NAC core product and made it suitable for industrial environments.”
Pulse Policy Secure has always been aimed at the broad IoT market, but the IIoT market specifically is something new with this release.
“We have had IoT fingerprints for NAC in heath care, retail, financial – anything that had an IoT use case,” Tolosa said. “However, our NAC product is aimed at IoT in general. We had not done any specific marketing at industrial IoT. Now this new NAC product has some new features aimed at industrial IoT in particular.”
Pulse Policy Secure is a combined NAC and VPN solution, and the new capabilities enhance IIoT capacity around both. It profiles the network to discover IoT devices, with the aid of a built-in IoT device identification library, and lets policies be applied to these systems, like factory floor SCADAs, PLCs and HMIs, or office building HVAC systems. It also automatically provisions IIoT devices with Next Generation Firewall solutions, to provide identity and device security state data, and to fortify micro-segmentation to isolate and manage IoT devices on enterprise networks.
“You can find IoT devices – and remediate them – if they are in a troubled state,” Tolosa said. “This new product not only lets you find the devices, but does auto-provisioning of firewalls, and provides secure access for both firewall and our VPN product, particularly for auto-provisioning policies like third party contractors and support personnel.” The combined NAC and VPN approach lets IT teams grant remote secure access—authenticated and encrypted—to support contractors for expedited repair and return to service of factory IIoT systems for greater uptime and productivity. Not having to send out service technicians allows factory floor repairs in these environments to be done much more quickly.
PPS 9.0R3 adds new behavioral analytics that alert security teams of anomalous IoT device behavior. It builds baseline behavior profiles for managed and unmanaged IoT devices from information correlated from multiple sources like NetFlow, user and device data. It then measures anomalous activity’s impact on these profiles, to spotlight threats at an early stage.
“This preserves the uptime of the business and does so in a secure manner,” Tolosa indicated. “With industrial customers, security is less about data theft. Use cases are very specific, because its all about uptime, remediating them faster, which is why we gave them these new features.
“The typical customers for this are traditional brick and mortar businesses that have been around since the Industrial Age,” he added. “They were typically airgapped before but now are Internet-connected. They typically use old insecure systems that lack modern protection like encryption and native antivirus. They can use this newer technology to improve the processes.”
Tolosa said that while they are now addressing a new use case with IIoT, they already have partners who work in this space
“We have some partners in Canada who sell to oil companies who will like this,” he noted. “This satisfies a key requirement for companies who need such a solution.”
While some parts of the IoT markets are still developing, Tolosa stressed that this is not one of them.
“We always see demand for secure access in the industrial environment,” he said. “It has always been strong, and will continue to be strong. We see that continuing deep into the future.”
The latest features of Pulse Policy Secure 9.0R3 are available on physical or virtual Pulse Secure Appliances. Existing customers with PSA appliances under PPS subscription or software maintenance can readily upgrade at no charge.