Driving a Zero Trust approach with Software Defined Perimeter
The work from home mandate during this coronavirus pandemic has led to pleasant discoveries for Pulse Secure customers. According to its Asia Pacific Japan VP, Joe Signorelli, if before Pulse Secure solutions were seen as a nice-to-have, it now has become a strategic part of their customers’ businesses.
Joe said, “When they saw us implement our virtual application delivery controller (vADC) to our license servers, they realised, ‘Wait a sec… this is a software load balancer that I can deploy now in front of any application. And when I don’t need it…, from my license servers I can redeploy that bandwidth dynamically to other applications without reinvesting.’”
Some of Pulse Secure’s customers are among the top 50 of Fortune 500 companies (actually 80-percent of Fortune 500 are customers of Pulse Secure), and as their worldwide base of employees, sought to securely access business applications and corporate resources, from the safe shelter of their homes, they recognised the convenience and relevancy of solutions like vADC.
Best of all, these customers do not need to reengineer their environments, or their policy engines. They only need to add additional licenses, and at most they would only have to drop specific hardware at a specific location for more capacity.
“This is the value that customers are starting to see with Pulse,” Joe pointed out.
What Pulse Secure does
Joe shared that Pulse Secure spun out of networking company, Juniper Networks about five years ago, and that it really started out as an SSL VPN provider with a Juniper original solution called Junos.
SSL VPN, or virtual private network technology, is what makes access to corporate resources from a remote location, possible. But Pulse Secure has evolved to providing more than just remote access, extending security and management policies to also network access control (NAC), and to multi-cloud and on-premise environments.
“Since our inception, we have always offered Zero Trust policy as part of our solution. That terminology has evolved over time, but when we talk about it, it was really about a single policy engine that allowed us to manage people and devices that get onto a corporate network,” Joe emphasised.
Pulse Secure’s Zero Trust policy requires secured access that is enabled by software, or a software-defined perimeter.
According to a Quadrant Knowledge Solutions analyst report, “Software Defined Perimeter (SDP) technology, is emerging as an advanced network security solution for today’s complex, interconnected world. SDP follows a Zero Trust approach, wherein the default network security posture is that of deny.
“Access is granted upon authenticating and authorising both user and device,” the report stated, adding also that Pulse Secure is distinguished among zero trust, secure access solution providers, especially for enterprise and service providers operating hybrid IT and multi-cloud environments.
A single architecture with suite plus
SDP combined with other capabilities offered by Pulse Secure is quite powerful.
A newly announced, Pulse Access Suite Plus brings together a comprehensive secure access portfolio comprised of secure remote and cloud access with Zero Trust policy enforcement, centralised management, ADC and web application firewall (WAF), device compliance and IoT device profilers, just to name a few.
All these capabilities sit on top of a single architecture, and is driven by a single policy engine to manage the entire security architecture.
Joe said, “That’s what makes us unique.”
How these capabilities are “deployed” to users also drives their zero trust approach.
Joe described global license servers as a ‘mechanism’ for large global enterprises to ensure their remote workforce have secure access to the apps they need to be productive, no matter where they may be.
“We don’t load (software) licenses into a box, and then it sits there with only 50-percent utilisation, for example. With global license server technology, customers can draw licenses up as needed, where they are needed.”
When solutions come bundled together in a suite, there would also be a software load balancer (vADC) incorporated, so if one license server fails, it can failover to a second license server somewhere else.
This leads to high availability of applications for a remote workforce, on top of management of policies associated with those licenses, all from say an operations team in a centralised location.
“Before we roll out anything, we always put in a beta programme into our customer environments,” Joe said.
“Here are some of the largest organisations in the world, that are deploying our solutions today. And this is where our features and functions are being tested today.”
Some months after the start of the pandemic, Pulse Secure is discovering a prevailing trend among their customers, too.
Customers find that work-from-home measures aren’t reducing productivity, and in some cases it’s actually increased.
Joe concluded, “And as long as those users have access to the applications they need to do their job, that’s what’s important, and that’s what we bring to the table.”