#cybersecurity | hacker | First look: Pulse Secure Software Defined Perimeter


At a Glance
Product: Pulse Software Defined Perimeter (SDP)
Vendor: Pulse Secure
Price: $66 per user, based on 1,000-user purchase.

What it does: Uses policies to apply granular application access rights based on the unique combination of a user profile and device type.
What we liked: Flexibility and ease of deployment.
The Bottom Line: The “zero trust” framework provides a very scalable an effective approach to securing applications.

As traditional network
defenses have evolved, malicious players have shifted focus from infrastructure
attacks to targeted software attacks. Whether the motivation is to obtain
critical data or to simply disrupt operations, applications are now the
prevailing target of opportunity, leaving many organizations unprepared and
unprotected. The ease of access offered by web applications is a blessing for
users but a curse for security teams as it adds a whole new dimension to the
challenge of effectively securing applications.

Understanding such
complexities, Pulse Secure has addressed the challenge head on with the
Software Defined Perimeter (SDP) solution. This innovative platform offers
users secured access to applications regardless of application location, user
location or device.

The solution leverages the
universal pulse client (agent), which supports multiple platforms. A clientless
(agentless) version also is available for a defined set of applications. The
SDP architecture is based on two primary components that include a controller
and gateway. The gateway exists to transfer data between the data center and
the cloud while the controller takes administrator policies and distributes
them to the gateway. A standard deployment requires at least three different
devices – a Pulse One appliance, an SDP Controller appliance and an SDP Gateway
appliance –  but additional SDP gateways
may be necessary depending upon network and deployment requirements.

The whole premise of the
platform is that an application requires establishing trust before a device
connection is granted. Without a trust verification, the device is blocked from
accessing an application. This approach is effective against malware attacks
because it verifies both users and their devices. Different policies can be
applied to different devices (such as a corporate-issued versus BYOD asset).
SDP can also look at patch levels and configuration settings to match against
defined policies and determine if a particular device will be allowed to
connect. This approach protects against a stolen device moving to a different
geography (geolocation validation) and then being used to access the network.

SDP is simple to deploy,
provides great flexibility and supports relatively dynamic application access
management to deliver secure access even when unexpected out-of-the-office
access needs, like a snow day, have widespread impact on the workforce.
Subscription pricing starts at $66 per user, which includes Gold Support with a
24/7 global support portal. Physical, virtual and cloud (AWS/Azure) deployment
options are available.



Original Source link

Leave a Reply