Pulse Secure, a provider of secure access solutions for people, devices, things and services, has announced a cyber security industry first by achieving Common Criteria certification for both its network access control (NAC) and virtual private network (VPN) solutions under NIAP’s most current collaborative protection profile for network devices.
The integrated approach increases cyber security assurance for pre-connect and post-connect endpoint visibility, compliance and threat mitigation for government agencies, as well as private-sector enterprises.
Common Criteria certification is governed by ISO/IEC standards bodies and maintained by the National Information Assurance Partnership (NIAP) according to internationally recognised security testing standards.
Pulse Policy Secure v5.3 (NAC) and Pulse Connect Secure v8.2 (VPN) were awarded certification against a NIAP-approved protection profile encompassing security requirements, an evaluation and validation scheme, and rigorous test activities carried out by UL Verification Services Inc.Pulse Secure gives Federal CIOs the means to advance network access, situational intelligence, and endpoint protection
Federal and military applications
Pulse Secure has been extensively deployed in federal, military and supporting contractor applications to support: 802.1X port-control and DISA STIGs, NIST’s Risk Management Framework (RMF), Comply to Connect standards, Command Cyber Readiness Inspections (CCRI), Host-based Security System (HBSS) and DFAR 252.204-7012 assurance, and Internet of Things (IoT) security initiatives. In addition, the solutions have also attained FIPS 140-2 Level 1 certification and are certified on the U.S. DoD Unified Capabilities (UC) Approved Products List (APL) and for JTIC joint warfighting IT interoperability.
“Government IT organisations are always on the defense, but like commercial entities, they must accommodate increased requirements for availability, responsiveness and compliance. This is especially true for users and devices requesting access to and operating on federal and military networks,” said Mike Riemer, chief security architect at Pulse Secure.
“Pulse Secure is uniquely positioned to give Federal CIOs the means to advance network access, situational intelligence, and endpoint protection in a timely and cost-effective way that supports compliance mandates. Our recent Common Criteria certifications serves to further validate the design and effectiveness of our Secure Access platform.”
Meeting compliance challenges
For over a dozen years, Pulse Secure has helped agencies address visibility, access, mobile, endpoint and IoT compliance challenges – efficiently, seamlessly and cost-effectively. By implementing Pulse Secure, federal, civilian, defense and intelligence agencies can:
- Satisfy NIST 800-53 controls and specifications regarding 802.1x, Layer 2 Switch STIG, WLAN Authentication Server Security STIG, and Comply-to-Connect requisites
- Centrally manage an easy-to-use VPN and NAC/802.1x solution for wired, wireless and remote connections with flexibility for physical, virtual and cloud deployment
- Gain extensive user insight and unified access control for remote and internal end-points, whether managed, uncatalogued, unsanctioned or unknown
- Automate endpoint and access situational awareness and security response through end-to-end visibility, policy-based controls, and infrastructure interoperability
- Validate device compliance pre-network connection and enable continuous remote and post-connection protection to efficiently find, assess and mitigate exposures
- Preserve remote and onsite user experience with context-aware access protection supporting a range of smartcards and certificate handling
- Integrate Pulse Secure via open standards that negates single vendor lock
Connectivity compliance can be achieved by simply leveraging existing endpoints
RADIUS solution
Additionally, with Pulse Secure’s high performance RADIUS solution, government enterprises don’t have to enable 802.1x NAC connectivity through complex, multi-tiered products requiring significant infrastructure redesign and investment.
Connectivity compliance can be achieved by simply leveraging existing endpoints, such as PCs, tablets, phones, and servers, in conjunction with existing network switch or wireless access points. Easily and cost-effectively deployed, the Pulse RADIUS server can manage access requests to ensure compliant network authentication.
Compliance-oriented approach
“While cyber security and data protection have been a natural focus of the federal government over the last decade, the recent wide-spread expansion into the world of IOT and enabling mobility, and the vulnerabilities that go with it have exponentially increased the burden of protecting federal networks against threat actors while introducing new, complex compliance requirements for our customers,” said Sheryl Dunlap, CEO at Empower Solutions.
“We have found Pulse Secure’s compliance-oriented approach coupled with their best-in-breed secure access solution to be a real game changer for our federal customers as they confront increased pressure to modernise their legacy NAC solutions to address these new challenges and to satisfy security controls compliance. With Pulse Secure, the integrated access and endpoint visibility have allowed our customers to gain greater operational insight and efficiency to meet these new mandates and resolve users, device and IOT security issues.”Pulse Secure is playing a pivotal role with many of our Federal customers
Context-aware security agenda
“The federal government is progressing towards a continuous and context-aware security agenda for network access control and endpoint security to address mobility, IOT threats, hybrid IT and broader military risks. This places a greater burden on agencies to assess their legacy systems, new initiatives and readiness capabilities to adhere to NIST guidelines,” said Corey Solivan, director of strategic accounts at Consolidated Networks.
“Pulse Secure is playing a pivotal role with many of our Federal customers as they improve compliance to connect processes and secure access control mechanisms. We are extremely pleased with how they have built out their VPN and NAC products in terms of functions, automation and interoperability."
"Not only have we been able to effectuate switch and port control STIGs, but we have migrated customers off outdated systems, such as Cisco ACS, into a more advanced, certified Pulse Secure offering.”