Secure Access: The world of

Bram De Blander | SE North Region | Pulse Secure

Old World: PC and Datacenter

New World: Hybrid IT

VS

Secure Access

“Off-premise” “Anywhere”

Remote Access

Evolved…

BYOD is here for 85% Cloud is an option for 55% IOT is coming for 40%

Dialing Up IT Transformation

IDG Research Services Gartner Gartner

Customers

Partners

Internet Café

Tablets & Smart Phones

Remote Users

WiFi Users

Office UsersConference Rooms

Visitors

Unmanaged Devices

Managed Devices

Corporate Data

The need for Secure AccessOff-premise

On-premise

Climate ControlIoT

Connected TrucksIoT

SaaS

Corporate Data

?I N S I D E T H E N E T W O R K

TrustedO U T S I D E T H E N E T W O R K

Untrusted

! ! ! !Trust

Inside

Outside

”Outside-Out”

User/Devices/Things“Inside-In”

Resources

“Inside-Out”

Resources

User/Devices/Things”Outside-In”

Outside-In = Remote AccessInside-In = Network SecurityInside-Out = Firewall? Outside-Out = Cloud Security?

VisibilityEnforcementUnified PoliciesEco system

- Fortinet- Palo Alto Networks- Checkpoint- Juniper

Silos!User Experience! Trust

Secure Access Reality in customer networks

A: AuthenticationC: CompliancyR: Role Based Access

Zero Trust Protection Mechanisms§ User Verification

– MFA, Single sign-on via SAML, TOTP (Google Auth)

– Streamline logins & user experience (Office 365)

§ Endpoint Assessments (before & during connection)

– Prevent rooted, jailbroken devices connecting– Quarantine, grant, deny access via device policy

§ Access Control & Data protection– Always-on, on-demand secure connection– Policy-based split tunneling for corp data– Provision, configure, wipe mobile devices

PolicyEnforcement

Secure Access Portfolio

Pulse Connect Secure

VPN, EndpointCompliance

Pulse One

Centralized Management

Pulse Policy Secure

Visibility, NAC

Pulse Workspace

Mobile Device Access & Compliance

Pulse vADC

Application Delivery Control

User/Devices/Things Resources

User/Devices/Things

”Outside-Out”

“Inside-In”

“Inside-Out”

”Outside-In”

• Evolution – Not Revolution!

• Pulse Secure Solution offers a smooth migration path.

• Existing services can be migrated over time in the pace that suits customers.

Secure Access When ‘Inside’ becomes ‘outside’

Authenticate everything before access

Zero Trust Model

No “inside” or “outside” distinction

Trust established closest to resource

Policy based access (identity & device configuration)

SDP Architecture - Benefits

Simplified User Experience

Centralized Orchestration

Dark/Black Network

1

2

3

How Pulse Secure’s SDP Helps

§ SDP requires authenticate first, connect second– Establishes trust before the connection is made– Central authority (“Controller”)

§ Bakes access policy into connection– Granular access levels (“micro-segmentation”)– Applies device compliance checks same time

§ Offers per-application connectivity options– By user, device, reputation, privileged access…

SDP Client

Universal Pulse Client

SDP Controller

Pulse One

Control Plane

Data Plane

SDP Gateway

Pulse Policy Secure

Local / Branch Network

Public Cloud & SaaS

SDP Gateway

Pulse Connect SecurePulse vADC

Private Cloud/Data Center

SDP Gateway

Pulse Connect Secure

Pulse Secure SDP Evolution

Pulse Suites: Essentials Edition

User

App

PulseConnect Secure

REMOTE ACCESS

Pulse Suites: Advanced Edition

User

Pulse Workspace

App

PulseConnect Secure

REMOTE ACCESS

CLOUD ACCESS

MOBILE ACCESS

Pulse Suites: Enterprise Edition

User

Pulse Workspace

App

PulseConnect Secure

REMOTE ACCESS

CLOUD ACCESS

PulsePolicy Secure

NETWORK ACCESS

MOBILE ACCESS

User

Consumer

App

Pulse Suites: Secure Access Platform

MOBILE ACCESS

APP ACCESS

REMOTE ACCESS

CLOUD ACCESS

NETWORK ACCESS

Pulse Workspace

Pulse vADC

PulseConnect Secure

PulsePolicy Secure

-

SDP Gateway

SDP Gateway

SDP Gateway

SDP Gateway

SDP Client

11/12/19

Why Pulse Secure?

§ Best of both worlds• Offer comprehensive Zero Trust today• SDP when you’re ready

§ Leading Secure Access vendor• Unified client for secure, streamlined access• Extensive authentication and device compliance• Centralized, unified policy enforcement &

management

§ Built for Hybrid IT: mobile, data center, cloud

ZTNA overview Gartner à https://www.gartner.com/doc/reprints?id=1-6ICK295&ct=190410&st=sb