Secure Access: The world of Bram De Blander | SE North Region | Pulse Secure
Secure Access: The world of
Bram De Blander | SE North Region | Pulse Secure
Old World: PC and Datacenter
New World: Hybrid IT
VS
Secure Access
“Off-premise” “Anywhere”
Remote Access
Evolved…
BYOD is here for 85% Cloud is an option for 55% IOT is coming for 40%
Dialing Up IT Transformation
IDG Research Services Gartner Gartner
Customers
Partners
Internet Café
Tablets & Smart Phones
Remote Users
WiFi Users
Office UsersConference Rooms
Visitors
Unmanaged Devices
Managed Devices
Corporate Data
The need for Secure AccessOff-premise
On-premise
Climate ControlIoT
Connected TrucksIoT
SaaS
Corporate Data
?I N S I D E T H E N E T W O R K
TrustedO U T S I D E T H E N E T W O R K
Untrusted
! ! ! !Trust
Inside
Outside
”Outside-Out”
User/Devices/Things“Inside-In”
Resources
“Inside-Out”
Resources
User/Devices/Things”Outside-In”
Outside-In = Remote AccessInside-In = Network SecurityInside-Out = Firewall? Outside-Out = Cloud Security?
VisibilityEnforcementUnified PoliciesEco system
- Fortinet- Palo Alto Networks- Checkpoint- Juniper
Silos!User Experience! Trust
Secure Access Reality in customer networks
A: AuthenticationC: CompliancyR: Role Based Access
Zero Trust Protection Mechanisms§ User Verification
– MFA, Single sign-on via SAML, TOTP (Google Auth)
– Streamline logins & user experience (Office 365)
§ Endpoint Assessments (before & during connection)
– Prevent rooted, jailbroken devices connecting– Quarantine, grant, deny access via device policy
§ Access Control & Data protection– Always-on, on-demand secure connection– Policy-based split tunneling for corp data– Provision, configure, wipe mobile devices
PolicyEnforcement
Secure Access Portfolio
Pulse Connect Secure
VPN, EndpointCompliance
Pulse One
Centralized Management
Pulse Policy Secure
Visibility, NAC
Pulse Workspace
Mobile Device Access & Compliance
Pulse vADC
Application Delivery Control
User/Devices/Things Resources
User/Devices/Things
”Outside-Out”
“Inside-In”
“Inside-Out”
”Outside-In”
• Evolution – Not Revolution!
• Pulse Secure Solution offers a smooth migration path.
• Existing services can be migrated over time in the pace that suits customers.
Secure Access When ‘Inside’ becomes ‘outside’
Authenticate everything before access
Zero Trust Model
No “inside” or “outside” distinction
Trust established closest to resource
Policy based access (identity & device configuration)
SDP Architecture - Benefits
Simplified User Experience
Centralized Orchestration
Dark/Black Network
1
2
3
How Pulse Secure’s SDP Helps
§ SDP requires authenticate first, connect second– Establishes trust before the connection is made– Central authority (“Controller”)
§ Bakes access policy into connection– Granular access levels (“micro-segmentation”)– Applies device compliance checks same time
§ Offers per-application connectivity options– By user, device, reputation, privileged access…
SDP Client
Universal Pulse Client
SDP Controller
Pulse One
Control Plane
Data Plane
SDP Gateway
Pulse Policy Secure
Local / Branch Network
Public Cloud & SaaS
SDP Gateway
Pulse Connect SecurePulse vADC
Private Cloud/Data Center
SDP Gateway
Pulse Connect Secure
Pulse Secure SDP Evolution
Pulse Suites: Essentials Edition
User
App
PulseConnect Secure
REMOTE ACCESS
Pulse Suites: Advanced Edition
User
Pulse Workspace
App
PulseConnect Secure
REMOTE ACCESS
CLOUD ACCESS
MOBILE ACCESS
Pulse Suites: Enterprise Edition
User
Pulse Workspace
App
PulseConnect Secure
REMOTE ACCESS
CLOUD ACCESS
PulsePolicy Secure
NETWORK ACCESS
MOBILE ACCESS
User
Consumer
App
Pulse Suites: Secure Access Platform
MOBILE ACCESS
APP ACCESS
REMOTE ACCESS
CLOUD ACCESS
NETWORK ACCESS
Pulse Workspace
Pulse vADC
PulseConnect Secure
PulsePolicy Secure
-
SDP Gateway
SDP Gateway
SDP Gateway
SDP Gateway
SDP Client
11/12/19
Why Pulse Secure?
§ Best of both worlds• Offer comprehensive Zero Trust today• SDP when you’re ready
§ Leading Secure Access vendor• Unified client for secure, streamlined access• Extensive authentication and device compliance• Centralized, unified policy enforcement &
management
§ Built for Hybrid IT: mobile, data center, cloud
ZTNA overview Gartner à https://www.gartner.com/doc/reprints?id=1-6ICK295&ct=190410&st=sb