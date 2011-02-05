Pulse Secure NAC Integrates with Fortinet Security Fabric to Enrich Endpoint Intelligence and Automate Threat Response

March 2018 by Marc Jacob

The joint solution incorporates Pulse Policy Secure network access control (NAC) with Fortinet FortiGate enterprise firewall and the Fortinet Security Fabric. The advantages this bi-directional integration includes sharing security context and applying policy-based mitigation to reduce network exposures and cyber threat response time. Pulse Secure NAC data can be used by Fortinet to trigger firewall traffic controls, and Fortinet can quarantine malicious endpoints on the network through Pulse Secure NAC.

The Fortinet Security Fabric enables security components to collect and share intelligence between devices, systems and partners, support unified management, and synchronize and automate responses to threats. It allows organizations to address the full spectrum of challenges they currently face across the expanding attack surface. Channel partners of both Pulse Secure and Fortinet now have a new combined solution to bring to customers and explore the business value of enterprise-grade NAC and next gen firewall integration.

Gartner defines network access control as "technologies that enable organizations to implement policies for controlling access to corporate networks by devices such as the Internet of Things (IoT) and by users. Policies may be based on authentication, endpoint configuration (posture) or users’ role/identity. NAC also includes postconnect policies, in which the NAC solutions integrate with other security products."

The report continues, "Network visibility and control continue to be drivers for the adoption of NAC. Other NAC use cases include: Management of access from consultants, contractors and other guests taking control over the devices’ connectivity to limit their access; Visibility and control over the connectivity of bring your own device (BYOD) programs, primarily wireless, to enable employees to access networks with personally owned devices; and Management or identification of IoT devices on the network."[i]

Pulse Policy Secure NAC identifies, analyzes, monitors and applies policy to corporate, BYO and IoT devices requesting access to or working within a corporate network. Organizations require that devices connect to protected network resources managed by next-generation firewalls. Pulse Secure dynamically captures and sends identity and security posture check data to the FortiAuthenticator. The resulting enriched security intelligence is then used to invoke policy-based compliance controls on the FortiGate firewall to allow or block traffic at the network perimeter.

Threats beyond the network perimeter are blocked by the firewall. However, a single compromised endpoint on the network can put other network devices at risk of being compromised. With alert-based admission control integration, the Fortinet FortiGate firewall can inform Pulse Policy Secure NAC to readily isolate a compromised device on the network. As a result, organizations can improve threat response time from days to seconds, lower administrative overhead, and reduce reputation, compliance, and liability exposure.