Pulse Secure Attains Cyber Security First With Common Criteria Certification for Network Access Control and VPN Solutions
February 2018 by Marc Jacob
Pulse Secure announced a cyber security industry first by achieving Common Criteria certification for both its network access control (NAC) and virtual private network (VPN) solutions under NIAP’s most current collaborative protection profile for network devices. The integrated approach increases cyber security assurance for pre-connect and post-connect endpoint visibility, compliance and threat mitigation for government agencies, as well as private-sector enterprises.
Common Criteria certification is governed by SO/IEC standards bodies and maintained by the National Information Assurance Partnership (NIAP) according to internationally recognized security testing standards. Pulse Policy Secure v5.3 (NAC) and Pulse Connect Secure v8.2 (VPN) were awarded certification against a NIAP-approved protection profile encompassing security requirements, an evaluation and validation scheme, and rigorous test activities carried out by UL Verification Services Inc.
Pulse Secure has been extensively deployed in Federal, military and supporting contractor applications to support: 802.1X port-control and DISA STIGs, NIST’s Risk Management Framework (RMF), Comply to Connect standards, Command Cyber Readiness Inspections (CCRI), Host-based Security System (HBSS) and DFAR 252.204-7012 assurance, and Internet of Things (IoT) security initiatives. In addition, the solutions have also attained FIPS 140-2 Level 1 certification, and are certified on the U.S. DoD Unified Capabilities (UC) Approved Products List (APL) and for JTIC joint warfighting IT interoperabilty.
For over a dozen years, Pulse Secure has helped agencies address visibility, access, mobile, endpoint and IoT compliance challenges – efficiently, seamlessly and cost-effectively. By implementing Pulse Secure, Federal civilian, defense and intelligence agencies can:
· Satisfy NIST 800-53 controls and specifications regarding 802.1x, Layer 2 Switch STIG, WLAN Authentication Server Security STIG, and Comply-to-Connect requisites
· Centrally manage an easy-to-use VPN and NAC/802.1x solution for wired, wireless and remote connections with flexibility for physical, virtual and cloud deployment
· Gain extensive user insight and unified access control for remote and internal end-points, whether managed, uncatalogued, unsanctioned or unknown
· Automate endpoint and access situational awareness and security response through end-to-end visibility, policy-based controls, and infrastructure interoperability
· Validate device compliance pre-network connection and enable continuous remote and post-connection protection to efficiently find, assess and mitigate exposures
· Preserve remote and onsite user experience with context-aware access protection supporting a range of smartcards and certificate handling
· Integration Pulse Secure via open standards that negates single vendor lock
Additionally, with Pulse Secure’s high performance RADIUS solution, government enterprises don’t have to enable 802.1x NAC connectivity through complex, multi-tiered products requiring significant infrastructure redesign and investment. Connectivity compliance can be achieved by simply leveraging existing endpoints, such as PCs, tablets, phones, and servers, in conjunction with existing network switch or wireless access points. Easily and cost-effectively deployed, the Pulse RADIUS server can manage access requests to ensure compliant network authentication.
“While cyber security and data protection have been a natural focus of the federal government over the last decade, the recent wide-spread expansion into the world of IOT and enabling mobility, and the vulnerabilities that go with it have exponentially increased the burden of protecting federal networks against threat actors while introducing new, complex compliance requirements for our customers,” said Sheryl Dunlap, CEO at Empower Solutions. “We have found Pulse Secure’s compliance-oriented approach coupled with their best-in-breed secure access solution to be a real game changer for our federal customers as they confront increased pressure to modernize their legacy NAC solutions to address these new challenges and to satisfy security controls compliance. With Pulse Secure, the integrated access and endpoint visibility have allowed our customers to gain greater operational insight and efficiency to meet these new mandates and resolve users, device and IOT security issues.”
“The federal government is progressing towards a continuous and context-aware security agenda for network access control and endpoint security to address mobility, IOT threats, hybrid IT and broader military risks. This places a greater burden on agencies to assess their legacy systems, new initiatives and readiness capabilities to adhere to NIST guidelines,” said Corey Solivan, director of strategic accounts at Consolidated Networks. “Pulse Secure is playing a pivotal role with many of our Federal customers as they improve compliance to connect processes and secure access control mechanisms. We are extremely pleased with how they have built out their VPN and NAC products in terms of functions, automation and interoperability. Not only have we been able to effectuate switch and port control STIGs, but we have migrated customers off of outdated systems, such as Cisco ACS, into a more advanced, certified Pulse Secure offering.”