News
Pulse Secure NAC Integrates with Fortinet Security Fabric to Enrich Endpoint Intelligence and Automate Threat Response
March 2018 by Marc Jacob
Pulse Secure
announced a
technology integration with Fortinet to enrich
endpoint intelligence and automate threat response to protect networks from
attack and data breach.
The joint solution incorporates Pulse Policy Secure
network access
control (NAC) with Fortinet FortiGate enterprise firewall and the Fortinet
Security Fabric. The advantages this bi-directional integration includes
sharing security context and applying policy-based mitigation to reduce
network exposures and cyber threat response time. Pulse Secure NAC data can
be used by Fortinet to trigger firewall traffic controls, and Fortinet can
quarantine malicious endpoints on the network through Pulse Secure NAC.
The Fortinet Security Fabric enables security components to collect and
share intelligence between devices, systems and partners, support unified
management, and synchronize and automate responses to threats. It allows
organizations to address the full spectrum of challenges they currently face
across the expanding attack surface. Channel partners of both Pulse Secure
and Fortinet now have a new combined solution to bring to customers and
explore the business value of enterprise-grade NAC and next gen firewall
integration.
Gartner defines network access control as "technologies that enable
organizations to implement policies for controlling access to corporate
networks by devices such as the Internet of Things (IoT) and by users.
Policies may be based on authentication, endpoint configuration (posture) or
users’ role/identity. NAC also includes postconnect policies, in which the
NAC solutions integrate with other security products."
The report continues, "Network visibility and control continue to be drivers
for the adoption of NAC. Other NAC use cases include: Management of access
from consultants, contractors and other guests taking control over the
devices’ connectivity to limit their access; Visibility and control over the
connectivity of bring your own device (BYOD) programs, primarily wireless,
to enable employees to access networks with personally owned devices; and
Management or identification of IoT devices on the network."[i]
Pulse Policy Secure NAC identifies, analyzes, monitors and applies policy to
corporate, BYO and IoT devices requesting access to or working within a
corporate network. Organizations require that devices connect to protected
network resources managed by next-generation firewalls. Pulse Secure
dynamically captures and sends identity and security posture check data to
the FortiAuthenticator. The resulting enriched security intelligence is then
used to invoke policy-based compliance controls on the FortiGate firewall to
allow or block traffic at the network perimeter.
Threats beyond the network perimeter are blocked by the firewall. However, a
single compromised endpoint on the network can put other network devices at
risk of being compromised. With alert-based admission control integration,
the Fortinet FortiGate firewall can inform Pulse Policy Secure NAC to
readily isolate a compromised device on the network. As a result,
organizations can improve threat response time from days to seconds, lower
administrative overhead, and reduce reputation, compliance, and liability
exposure.
