Archive for Pulse Secure

VPN Vulnerability Actively Being Exploited In The Wild…. Yikes!

Posted in Commentary with tags , on January 9, 2020 by itnerd

If you have a Pulse Secure VPN, you should be aware of an urgent patch that needed to be applied back in April of last year. The vulnerability that this patch fixes is CVE-2019-11510 and can basically be abused to extract plain-text passwords, and other secrets, from networks without any authentication. Or put another way, it allows people without valid usernames and passwords to remotely connect to the corporate network the device is supposed to protect, turn off multi-factor authentication controls, remotely view logs and cached passwords in plain text. And that includes Active Directory account passwords.

In case you are wondering, that’s very, very bad.

Now let’s pretend for a second that you did not apply this patch last April. Or you didn’t know about it. Well you might be in deep trouble as there’s a group that is now actively exploiting this vulnerability to pwn networks with ransomware. The latest victim to get pwned so far is UK based Travelex according to this article:

Travelex, the foreign currency exchange and travel insurance company, appears to be the latest victim of the group. On New Year’s Eve, the company was hit by Sodinokibi ransomware, also known as REvil. The ransomware operators contacted the BBC and said they want Travelex to pay $6m (£4.6m). They also claimed to have had access to Travelex’s network for six months and to have extracted five gigabytes of customer data—including dates of birth, credit card information, and other personally identifiable information.

“In the case of payment, we will delete and will not use that [data]base and restore them the entire network,” the individual claiming to be part of the Sodinokibi operation told the BBC. “The deadline for doubling the payment is two days. Then another seven days and the sale of the entire base.”

The group who are behind these attacks have seven victims so far, and that number is likely to grow. Bad Packets Report’s Troy Mursch ran a vulnerability scan finding that thousands of Pulse Secure VPN servers worldwide remain vulnerable. Which means that the pwnage has the potential to be epic. Thus if you’re using a Pulse Secure VPN, you should get to patching it now. As in right now. Seriously. Drop everything and do it now.

Pulse Secure Recognized as Great Place to Work Certified Company

Posted in Commentary with tags on November 18, 2019 by itnerd

Pulse Secure, the leading provider of software-defined Secure Access solutions, has been recognized as a Great Place to Work Certified Company.

The company’s employees themselves helped earn the distinction, which is based on an independent survey of the employee experience and an analysis of the culture measured against Great Place to Work’s global benchmark data. Key findings included:

  • 92% said Pulse Secure is a great place to work
  • 97% say people care about each other
  • 98% celebrate special events at the company
  • 95% feel they can “be me”

Other notable findings of the analysis were a successful internship program with a track record of 20% converting to full-time hires.

Great Place to Work conducted an extensive Pulse Secure employee survey and assessed the results against an industry comparative benchmark to achieve “Certified” rated. The Great Place to Work Certification process is based on rigorous benchmarks established by surveys of more than 100 million employees over 30 years. The resulting analytical model is used to evaluate company cultures against the best in the world. Known as the Great Place to Work Trust ModelTM, because trust is the essential element of a great workplace, the same standard process is used to create theFortune 100 “Best Companies to Work For” and other notable lists.

Earlier this year, Pulse Secure was ranked 26th among 2019 Top Workplaces by the Bay Area News Group. That recognition, the second year in a row, was also based on an employee survey conducted externally.

 

Pulse Secure Wins Web Application Firewall of the Year at The Computing Security Awards 2019

Posted in Commentary with tags on November 6, 2019 by itnerd

Pulse Secure has won the Web Application Firewall of the Year category at The Computing Security Awards 2019.

The Award, which is based on votes from IT managers across the U.K. was given to the Pulse Secure Virtual Web Application Firewall (vWAF), a scalable solution for application-level security, both for off-the-shelf solutions and complex custom applications including third-party frameworks. The vWAF is a part of Pulse Secure’s virtual Application Delivery Controller (vADC) solution, which provides unprecedented scale and flexibility to enhance the performance and security of applications across the widest range of environments, from physical and virtual data centers to public and hybrid cloud.

Pulse Secure’s vWAF can be used to apply business rules to online traffic, inspecting and blocking attacks such as SQL injection and cross-site scripting (XSS), while filtering outgoing traffic to mask credit card data, and help achieve compliance with PCI-DSS requirements by filtering outgoing data. An additional prominent feature is vWAF’s automated learning capability that can make policy recommendations by learning about application behavior to make it easier for security teams to maintain policies and negate false positives. Administrators retain full control over the activation and deactivation of each ruleset, with the opportunity to screen for false positive before committing to production.

Now in its fifth year, the 2019 Awards ceremony was held at The Leonardo Royal Hotel, London City and hosted by former England cricket captain Chris Cowdrey and comedian Sean Collins.

Pulse Accelerates Enterprise Means To Achieve Zero Trust Security for Hybrid IT

Posted in Commentary with tags on October 22, 2019 by itnerd

Pulse Secure, the leading provider of software defined Secure Access solutions, today announced that it has introduced new Secure Access management and threat mitigation capabilities within its Zero Trust Network Access platform. Through these enhancements, Pulse Secure enables enterprise and service provider organizations to progress Zero Trust security and mitigate hybrid IT risks while simplifying access to multi-cloud and data center resources.

Pulse Secure’s Zero Trust Network Access platform allows organizations to centrally manage policy and automate secure access to applications, data and services that are delivered on-premise or in private and public cloud environments. The company continues to incorporate open standards and proprietary means to extend platform interoperability and automation that provide customers greater operational oversight, policy management and threat response economies.

Management

Many enterprises supplement conventional desktop and mobile remote access to hybrid IT applications and resources utilizing Virtual Desktop Infrastructure. Having to manage multiple secure access mechanisms often introduces user experience issues, as well as provisioning delays. Pulse Secure has enhanced its VDI integration with RDS (Remote Desktop Services) Broker to simplify user experience and management support for Citrix XenApp/XenDesktop, VMware Workspace ONE and Microsoft RDP.  Additional management enhancements include:

  • Pulse VPN can now use DHCP-based networking configuration to automate endpoint access provisioning
  • Openstack interoperability to streamline managing multiple virtual Pulse Secure appliances through popular IT orchestration tools
  • Easier, broader network switch support for Layer-2 enforcement utilizing a template-based CLI framework for Pulse NAC that negates the need for RADIUS
  • Building in Pulse Secure VPN and NAC attributes within Pulse vADC to facilitate policy-based load balancing to improve user experience and access resiliency

Threat Mitigation

Organizations are seeking means to improve mobile workforce user experience, while assuring data protection measures are always active and audit-ready in order to support numerous internal and regulatory compliance specification. Pulse Secure has enhanced its popular Pulse VPN Lockdown mode feature that prevents users from modifying VPN Client settings or disconnecting from gateways. Ensuring always-on and protected connections with rich user authentication and device security posture enforcement significantly reduces endpoint and access security threats.Additional threat mitigation enhancements include:

  • Bi-directional integration with IBM Qradar and Splunk SIEMs allowing Pulse NAC to receive SIEM alerts and take network threat response actions
  • Identity-based integration between Pulse NAC and the Fortigate Next Gen firewall (NGFW) using RADIUS Accounting allowing Pulse to send identity context to the NGFW for role-based access enforcement to corporate resources
  • Pulse NAC can provision users’ authentication details and resource/IoT access enforcement policies to specific Palo Alto Network’s NGFW virtual instances (VSYS)
  • User Entity Behavior Analytics (EUBA) enhancements to further extend adaptive access control based on anomalous and malicious user or device activity

Pulse Secure’s Zero Trust Network Access platform is a foundational component of the Pulse Access Suites. The Suites provide remote, mobile, cloud, network and application security with comprehensive VPN, Mobile Device Management (MDM), Single Sign-on (SSO), endpoint and IOT device security, Network Access Control (NAC) and virtual Application Delivery Controller (ADC) functionality. Pulse SDP is a Suite add-on which activates Software Defined Perimeter (SDP) components within existing Pulse solutions to provide direct device-to-application trusted connectivity only after successful user, device and security state verification. This approach extends the company’s foundation of Zero Trust access for hybrid IT with enhanced usability, deployment flexibility, automated provisioning and resource optimization.

 

Pulse Secure Experiences Double-Digit Growth

Posted in Commentary with tags on August 14, 2019 by itnerd

Pulse Secure, the leading provider of software defined Secure Access solutions, today announced that growing demand for hybrid IT and Zero Trust Secure Access, resulted in double digit deal volume growth in the first half of 2019. Additionally, the company announced significant achievements in product innovation, channel programs, customer service and talent acquisition.

Pulse Secure is uniquely positioned to bring together crucial secure access functions with required interoperability for hybrid IT and multi-cloud. Key milestones behind the company’s outstanding growth for 1H2019 include:

  • Pulse Secure Access Suites sales grew by 98% year over year; nearly twice the demand for suites over last year
  • Pulse Secure realized double-digit deal volume growth, including new products and service business, with subscriptions increasing by 44%
  • Bookings included the highest number of deals greater than $100,000 in Pulse Secure history
  • Pulse One Manager, including mobile security, cloud security and single sign-on, grew by more than 50%
  • Network Access Control (NAC) business grew by 45% year over year across federal, Europe and Middle East markets, and we were recognized as a top 3 enterprise NAC provider
  • New offerings were launched, including Pulse SDP, extended support and onsite services, and a global solution training and certification program
  • New Access Now partner program designed to accelerate channel sales and service opportunities while advancing MSSP enablement
  • Industry Net Promoter Score (NPS) rating increased to 52, with a customer renewal rate of over 92%

Product Innovation Extends Zero Trust Network Access for Hybrid IT

Announced in February, the Pulse SDP solution integrates Software Defined Perimeter (SDP) architecture within the award-winning Pulse Secure Access platform, offering customers a flexible path to SDP. This approach extends the company’s foundation of Zero Trust access for hybrid IT with enhanced usability, deployment flexibility, automated provisioning and reduced cost of ownership. Pulse SDP offers dual-mode VPN and SDP architecture to provide single-pane-of-glass secure access management with uniform policy management and granular, stateful access enforcement across data center and cloud applications.

Growth, Culture and Engagement Attract Top Talent

The Pulse Secure focus on individual growth, employee engagement and corporate culture continues to attract top talent globally. Pulse Secure has increased its global workforce by 5% across support, engineering, sales and marketing and institutionalized professional development across all disciplines, with participation increasing by 60%. In addition, the company’s local charitable programs are seeing an employee participation rate increase of nearly 50%.

About Pulse Secure

Pulse Secure provides easy, comprehensive software-driven Secure Access solutions for people, devices, things and services that improve visibility, protection and productivity for our customers. Our suites uniquely integrate cloud, mobile, application and network access to enable hybrid IT in a Zero Trust world. Over 20,000 enterprises and service providers across every vertical entrust Pulse Secure to empower their mobile workforce to securely access applications and information in the data center and cloud while ensuring businesscompliance. Learn more at www.pulsesecure.net.

Pulse Secure Launches Access Now Partner Program

Posted in Commentary with tags on January 24, 2019 by itnerd

Pulse Secure, the leading provider of Secure Access solutions to both enterprises and service providers, today announced the global launch of their new Access Now Partner Program. Designed to offer partners the means to establish themselves as a go-to source with an industry-leading solution in Secure Access, Access Now provides an enhanced opportunity for top line revenue and bottom line profit growth while setting them apart from the competition.

Pulse Secure is recognized as a channel-focused industry leader, as evidenced by delivering virtually 100 percent of its sales through partners and having been recognized four years in a row with a prestigious CRN five-star program award.

Pulse Secure’s continued growth within the channel is closely tied to its successful distribution relationships, which included Ingram Micro Inc., Securematics and Westcon.

As part of the Pulse Secure Access Now partner program, the company will recognize three program tiers: Authorized, Preferred and Elite. Each level represents the partner’s proficiency, expertise and growth in selling Pulse Secure solutions to their customers. Partner rewards and incentives are differentiated at each level and will reflect the partner’s investment in Pulse Secure’s solutions. Along with the program’s easy to understand structure, partners will also benefit from a dedicated support team.

Building on the success of Pulse Secure’s previous partner program, the new Access Now partner program features:

  • Online and onsite certification and training
  • Interactive partner resource portal
  • Discounted demo equipment
  • Enhanced deal registration
  • Joint marketing funds and sales promotions
  • Enhanced lead registration process
  • Dedicated account management and support teams

The program also allows partners to take advantage of the award-winning Pulse Access suite packaged for managed services. The solution offers Managed Security Service Providers (MSSPs) an accelerated, cost-effective means to differentiate and build out their service portfolio to meet the massive demand for protected connectivity to cloud applications and hybrid IT resources. The packaging includes virtual appliance form factors for VMware, KVM and Hyper-V, and supports deployment in hosted cloud environments such as Microsoft Azure and Amazon AWS.

Pulse Secure uniquely offers its channel partners a Secure Access portfolio comprised of Virtual Private Network (VPN), Enterprise Mobile Management (EMM), Network Access Control (NAC), Web Application Firewall (WAF) and virtual Application Delivery Controller (ADC) solutions within a unified management framework for data center and hybrid IT implementation. Enterprises of every size and industry trust Pulse Secure to enable secure access seamlessly, no matter where users and applications reside, and to orchestrate compliant connectivity, data privacy and application resiliency across mobile, network and cloud.

To find out more about the Access Now partner program please visit their website by clicking here.

Pulse Secure’s VPN Solution Earns “High Scores” From IAIT Lab

Posted in Commentary with tags on December 13, 2018 by itnerd

Pulse Secure, the leading provider of Secure Access solutions to both enterprises and service providers, today announced that the IAIT Lab has completed an extensive test of Pulse Connect Secure, resulting in superb findings across usability, comprehensiveness and interoperability for the market leading VPN solution.

Pulse Connect Secure provides easy, secure, authenticated access for remote and mobile users to corporate resources—anytime, anywhere. Pulse Connect Secure is the most widely deployed SSL VPN for organizations of any size, and across every major industry, to enable productivity through seamless, protected access to applications and information. The solution offers Zero Trust-based secure access through integrated user, device and security state authentication and robust connection sets that ensure compliant pre- and post-connect access to hybrid IT infrastructure.

Pulse Connect Secure includes Pulse Secure Clients and the AppConnect SDK. Pulse Clients are dynamic, multiservice network clients, which can be implemented agent or agentless, for mobile and personal computing devices. Pulse Clients can be simply deployed, enabling users to quickly “click and connect” from any device, anywhere. Pulse Secure AppConnect SDK delivers per application SSL VPN connectivity for iOS and Android clients, enabling IT departments to create an even more transparent and secure mobile app experience for their users.

The Institute for the Analysis of IT components (IAIT), an independent testing laboratory based in Germany, examined Pulse Connect Secure under real-world conditions through a series of testing scenarios. The highly detailed, nine-page report covers 16 core functions ranging from initial configuration, policy development, through enterprise onboarding, host checking functionality, FQDN split tunnelling, multi-factor authentication, as well as data center and cloud Single Sign On along with interoperability with a range of third-party applications.

The complete review is available here.

Pulse Secure Expands Zero Trust Security For IoT

Posted in Commentary with tags on December 6, 2018 by itnerd

Pulse Secure, the leading provider of Secure Access solutions to both enterprises and service providers, today announced the release of Pulse Policy Secure (PPS) 9.0R3 to extend its Zero Trust Security model to IIoT devices and smart factories. The new version enables factories to streamline machinery repairs and diminish costly production downtime through IT-managed secure access. It also secures networks by expanding its behavioral analytics to IoT devices, detecting anomalies and preventing their compromise.

 

Pulse Policy Secure (PPS) is an integral part of Pulse Secure’s combined VPN and NAC solution that provides corporate networks with Zero Trust Security through visibility, “comply to connect” policy enforcement and security orchestration with popular network and security infrastructure. PPS dynamically profiles the network to discover, classify and apply policy to IoT devices, and includes a built-in IoT device identification library.  The solution also integrates with Next Generation Firewall (NGFW) solutions to provide identity and device security state data, as well as to fortify micro-segmentation to isolate and manage IoT devices on enterprises networks.

PPS 9.0 extends the Zero Trust Security model to IIoT devices used in smart factories and buildings, with blended IT and OT environments. It automatically discovers and profiles IIoT systems, such as factory floor SCADAs, PLCs and HMIs, or office building HVAC systems, providing dynamic visibility and securing them by enforcing policies for local and remote access by authorized users and contractors. PPS 9.0 also automatically provisions IIoT devices to next-generation firewalls (NGFWs) to facilitate remote access without provisioning overhead.

The latest release of PPS also provides sophisticated behavioral analytics that alert security teams of anomalous IoT device behavior and automatically requires added factors of authentication. PPS 9.0 builds baseline behavior profiles for managed and unmanaged IoT devices utilizing information correlated from multiple sources such as NetFlow, user and device data. With these profiles, the platform detects anomalous activity, malware infections and domain generation attacks, allowing security teams to be more responsive to threats and take preemptive measures before attacks succeed.

The new PPS 9.0 IoT support also provides practical relief for the frequent and costly issue of factory floor equipment outages. Aberdeen recently reported that 82 percent of companies reported unplanned downtime in the past three years, which can cost a company as much as $260,000 an hour.

The resulting downtime breaks production and lowers profit, because factory floor repairs often take days when security requirements mandate that service technicians physically visit the factory to diagnose and repair the problem. The latest PPS release works seamlessly with Pulse Connect Secure to solve the problem in an innovative way. The combined NAC and VPN approach enables IT teams to grant remote secure access—authenticated and encrypted—to support contractors for expedited repair and return to service of factory IIoT systems for greater uptime and productivity. IT teams ensure security with remote zero-trust access via auto-provisioned NGFWs, and by enforcing security policies that authenticate contractors based on their technician role, endpoint device status and authorization to work on the targeted IIoT device.

Availability

The latest features of Pulse Policy Secure 9.0 are available on physical or virtual Pulse Secure Appliances (PSA). Existing customers with PSA appliances under PPS subscription or software maintenance can readily upgrade at no charge. PPS on a virtual appliance with a three-year subscription starts at $31,000 MSRP for 500 concurrent connections. Pulse Connect Secure customers can cost-effectively extend their VPN investment to include network visibility, access control and mobile security with the Pulse Access Suite.

Those interested in learning more on the topic are invited to register for the January 8th, 1 p.m. EST webinar, “Zero Trust Secure Success for the Industrial Internet of Things.”

Also available is a  blog, “Pulse Secure Access for Industrial Internet of Things (IIoT),” authored by James Tolosa, senior product marketing manager at Pulse Secure.

 

Pulse Secure Earns Spot on Elite 2018 Red Herring List Of Top 100 Global Private Tech Startups

Posted in Commentary with tags on November 1, 2018 by itnerd

Pulse Secure today announced that the company has been recognized as one of the leading private technology startups in the elite 2018 Red Herring Top 100 Global ranking.

Digital transformation has forced IT organizations to further empower end-user computing and deliver dynamic provisioning of always-on access to business applications and information. This trend has increased endpoint and IoT threats, compliance exposures and operational expenditures – requiring organizations to reassess their technology stack that comprises Secure Access. Pulse Secure provides an integrated suite of software-driven Secure Access solutions that allow organizations to take advantage of hybrid IT in a zero-trust world.

Pulse Secure offers a simple, comprehensive and integrated set of Secure Access solutions spanning remote virtual private network (VPN) and cloud access security; mobile device management (MDM), network visibility, IoT security and network access control (NAC); and virtual application delivery control (ADC). Available as part of its Pulse Access Suite, the award-winning solutions allows organizations to ensure user experience while offering centralized management, real-time visibility and adaptive protection to mitigate data center virtualization and cloud computing access risks.

Enterprise Management Associates (EMA) recently distinguished Pulse Secure as a “Top Three” Secure Access vendor and the only vendor, among more than 60 assessed, to achieve the highest ratings across Hybrid IT categories. Frost & Sullivan also recently recognized Pulse Secure as being among the top four major NAC leaders in the SMB to Large Enterprise Segment by market share.

Red Herring’s Top 100 Global list has become a mark of distinction for identifying promising companies and entrepreneurs. Red Herring editors were among the first to recognize that companies such as Facebook, Twitter, Google, Yahoo, Skype, Salesforce.com, YouTube and eBay would change the way we live and work.

Red Herring’s editorial staff evaluated the companies on both quantitative and qualitative criteria, such as financial performance, technology innovation, management quality, strategy and market penetration. This assessment of potential is complemented by a review of the track records and standing of startups relative to their peers, allowing Red Herring to see past the “buzz” and make the list a valuable instrument of discovery and advocacy for the most promising new business models from around the world.

For more information, visit Pulse Secure online or download information on the award-winning Pulse Access Suite.

Pulse Secure launches new MSSP packaging for Secure Access Suite

Posted in Commentary with tags on October 25, 2018 by itnerd

Pulse Secure today announced the launch of new packaging of its award-winning Pulse Access Suite for Managed Security Service Providers (MSSPs). The solution offers service providers an accelerated, cost-effective means to differentiate and build out their service portfolio to meet the massive demand for protected connectivity to cloud applications and hybrid IT resources.

Pulse Secure offers a comprehensive, integrated and highly interoperable set of Secure Access solutions spanning remote, mobile and cloud access security; network visibility and access control; and application delivery. The suite allows service providers to extend lucrative access protection, endpoint compliance, threat response and availability services for the data center, hosted in the cloud or running as SaaS.

The service provider packaging optimizes capital expenditure through an on-demand, pay-per-use model. MSSPs can spin up or spin down virtual Secure Access instances and licenses at a cost based on the number of concurrent monthly users. On-demand provisioning and tiered, user-based pricing gives service providers needed flexibility for customer onboarding, growth spurts and business downturns.

According to a recent Gartner report, the Managed Security Services (MSS) market “constitutes approximately 60 percent of the overall security outsourcing market that will generate $18.7 billion revenue in 2017, growing at a CAGR of 11 percent through 2021. It is important to view MSS in the context of broader security outsourcing, because large enterprises are increasingly looking for hybrid engagements that include a mix of shared and dedicated service delivery components.” Key market trends in that report include:

  • Moving beyond monitoring of only network-based security technologies, particularly the network perimeter, with increasing focus on the endpoint (e.g., managed EDR services)
  • Increasing movement toward more customized outcomes for buyers
  • Buyer demand for capabilities to monitor popular SaaS applications, and public cloud service providers and IaaS

As enterprises are seeking more complete offerings from fewer managed security service providers, MSSPs in turn are seeking to expand service scope while reducing business risk and operational complexity. In comparison to working with point solutions that are limited due to custom integration, disparate management and licensing constraints, Pulse Secure uniquely offers MSSPs integrated Virtual Private Network (VPN), Enterprise Mobile Management (EMM), Network Access Control (NAC) and virtual Application Delivery Controller (ADC) solutions within a unified management framework for data center and hybrid IT implementation.

Availability

MSSP packaging including user-based licensing will be available to authorized channel partners at the end of November through Pulse Secure’s global distributors. The Pulse Secure Access Suite for MSSPs’ list price starts at $6 USD MSRP per concurrent user per month for the first 500 users with higher discounts available for larger user counts. The solution includes a multi-tenant, centralized management system and licensing server that gives MSSPs operational oversight while also providing clients with dashboard visibility. The solution includes virtual appliance form factors for VMware, KVM and Hyper-V, and supports deployment in hosted cloud environments such as Microsoft Azure and Amazon AWS.