Gordon: Trends driving network access control systems

In the lead-up to the 2018 RSA conference, Scott Gordon, chief marketing officer at Pulse Secure, shared some more details about a new product launch. In this Q&A, Gordon also discussed how multi-cloud and network edge trends are redefining network access control systems.

Explain Pulse Secure's new release and your network access control systems.

Scott Gordon: We announced a partnership with Fortinet. They have a very popular firewall -- FortiGate -- and security fabric. What we've brought to market is an integration between our network access control system, Pulse Policy Secure, and Fortinet security fabric.

If you look at the spectrum of automation, there are tons of people looking to get into it. To have security automation, you need lots of useful data and bidirectional communication. Anything that can have immediate or faster response to taking down a threat based on policy is important.

Pulse Security has a way of doing identity and endpoint intelligence for our network access control systems, offering full visibility of what's on the network and remotely accessing. We give that information to the Fortinet security fabric. FortiAuthenticator can share information with their firewall infrastructure and make a policy-based response. We can say, 'The security state of this endpoint is not good,' and block traffic from leaving the environment.

Fortinet doesn't have the identity or endpoint intelligence we have, but they dynamically block at the perimeter level. Let's say they've identified something malicious, such as a known malicious site or exfiltration of data. Fortinet blocks at the perimeter. Fortinet can then forward information to us, so we can automatically quarantine that endpoint or kick it off the network.

We're the only network access control solution in Fortinet security fabric today. Pulse Secure supports all leading next-gen firewall vendors.

Does your network access control system support legacy products?

Gordon: We use open standards. That's why companies like us -- not everyone is upgrading to the latest and greatest. For us to go to market, we've had to support HP, Juniper and Cisco switch environments. We also support firewalls and next-gen firewalls, some white box switches and even things that are free, like OpenLDAP. At the same time, we support [the] majority of SIMs [security information management] systems. Companies want to be able to leverage their investment.

How does multi-cloud change secure access systems?

Gordon: Looking at the industry, enterprises are migrating to cloud, and a lot are adopting multi-cloud. No longer are data or application and infrastructure solely in someone's network.

Now, 85% of midtier organizations are doing multi-cloud -- some on-premises on network, some in private cloud, some in public cloud [and] some SaaS. It sounds real easy. Whatever the compliance mandates and methods are to enable proper access to those devices, I can just do the same thing wherever that data resides -- whether public, private or SaaS environment.

As much as you can, you need to eliminate passwords, reconnecting and different hops, and invoke the right behavior without users knowing it.

That would be great if it were true. But what a lot of companies are forced to do is, for this application, I have to buy this technology. It creates a whole bunch of silos and indiscriminate policies. How do you get your arms around that if you're supporting compliance regulations? If I'm a CISO [chief information security officer] or CTO, now it's not just about security; it's about user experience and enablement, or else you get shadow IT.

As much as you can, you need to eliminate passwords, reconnecting and different hops, and invoke the right behavior without users knowing it. Security is enabled, and business is transformed. That's the cornerstone of Pulse Secure: seamless access between users, devices, things and services. We are helping companies to migrate to alternate mechanisms to store data and use applications.

How does this fit into a longer-term product roadmap?

Gordon: Our future direction includes many of the hybrid cloud products we deliver now. Currently, 80% of Fortune 500 enterprises use our products every day. We are constantly developing and enhancing security suites, which account for 30% of sales to SMEs, such as a cloud VPN and network profiling bundle.

We're also looking at further enabling single sign-on. No matter what the authentication requirement, we need to integrate with everything applying standards. For some organizations, when my computer is on, it must automatically effectuate VPN and authenticated access. All that should be seamless to me as a user; I'm just getting access.

We are also enabling IoT [internet-of-things] security and defending against IoT security risks. We are also enhancing areas like application delivery, SD-WAN and software-defined perimeter, as companies migrate from physical to virtual and cloud. Not everyone's going to flick a switch and change to the same model at the same time.