Modern networks experience a proliferation of connected endpoints; BYOD connectivity is now surpassed by IoT. Every additional endpoint increases the risk to be compromised and give attackers an opportunity to gain further access into the network and to corporate resources. To limit this risk, an endpoint’s security posture must always show current software security updates, virus definitions, and so on. Also, users must only be given the least amount of access necessary to perform their role.
Ivanti Policy Secure provides complete visibility and Network Access Control (NAC) for all local or remote endpoints. Its open, high-performance design helps small and large organizations easily enforce endpoint security compliance and zero trust security. The intuitive UI makes for easy administration and customizable reporting.
Policy Secure continuously enforces foundational security policies and controls network access for managed and unmanaged endpoints, including IoT. Policy Secure uses zero trust principles to manage network access by validating the user and a device’s security posture, and then connects the device with least privilege access policy.
The open platform integrates with a wide range of switching, Wi-Fi and NGFW solutions to enforce access policies. Bidirectional integration with third-party security solutions improves overall security efficacy with automated endpoint access enforcement.
Automated responses to Indicators of Compromise (IoC) reduces remediation time and streamlines administrative resources. PPS integrates with a wide range of NGFWs such as Palo Alto Networks, Checkpoint, Juniper and Fortinet, as well as SIEM solutions like IBM Qradar and Splunk. Integration with McAfee ePolicy Orchestrator (McAfee ePO) fortifies endpoint management and automated threat response. For granular OT/IIoT visibility and control, PPS integrates with Nozomi Guardian
Automatically detect, classify, profile and monitor rogue network devices and their security state.
Endpoint security posture assessment; pre and post connection – 802.1x or non-802.1x.
Automated, sponsored and time-based guest access.
Centralized, granular access policies – wizard editor, adaptive AUTH, RBAC and segmentation.
Automated onboarding, third party EMM support and Pulse MDM.
UEBA to detect IoT rogue devices, DGA attacks and MAC spoofing.