Cybersecurity specialist at a tech services company with 1,001-5,000 employees
Reseller
Jan 5, 2022
I have worked on Pulse VPN (Now Ivanti), can say it will beat OpenVPN any day. With Palo Alto there are advantages with Pulse, it being a dedicated VPN solution, has purpose-built hardware. And from a software features perspective, it has a best-in-class Host Checker (also known as compliance or posture checker).
So, any user that connects remotely must also comply with specific IT policies.
Say, Antivirus firmware version should be no more than N-3, and the last scan within last 10 days, PC must be from a specific domain, should have or not have certain processes/applications running, while connecting over VPN.
This check will happen before and you can either block or alert users that they are not compliant. Also, post connection it can continuously run checks and let's say the moment a banned application is opened, they are disconnected.
And it also ensures the user is highly likely a genuine user that someone who somehow managed to get employee credentials. So you are doing identity + device check using one feature.
Ivanti comes from a strong endpoint and asset management background and has integrated a lot of endpoint-specific features in the VPN solution - Connect Secure. I haven't worked on it, but the new firmware is said to have automated workflows for day-to-day tasks, to improve operational efficiency, something every solution must have in the next decade.
SSL VPN provides secure remote access to a company's network using Secure Sockets Layer protocol, ensuring data encryption and security. It is crucial for organizations needing secure mobile and remote connections for their employees.SSL VPN allows for seamless remote network access without the need for client-side software installation. This makes it convenient for users to connect from any device, significantly enhancing productivity and flexibility. Feedback from IT professionals...
I have worked on Pulse VPN (Now Ivanti), can say it will beat OpenVPN any day. With Palo Alto there are advantages with Pulse, it being a dedicated VPN solution, has purpose-built hardware. And from a software features perspective, it has a best-in-class Host Checker (also known as compliance or posture checker).
So, any user that connects remotely must also comply with specific IT policies.
Say, Antivirus firmware version should be no more than N-3, and the last scan within last 10 days, PC must be from a specific domain, should have or not have certain processes/applications running, while connecting over VPN.
This check will happen before and you can either block or alert users that they are not compliant. Also, post connection it can continuously run checks and let's say the moment a banned application is opened, they are disconnected.
And it also ensures the user is highly likely a genuine user that someone who somehow managed to get employee credentials. So you are doing identity + device check using one feature.
Ivanti comes from a strong endpoint and asset management background and has integrated a lot of endpoint-specific features in the VPN solution - Connect Secure.
I haven't worked on it, but the new firmware is said to have automated workflows for day-to-day tasks, to improve operational efficiency, something every solution must have in the next decade.