DATASHEET

Pulse Connect Secure

Next-Gen Secure Access for Today’s
Zero-Trust Networks

Product Description
Product Overview Enterprises and service providers have the difficult challenge of providing location-
anddevice-independent network connectivity that is secure and capable of controlling
With the digital world, the
resource access for authorized users. Breaches and threats continue to spiral out of
secure access world has
control, and increasing numbers of employees and users want to use their own personal
become complex, with the
productivity solutions. Pulse Connect Secure provides secure, authenticated access for
greatest impact from the
remote and mobile users from any web-enabled device to corporate resources—any-
consumerization of IT. BYOD
time, anywhere. It is the most widely deployed SSL VPN for organizations of any size,
and cloud has increased
across every major industry.
the need for anywhere
access from devices, both
Pulse Connect Secure includes Pulse Secure Clients and the AppConnect SDK. Pulse
personal productivity (laptop,
Clients are dynamic, multiservice network clients for mobile and personal computing
smartphones, smartpads)
devices. Pulse Clients are simply deployed, enabling users to quickly “click and connect”
or IP-enabled (printers,
from any device, anywhere. Pulse Secure AppConnect SDK delivers–per–application SSL
cameras, phones), to data
VPN connectivity for iOS and Android clients, enabling IT to create an even more trans-
or applications that reside in
parent and secure mobile app experience for their users.
the traditional datacenter or
cloud. Pulse Connect Secure is
the key component to Pulse’s Architecture and Key Components
Secure Access solution. Pulse
Connect Secure provides a Pulse Connect Secure is available on Pulse PSA Series Appliance Family, as
seamless, cost-effective, SSL hardware(Pulse PSA Series) or as a virtual appliance (PSA-V Series) as noted below.
VPN solution for remote and
• PSA3000 Pulse Secure Appliance: Fixed configuration, rack-mount appliance ideal
mobile users from any web-
for small and mid-size businesses, supporting up to 200 SSL VPN concurrent users.
enabled device to corporate
resources— anytime, • PSA5000 Pulse Secure Appliance: Fixed configuration appliance ideal for scalable
anywhere. mid-size businesses, supporting up to 2,500 SSL VPN concurrent users.

• PSA7000 Pulse Secure Appliance: Fixed configuration appliance ideal for meeting
the highest scalability needs of large businesses, supporting up to 25,000 SSL VPN
concurrent users.

• Virtual Appliances (PSA-V Series): VMware, KVM, Hyper-V, AWS and Microsoft Azure
appliances for scalable elastic deployment of SSL VPN services.

• Pulse Secure Virtual Appliances (PSA-V Series) include:

• PSA3000-V: Supporting 2 vCPU cores and up to 200 users.

• PSA5000-V: Supporting 4vCPU cores and up to 2500 users.

• PSA7000-V: Supporting 8 vCPU cores and up to 25000 users.

For more details on PSA Series Appliance Family, including the specifications and
ordering information of each model, please refer to the Pulse PSA Series Appliance
datasheets.
Pulse Secure Clients
Pulse Clients securely connect users to networks, both data center and cloud. Wrapped in an extremely user-friendly package, Pulse
Clients dynamically enable the appropriate network and security services on users’ endpoints. Users are not distracted from their
work activities to figure out what network they are on or what service to enable. With Pulse Secure, the connection just works, helping
to deliver the productivity promised by mobile devices. Pulse Client delivers dynamic access control, seamlessly switching between
remote (SSL VPN) and local (NAC) access control services on Microsoft Windows devices. Pulse Client also enables comprehensive
endpoint security posture assessment for mobile and desktop computing devices, and quarantine and remediate, if necessary.

The digital world continues to create workforce productivity beyond BYOD. More enterprises are combining apps and across data
center and cloud resources to meet growing demand and productivity. The result is a hybrid approach blending private and public
IT architectures. Learn how to embrace Hybrid IT with Pulse Cloud Secure and have the capabilities to blend cloud and datacenter
access into a seamless user experience for your next generation workforce. Additional details about Pulse Cloud Secure is available:
https://www.pulsesecure.net/connect-secure/overview/

Features and Benefits

Table 1: Key Features of Pulse Connect Secure
FEATURE FEATURE DESCRIPTION

• Dual-transport (SSL + Encapsulating Security Payload) full Layer 3 VPN connectivity with granular
Layer 3 SSL VPN access control.
• “Always on VPN” & “VPN Only Access” modes for Compliance.

• Client/server proxy application that tunnels traffic from specific applications to specific
Application VPN destinations (available for Windows devices only).
• “On Demand VPN” and “Per App VPN”, for seamless & secure end user experience.

Layer 7 Web single sign-on (SSO) • Allows end users to authenticate to the network through a Layer 3 tunnel, while simultaneously
via SAML enjoying SSO to Web applications accessed through their browser via SAML SSO support.

• Smooth roaming from remote access to local LAN access (Pulse Policy Secure).
Optimized end-user experience • Single Sign On (SSO) for rapid, secure access from remote or onsite locations (via integration
with Pulse Cloud Secure and Pulse Policy Secure)

Stateful endpoint integrity and • Assess and remediate end user devices prior to authentication with easy policy definition.
assessment • ”Windows 10 (Desktop & Mobile), Mac OS X, Apple iOS, and Android.

• Full range of split tunneling options are configurable, including support for individual IP
addresses as well as FQDN.
Split tunneling options • Includes enable and disable functionality with overriding route capability and route monitoring.
• Pulse AppConnect enables IT to integrate per-application SSL VPN connectivity for maximum
data security and user transparency.

• Users can easily launch SSL VPN via their Web browser, or directly from their desktop.
Flexible launch options
• Auto Connect feature allows devices to automatically connect to VPN, either at the time when
(standalone client, browser-based
the machine starts or user logs on.
launch)
• VPN on demand feature leverages OS capabilities for auto triggering VPN, seamlessly in the
background, when an approved application needs corporate access.

Supports Pulse Cloud Secure • Blend cloud and datacenter access into a seamless user experience for next generation
Solution workers.
• Ability to add compliance rules for hybrid DC access.

Preconfiguration options • Administrators can preconfigure a Pulse Secure deployment with a list of gateways for end users
(Windows and Mac only) to choose from.

• Administrators can deploy Pulse Secure for remote user authentication using a wide array
of authentication mechanisms, including hardware token, smart card, soft token, Google
Authentication options
Authenticator, one-time passwords and certificate authentication.
• SAML authentication, for delegating user authentication to an Identity Provider.

www.pulsesecure.net
 RDP/Telnet/SSH sessions using
• 100% clientless access using HTML5 browsers.
HTML5

VMware Horizon and Citrix XenApp/ • Pulse Secure supports the latest versions of VMware and Citrix. For specific details, consult our
XenDesktop VPN Supported Platforms Guide available at www.pulsesecure.net/techpubs

• Enables the administrator to select specific ciphers over those pre-configured for highly secure
Granular SSL Cipher Configuration
compliance.

REST API • A comprehensive REST-based API for programmatic access to the appliances.

End-to-End Layered Security

Pulse Connect Secure provides complete end-to-end layered security, including endpoint client, device, data, and server layered
security controls.

Table 2: End-to-End Layered Security Features and Benefits

FEATURE FEATURE DESCRIPTION Benefits
• Endpoint devices can be checked prior to and • Ensures that endpoint devices meet corporate
during a remote access session to verify an security policy requirements before being granted
acceptable device security posture requiring network access.
installed/running endpoint security applications
• Remediates devices and quarantines users, when
(antivirus, personal firewall, etc.), as well as check
for IT-required Operating System versions, patch necessary.
level, browser type, and many other requirements. • Can ensure that no potentially sensitive data is left
• Custom-built checks for specialized customer behind on the endpoint device.
Host Checker
requirements are also supported.
• Noncompliant endpoints can be quarantined,
denied access, or granted access, depending on
administrator defined policies.
• Whenever possible, Host Checker automatically
remediates noncompliant endpoints by updating
software applications that do not comply to
corporate security policies.
Trusted Network • Allows interoperability with diverse endpoint • Enables customers to leverage existing investments
Connect (TNC) security solutions from antivirus to patch in endpoint security solutions from third-party
support in Host management to compliance management vendors
Checker solutions.
• Ensure all traffic from endpoints is sent over the • Enables organizations to enforce security,
Always-On VPN tunnel which is set up automatically when an compliance and visibility on all traffic from
Internet connected is detected. endpoints even when they are not on-prem.

Ease of Administration
In addition to enterprise-class security benefits, Pulse Connect Secure has a wealth of features that make it easy for the administrator
to deploy and manage.

Table 3: Ease of Administration Features and Benefits

FEATURE FEATURE DESCRIPTION Benefits
Mobile Device • Enables consolidated reporting and dashboards for • Extend MDM investments to gain comprehensive
Management simplified management. endpoint visibility and support additional mobile
(MDM) integration • Leverages MDM attributes for more intelligent and use cases.
(available with centralized policy creation.
Pulse Workspace, • Facilitates transparent “no touch” MDM-based
Microsoft Intune, deployment of Pulse Clients to iOS and Android
AirWatch, devices.
MobileIron)
• A mobile browser for securely accessing corporate • IT does not have to worry about deploying and
web applications, without the need of installing / managing VPN on mobile devices. End user does
managing / launching a VPN client. not have to worry about launching VPN. Seamless
Secure Browser
end user experience where a user launches
browser and accesses his resources, as he would
normally expect to.

www.pulsesecure.net
 • Embeds Pulse Secure Per-App VPN SDK into SAP’s • Provides transparent, secure data center
Secure Access for
Fiori mobile applications. connectivity for SAP services through the existing
SAP Applications
Pulse Secure VPN appliance.
Integration • Ability to support SecurID, Security Assertion • Leverages existing corporate authentication
with strong Markup Language (SAML) including standards methods to simplify administration.
authentication and based SAML v2.0 support, and public key
identity and access infrastructure (PKI)/digital certificates.
management (IAM)
platforms
• Supports federated PKI deployments with client • Enables customers who use advanced PKI
certificate authentication. Bridge CA is a PKI deployments to deploy the Pulse Secure Appliances
extension (as specified in RFC 5280) to cross-certify to perform strict standards-compliant certificate
Bridge Certification
client certificates that are issued by different trust validation—before allowing data and applications
Authority (BCA)
anchors (Root CAs). to be shared between organizations and users.
support
• Also, enables customers to configure policy
extensions in the admin UI, to be enforced during
certificate validation.
• Ability to host different virtual extranet websites • Saves the cost of incremental servers.
Multiple hostname from a single appliance. • Eases management overhead.
support • Provides a transparent user experience with
differentiated entry URLs.
• View and control enterprise access to the data • Quick access to dynamic information and reports.
Intuitive center and cloud from one console. (Reference • Customizable layouts via drag and drop
Dashboard Design Diagram 1) functionality.

Customizable user • Creation of completely customized sign-on pages. • Provides an individualized look for specified roles,
interface streamlining the user experience.
• With Pulse One, configuring, updating, and • Enables companies to conveniently manage,
monitoring PSA Series Appliances Family under configure, and maintain PSA or Series Appliances
Pulse One
a centralized management console with the Family along with Pulse Workspace from one
Compatible
capabilities of a single device/cluster or across a central location.
global cluster deployment.
• Enhanced support for non-JAVA based browsers. • Support for latest generation browsers (Apple,
Pulse Application
Microsoft, Google, Firefox, etc) that do not support
Launcher (PAL)
Java and Active X.

Diagram 1 - Dynamic UI for Pulse Connect Secure, Version 8.2

www.pulsesecure.net
Rich Access Privilege Management Capabilities
Pulse Connect Secure provides dynamic access management capabilities. When users log into Pulse Connect Secure, they pass
through a pre-authentication assessment, and are then dynamically mapped to the session role that combines established network,
device, identity, and session policy settings. Users have access only to those resources that are deemed necessary for that session,
according to administrator-defined policies.

Table 4: Access Privilege Management Features and Benefits

FEATURE FEATURE DESCRIPTION Benefits
• Combines network, device, and session attributes • Enables the administrator to provision by purpose
Dynamic role
to determine which types of access are allowed. for each unique session.
mapping
• A dynamic combination of attributes on a per-
with custom
session basis can be used to make the role
expressions
mapping decision.
• Seamlessly provision SSL VPN user sessions into • Provides users, whether remote or local, seamless
NAC sessions upon login. access with a single login to corporate resources
SSL VPN federation
• Since session data is shared between the Pulse that are protected by access control policies.
with NAC
Secure Appliances for SSL VPN and NAC, users • Simplifies the end user experience.
(Pulse Policy
need to authenticate only one time to get access in
Secure)
these types of environments.

Support for RSA • RSA Authentications Manager 8.1 enables Risk • Offer another authentication layer option via email
Authentication Based Authentication. account.
Manager
• Enables multi-factor authentication using • Leverage ubiquitous smart phones to roll
Standards based smartphones out a cost-effective and self-serve two-factor
built-in Time- authentication mechanism, where one time
based One-Time passcodes are generated by a mobile app.
Password (TOTP) Implemented based on RFC6238

• Allows remote users to launch multiple remote • Enables remote users to have multiple
access sessions. authenticated sessions open at the same time,
Multiple sessions
such as when accessing VPN from a laptop and
per user
from a smartphone simultaneously.

• Supports synchronization of user records such • Ensures a consistent experience for users who
as user bookmarks across different Pulse Secure often travel from one region to another and
User record
Appliances. therefore need to connect to different Pulse Secure
synchronization
Appliances running Pulse Connect Secure.

• Provides predefined HTML pages that are • Provides mobile device users with a simplified
Mobile-friendly SSL customized for mobile devices, including Apple and enhanced user experience and webpages
VPN login pages iPhone and iPad, Google Android, and Nokia customized for their device types.
Symbian devices.

Flexible Single Sign-On (SSO) Capabilities

Pulse Connect Secure offers comprehensive single sign-on (SSO) features. These features increase end user productivity, greatly
simplify administration of large diverse user resources, and significantly reduce the number of help desk calls.
Table 5: Flexible Single SSO Features and Benefits
FEATURE FEATURE DESCRIPTION Benefits
• SAML 2.0-based SSO to a variety of Web • Single sign-on to a user’s Web and cloud-based
applications, including many of today’s most applications, simplifying the user’s connectivity
popular Software as a Service (SaaS) applications experience.
such as Salesforce.com and Google Apps.
SAML single sign-
• Includes SSO functionality, even when connecting
on for cloud and
via a Pulse Connect Secure Layer 3 VPN tunnel,
Web applications
which is unique in the industry.
access
• Pulse Connect Secure supports deployments as
both an SAML Identity Provider (IdP) and as a SAML
Service Provider (SP).

www.pulsesecure.net
 • Support for Kerberos Constrained Delegation • Eliminates the need for companies to
protocol. manage static passwords resulting in reduced
• When a user logs into Pulse Connect Secure with administration time and costs.
a credential that cannot be proxied through to
the backend server, the gateway will retrieve a
Kerberos Kerberos ticket on behalf of the user from the
Constrained Active Directory infrastructure.
Delegation • The ticket will be cached on Pulse Connect Secure
throughout the session.
• When the user accesses Kerberos-protected
applications, the Appliance will use the cached
Kerberos credentials to log the user into the
application without prompting for a password.
Kerberos SSO and • Pulse Connect Secure will automatically • Simplifies the user experience by eliminating users
NT LAN Manager authenticate remote users via Kerberos or NTLMv2 entering credentials multiple times to access
(NTLMv2) support using user credentials. different applications.
• Standards-based interface for extensive integration • Leverages existing servers to authenticate users.
Password
with password policies in directory stores (LDAP, • Users can manage their passwords directly
management
AD, and others). through the Pulse Connect Secure interface.
integration

• Allows users to access other applications or • Alleviates the need for users to enter and maintain
Web-based
resources that are protected by another access multiple sets of credentials for web-based and
SSO basic
management system without reentering login Microsoft applications.
authentication and
credentials.
NTLM

Web-based SSO • Ability to pass user name, credentials, and other • Enhances user productivity and provides a
forms-based, customer defined attributes to the authentication customized experience.
header variable- forms of other products and as header variables.
based, SAML-
based

Provision by Purpose
Pulse Connect Secure includes different access methods. These different methods are selected as part of the user’s role, so the
administrator can enable the appropriate access on a per-session basis, taking into account user, device, and network attributes in
combination with enterprise security policies.

Table 6: Provisioning Features and Benefits

FEATURE FEATURE DESCRIPTION Benefits
• Single, integrated, remote access client that can • Pulse Client replaces the need to deploy and
also provide LAN access control, and dynamic VPN maintain multiple, separate clients for different
Pulse Secure Client
features to remote users. functionalities such as VPN and LAN access control.
• The end user simply “clicks and connects.
• Secure access to many different types of web- • Provides the most easily accessible form of
based applications, including many of today’s most application and resource access from a variety of
common Web applications such as Outlook Web end user devices with extremely granular security
Access, SharePoint, and many others. control options.
Clientless core
• Remote Desktop Protocol (RDP) access in Pulse • Completely clientless approach using only a web
Web access
Connect Secure can be delivered over HTML5, via browser.
third-party RDP, through a WebSockets translator
such as Ericom (www.ericom.com).

• Allows remote users to connect from any mobile • Full L3 VPN support for new devices that support
device that supports Internet Key Exchange (IKEv2) IKEv2 but for which a Pulse Secure client is not yet
IPsec/IKEv2
VPN connectivity. available.
support for mobile
• Administrator can enable strict certificate or
devices
username/password authentication for access via
IPsec/IKEv2.
• Allows interoperability with VMware View Manager • Provides remote users seamless access to their
to enable administrators to deploy virtual desktops virtual desktops hosted on VMware servers.
Virtual Desktop with Pulse Connect Secure. • Provides dynamic delivery of the VMware View
Infrastructure (VDI) client, including dynamic client fallback options,
support to allow users to easily connect to their virtual
desktops.

www.pulsesecure.net
 • Provides secure access connectivity (strong • Enables customers to allow a large number of
encryption + certificate authentication) from mobile users (including employees, contractors, and
devices (such as iOS or Android devices) to the partners) to access corporate resources through
ActiveSync Proxy Exchange Server via proxy, with no client software mobile phones via ActiveSync.
installation.
• Enables up to 5,000 simultaneous sessions.

• A lightweight Java or Windows-based download • Enables access to client/server applications using

enabling access to client/server applications. just a Web browser.
Secure Application • Also provides native access to terminal server
Manager (SAM) applications without the need for a preinstalled
client.

Product Options
Pulse Connect Secure currently includes several license options for enablement on the PSA Series Appliance Family.

User License (Connect Secure - ‘CONSEC’)

Pulse Connect Secure (CONSEC) licenses are per concurrent session licenses. (Please see the Ordering Information section below for
licensing details.)
CONSEC licenses provide SSL VPN functionality that allows users to access the network. They fully meet the needs of both basic
and complex deployments with diverse audiences and use cases, and they require little or no client software, server changes, DMZ
buildouts, or software agent deployments. For administrative ease of managing license counts, each user license enables as many
concurrent sessions as specified in the license and they are additive. For example, if a 100 user license was originally purchased and
the concurrent user session count grows over the next year to exceed that amount, simply adding another 100 user license to the
system will now allow for up to 200 concurrent users sessions.

Key features enabled by this license include:

• The combination of core clientless access, SAM, Pulse Client/Network Connect provides secure access to virtually any
audience,from remote and mobile workers to partners or customers, using a wide range of devices from any network.

• Provision -by- purpose goes beyond role-based access controlsand allows administrators to properly, accurately, and
dynamicallybalance security concerns with access requirements.

• Advanced PKI support includes the ability to import multiple rootand intermediate certificate authorities (CAs), Online
CertificateStatus Protocol (OCSP), and multiple server certificates.

• User self-service provides the ability for users to create their ownfavorite bookmarks, including accessing their own
workstationsfrom a remote location, and even changing their passwords whenthey are set to expire.

• Multiple hostname support, for example, https://employees.company.com, https://partners.company.com, and https://employees.

company.com/engineering, can all be made to lookas though each individual user community is the only ones usingthe system,
complete with separate logon pages and customizedviews that uniquely reflect the needs and desires of that audience.

• User interfaces are customizable for users and delegatedadministrative roles.

• Advanced endpoint security controls such as Host Checker, and,cache cleaner, ensure that users are dynamically provisioned
toaccess systems and resources only to the degree that their remotesystems are compliant with the organization’s security
policies,after which remnant data is scrubbed from the user’s device sothat nothing is left behind.

High Availability Clustering Capability (No Additional License Required)

Customers have the ability to build clusters without buying any additional licenses. The clustering method can be explained in two
simple steps:

1. Simply place an equal number of user (CONSEC) licenses on each PSA Series Appliance Family.

2. When the PSA Series Appliance Family are joined together to form a cluster, all of the user licenses add up so that the cluster can
now support all of the licensed users. For example, building a cluster of 1,000 users is done by bringing together two boxes with
500 user licenses in each of the two units.

If either box fails, the remaining box inherits the full 1,000 user licenses.

www.pulsesecure.net
Clustering supports stateful peering and failover across LAN connection, so in the unlikely event that one unit fails, system
configurations (such as authentication server, authorization groups, and bookmarks), user profile settings (such as user defined
bookmarks and cookies), and user sessions are preserved. Failover is seamless, so there is no interruption to user/enterprise
productivity, no need for users to log in again, and no downtime. Please note that WAN clustering is not supported on the PSA Series
Appliance Family. Multisite clustering is supported, however, provided the sites are on a campus network with LAN-like connectivity.

ICE (In Case of Emergency) License (Optional)

SSL VPNs can help keep organizations and businesses functioning by connecting people even during the most unpredictable
circumstances—hurricanes, terrorist attacks, transportation strikes, pandemics, or virus outbreaks—the result of which could mean
the quarantine or isolation of entire regions or groups of people for an extended period of time. With the right balance of risk and
cost, the ICE license delivers a timely solution for addressing a dramatic peak in demand for remote access to ensure business
continuity whenever a disastrous event strikes. ICE provides licenses for additional users on a PSA Series Appliance Family running

Pulse Connect Secure for a limited time.
With ICE licenses, businesses can do the following:

• Maintain productivity by enabling ubiquitous access to applications and information for employees from anywhere, at any time, and
on any device

• Sustain partnerships with around-the-clock, real-time access to applications and services while knowing resources are securedand
protected

• Meet federal and government mandates for contingencies and continuity of operations (COOP) compliance

• Balance risk and scalability with cost and ease of deployment

Premier Java RDP Applet (Optional)

With the Premier Java RDP Applet option, users can remotely access centralized Windows applications independent of the client
platform (Mac OS, Linux, Windows, and so on) through Java-based technology. As a platform independent solution, the Premier Java
RDP Applet lets you use the entire range of Windows applications running on the Windows Terminal Server, regardless of how the
client computer is equipped. By centrally installing and managing all Windows applications, you can significantly reduce your total cost
of ownership. The Premier Java RDP Applet is an OEM of the HOBlink JWT (Java Windows Terminal) product created by HOB Inc., a
leading European software company specializing in Java programming.

PSA Series Appliance Family Ordering Information

MODEL NUMBER DESCRIPTION MODEL NUMBER DESCRIPTION
PSA Series Appliances PSA-V Series Appliances
PSA300 Appliance for SSL OACOAC FIPS Broadcom Wi-
VPN users or NAC users. PSA3000-V Fi Edition – 50 Clients (License
PSA300 Supports up to 200 SSL VPN Key only)
or 500 NAC concurrent user
sessions. OAC FIPS Broadcom Wi-Fi
PSA5000-V Edition – 100,000 Clients
PSA3000 Appliance for SSL (License Key only)
VPN users or NAC users.
PSA3000 Supports up to 200 SSL VPN OACOAC FIPS Broadcom Wi-
or 500 NAC concurrent user PSA7000-V Fi Edition – 50 Clients (License
sessions. Key only)

PSA5000 Appliance for SSL

VPN or NAC users Supports PSA Series Accessories**
PSA5000 up to 2,500 SSL VPN or
10,000 NAC concurrent user SKU DESCRIPTION
sessions. 4xSFP+ Transceiver modules
PSA-SFP-10GE-SR-3M + 4xCable (3m, SR,10G, up to
PSA7000 Appliance for SSL
300m).
VPN or NAC users Supports
PSA7000 up to 25,000 SSL VPN or 4xDirect Attach SFP+ to SFP+
50,000 NAC concurrent user PSA-SFP-10GE-DAC-3M
copper cable (3m).
sessions.

www.pulsesecure.net
PSA Series Appliance Family Licensing Options
ORDERING NUMBER DESCRIPTION

Connect Secure Licenses***

Add x simultaneous PCS users to Pulse PSA Appliance (x options: 10, 25, 50, 100, 250, 500, 1000, 2000,
CONSEC-xU(-zYR) 2500, 5000, 7500, 10K, 15K, 20K, or 25K concurrent sessions) Subscription Licenses (z options: 1, 2, or 3
year).

Add y simultaneous PCS users to Pulse PSA Appliance (y options: 10, 25, 50, 100, 250, 500, 1000, 2000,
CONSEC-ADD-yU 2500, 5000, 7500, 10K, 15K, 20K, or 25K concurrent sessions) Perpetual for hardware platform where
activated.

Leased Licensing Licenses

ACCESS-LICENSE-SVR Enables enterprise access appliance as a license server.

PSA-LICENSE-MBR Allows PSA appliance to participate in leased licensing.

Secure Meeting License Options

PSA-MTG-xU Add x simultaneous Secure Meeting users to Pulse PSA Appliance (x options: 25, 50, 100, 250, 500).

ICE (In Case of Emergency) License Options

PSA-ICE In Case of Emergency (ICE) license for PSA Series Appliance.

Java RDP (Remote Desktop Protocol) Applet License Options

Java RDP Applet z-Year subscription for x simultaneous users (x options: 50, 100, 250, 500, 1,000, 2,000,
ACCESS-RDP-xU-zYR 2,500, 5000, 7500, or 10K simultaneous users. RDP user license count cannot exceed the number of user
licenses) (z options: 1, 2, or 3 year subscription).

Pulse Secure Services and Support

Pulse Secure is the leader in performance-enabling services that are designed to accelerate, extend, and optimize your high-
performance network. Our services allow you to maximize operational efficiency while reducing costs and minimizing risk, achieving
a faster time to value for your network. Pulse Secure ensures operational excellence by optimizing the network to maintain required
levels of performance, reliability, and availability.

ABOUT PULSE SECURE

Pulse Secure, LLC offers software-defined Secure Access solutions that provide visibility
and easy, protected connectivity between users, devices, things and services. The company
Corporate and Sales Headquarters delivers suites that uniquely integrate cloud, mobile, application and network access control
Pulse Secure LLC for hybrid IT. More than 23,000 enterprises and service providers across every vertical rely
2700 Zanker Rd. Suite 200 on Pulse Secure to empower their mobile workforce to securely access applications and
San Jose, CA 95134
(408) 372-9600
information in the data center and cloud while ensuring business compliance. Learn more at
info@pulsesecure.net www.pulsesecure.net.
www.pulsesecure.net

Copyright 2019 Pulse Secure, LLC. All rights reserved. Pulse Secure, Pulse Secure logo,
and Pulse SDP are registered trademarks of Pulse Secure, LLC. All trademarks, service linkedin.com/company/pulse-secure www.facebook.com/pulsesecure1
marks, registered marks, or registered service marks are the property of their respective
owners. Pulse Secure assumes no responsibility for any inaccuracies in this document. twitter.com/PulseSecure info@pulsesecure.net
Pulse Secure reserves the right to change, modify, transfer, or otherwise revise this
publication without notice.