Pulse Secure - User Case Studies -KONICA MINOLTA, INC.- Security Business -Macnica

Security business menu

Security business
HOME

To be elected
cause

Service

Handling Manufacturer

Examples/reports/
Blog/Glossary

Seminar/
video on demand

TOP

Products/Services

product
- Connect Secure series
- Collaborative products

Specifications/Technical Information

Specifications/Technical Information

solution

solution
- Connect Secure Series Solutions - Zero Trust/SSL-VPN/Remote Access Solutions
- Connect Secure Series Solutions - PulseSecure SDP for Zero Trust Model

User stories

support

- Macnica Support

Seminar content

seminar

Document request

inquiry

Event/Seminar

video on demand

Ivanti (formerly PulseSecure)

Ivanti

KONICA MINOLTA, INC.

Important [Regarding Vulnerability Fix Version]

A vulnerability affecting Pulse Secure products has been confirmed. For each vulnerability, countermeasures have already been implemented depending on the specific version, so please be sure to upgrade to the vulnerability fixed version.
Click here for details

click here to download

Selected Pulse Secure virtual version for work style reform
Rebuild a secure remote work environment at a low cost
Enhanced access governance and significantly reduced operational load

POINT

Integrate multiple SSL-VPN physical appliances into a highly scalable virtual version to reduce operational load
Significantly reduce initial installation costs with subscription-based investment
Terminal authentication by certificate and user authentication by SSO by SAML linkage are realized.
Enhanced security to remove access restrictions and improve the convenience of external operations

KONICA MINOLTA, INC. (hereafter, Konica Minolta) has updated and integrated its aging SSL-VPN products and existing remote access services, in order to realize comfortable and safe remote work. Adopting Pulse Secure's SSL-VPN virtual appliance integrates multiple distributed systems, strengthens secure access governance, and significantly reduces operational burden to build a secure remote work environment at low cost. did.

	KONICA MINOLTA, INC. IT Planning Department IT Security Group deputy manager Mr. Atsushi Yamada
	Konica Minolta Information Systems Co., Ltd. System Development and Service Headquarters Operation Engineering Department Mr. Takamitsu Isoe

Distributed implementation of multiple SSL-VPNs within a group
Aging and end of support are big challenges

Konica Minolta, which was established in 2003 through the merger of two companies with camera and film technologies, operates in 150 countries around the world in a wide range of fields, including information equipment, industrial optical systems, and medical diagnostic imaging systems. , provides high-quality and highly original products and solutions.

In order to put into practice its corporate vision of being a “work style design company,” the company took the opportunity of the relocation of its headquarters in 2014 to strengthen organizational responsiveness by revitalizing internal communication, and to create an office that transforms the way people work. A style reform project is underway.

One of these efforts is the realization of comfortable and safe remote work (remote access). However, there were many problems with the previous remote access environment, explains Atsushi Yamada, Deputy Manager of IT Security Group, IT Planning Department, Konica Minolta.
“The world is rapidly shifting to cloud services, and the Company is also using the cloud for various services under the cloud-first policy. We were in a situation where we had to guarantee

In the Konica Minolta Group, the head office utilizes SSL-VPN physical appliances and user billing remote access services, and domestic sales companies introduce different SSL-VPN physical appliances. Distributed operation was also a major issue in terms of management and operation.

Furthermore, until now, it was possible to access the company's internal system from devices other than company-issued PCs and smart devices, so the goal was to take the opportunity of updating the remote access tool to set strict restrictions on the devices used for remote work. It says.

Significantly reduce initial costs with subscription-based investment

Regarding the renewal of the remote access environment, Mr. Yamada said, "Instead of physical appliances, which take a long time to amortize, virtual versions, which can incorporate the latest technology in a short cycle and are highly scalable, are more suitable for the work style transformation that the Company are aiming for. Furthermore, since the virtual version is based on a subscription-based billing system, we were able to significantly reduce the initial introduction costs, which also had the advantage of being treated as an expense rather than an asset.”

After issuing an RFP in March 2017 and examining proposals from multiple vendors, the company selected Pulse Secure's virtual appliance "PSA-V Series" (Pulse Secure).

There are four main elements that focused on Pulse Secure. The first is the realization of terminal authentication using certificates. The second is device authentication with single sign-on (SSO) through SAML linkage. The third is to use the host checker function and anti-virus software check. And the fourth is the split tunnel function. Split tunneling is a function in which only communications addressed to a specified network host pass through the VPN tunnel, and other communications such as access to the Internet do not pass through the VPN tunnel. It optimizes the bandwidth of SSL communication and at the same time improves user convenience.

In addition, Takamitsu Isoe of the Operation Technology Department of the System Development and Service Division of Konica Minolta Information Systems Co., Ltd. says that the benchmarks for the cloud authentication infrastructure that the entire Macnica group has built in-house were extremely helpful. "the Company have been implementing cloud authentication using the ID linkage/single sign-on product 'PingFederate' and the load balancing/wide area load distribution system 'Citrix NetScaler' for user authentication. In the future, we will link these with Pulse Secure. We plan to use it for authentication with cloud services such as Office Macnica also practices cloud authentication with almost the same system configuration, so it will be a great reference as a familiar success example.''

SSO authentication through SAML linkage improves business convenience while ensuring security

Konica Minolta introduced Office 365 in September 2017, and Pulse Secure virtual appliance in October. Sales companies in Japan have started operation in advance.

Commenting on the process, Mr. Yamada said, ``In implementing Pulse Secure this time, one challenge was to implement SSO through SAML collaboration, but we were particular about creating the simplest connection method possible to avoid burdening users. It was a difficult undertaking, but Macnica 's SE ultimately simplified the process so that it could be accessed with just a few clicks.I am very grateful.''
Redundancy was implemented in February 2018, and Pulse Secure began full-scale operation in June. Currently, the target users for remote work are approximately 6,000 applicants, including Konica Minolta Group employees and employees stationed overseas, and the number of simultaneous connections is set at 1,000 users. Governance has also been strengthened by allowing only company-managed mobile PCs and smartphones to be used.

After the start of operation, safe remote access was realized, and convenience was greatly improved compared to the previous remote access environment. In addition, although direct remote access to the core system (ERP) and file server was previously prohibited, the security level was strengthened after the introduction of Pulse Secure. It is said that business has become very efficient and convenience has also improved.
Mr. Isoe says, "In the past, multiple SSL-VPN products and remote access services were distributed and operated, so the management burden was heavy. I really feel the convenience of being able to manage everything from one console.”

Mr. Yamada also says, "It is a great achievement that we chose Pulse Secure's virtual appliance and realized a secure remote access environment at low cost."

Going forward, the company plans to quickly implement the split tunnel function, which it has been focusing on since the beginning, with the aim of avoiding congestion in internal network traffic. In addition, in anticipation of BCP (Business Continuity Plan)/DR (Disaster Response) in the event of a disaster or situation where commuting is impossible, we have developed an ICE service that can instantly expand the number of users who can connect to the limit only in an emergency. The company is also considering introducing an "In Case of Emergency" license.
Mr. Yamada says that for Konica Minolta, which is promoting work style reform, there is no end to maintaining and strengthening security levels. I have high hopes for Macnica 's proposal and support capabilities."

User Profile

KONICA MINOLTA, INC.
location	2-7-2 JP Tower, Marunouchi, Chiyoda-ku, Tokyo 100-7015
Introduction time	November 2017
URLs	https://www.konicaminolta.com/
"Office Business" including IT Services & Solutions; "Professional Print Business" including industrial printing and production printing; "Healthcare Business" including diagnostic imaging and medical IT;・Equipment business” is the main business area. Currently, 80% of both sales and number of employees have developed into a global company overseas. In the future, we aim to evolve into a “problem-solving digital company” that utilizes image imaging technology.