IP Performance Limited

Pulse Secure Virtual Application Delivery Controller

Pulse Secure VADC is a software based layer 7 application delivery controller (ADC) that provides fast, high performance user experience, with reliable access to websites and enterprise applications, whether they run in a public cloud, private cloud or virtualised environment, while maintaining the efficiency of web and application servers.


  • Intelligent load balancing
  • Application acceleration
  • Dynamic content caching
  • SS and compression offload
  • Service level monitoring
  • Global load balancing
  • Bandwidth management
  • Cloud bursting & balancing
  • Service automation


  • Acceleration of applications providing improved customer satisfaction & productivity
  • Reduced costs with flexible capacity management
  • Cloud based
  • Increased performance & security
  • Protection from external threats
  • Fast roll out of applications


£2430 per unit

Service documents

G-Cloud 10


IP Performance Limited

Paul White

01275 393382


Service scope

Service scope
Service constraints There are no absolute constraints. Pricing is determined by connections per second & throughput
System requirements There are no system requirements

User support

User support
Email or online ticketing support Email or online ticketing
Support response times SLAs are tailored to each customer’s needs but typically our standard response time for Severity 1 (Critical) and Severity 2 (Major) is 15 minutes.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Onsite support
Support levels Standard support which is 24/7 software only comes with the subscription service at no extra cost.
IP Performance are an approved Pulse Secure Partner in the UK and we have been working with the technology since 2008, when it was owned by Zeus. We deliver support and professional services on the product, both remotely and onsite. This support contract enables you to log/raise tickets for faults and/or request technical support from our 24/7 Technical Assistance Centre (TAC) via our online support portal, or by email/telephone.

The standard support also provides access to all ongoing vADC/STM software updates, security patches and bug fixes, as the code and product are continuously developed by Brocade.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started IP Performance engineers will assist with on-boarding through their service desk portal. Documentation is provided & training is available on-line. Onsite training is available at extra cost.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction There is no data to extract as it is a traffic load balancing service.
End-of-contract process The service is simply terminated. There are no additional costs.

Using the service

Using the service
Web browser interface Yes
Using the web interface The Pulse Secure VADC includes a web-based administration interface that provides powerful real-time and analysis and history for traffic across Pulse Secure VADC clusters. Alternatively, REST, SOAP and SNMP interfaces can be used to integrate the solution into remote management and event monitoring frameworks for automation of ADC deployment, configuration and integration with customer self-service portals
Web interface accessibility standard None or don’t know
How the web interface is accessible It is a standard web interface and has no specific additional accessibility functions
Web interface accessibility testing None
What users can and can't do using the API Customizable, with comprehensive RESTful APIs for service management, and TrafficScript, a powerful data scripting technology
API automation tools Chef
API documentation Yes
API documentation formats
  • HTML
  • PDF
Command line interface Yes
Command line interface compatibility Linux or Unix
Using the command line interface Standard Linux functions & vendor tools/features specific to software for support & troubleshooting


Scaling available Yes
Scaling type Automatic
Independence of resources Each customer gets their own virtual instance to operate & dedicated compute resources
Usage notifications Yes
Usage reporting Email


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • HTTP request and response status
Reporting types
  • API access
  • Real-time dashboards


Supplier type Reseller providing extra support
Organisation whose services are being resold Pulse Secure

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up Everything required to run the service
Backup controls There is no need for users to control backups. There is no customer data to backup or restore as this solution is a traffic load balancing service. The data centre where the service is hosted will supply a complete back & restore function as well as a fulll disaster recovery facility.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability The service is hosted in the cloud by Microsoft Azure who state:
•For all Virtual Machines that have two or more instances deployed in the same Availability Set, we guarantee you will have Virtual Machine Connectivity to at least one instance at least 99.95% of the time.

•For any Single Instance Virtual Machine using premium storage for all Operating System Disks and Data Disks, we guarantee you will have Virtual Machine Connectivity of at least 99.9%.
Approach to resilience Within Microsoft Azure each virtual appliance is part of a cluster. If one fails all connections are taken up by other appliances in the cluster.
Outage reporting E-Mail, SNMP trap, SYSlog

Identity and authentication

Identity and authentication
User authentication Username or password
Access restrictions in management interfaces and support channels Management traffic only allowed over specific interfaces & firewall rules to only allow management traffic from specific IP ranges
Access restriction testing frequency At least once a year
Management access authentication Username or password
Devices users manage the service through Dedicated device on a segregated network (providers own provision)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 British Standards Institute
ISO/IEC 27001 accreditation date It is currently actice
What the ISO/IEC 27001 doesn’t cover The scope is as follows. The Information Security Management System (ISMS) for Microsoft’s Cloud Infrastructure and Operations encompassing the datacentres listed and functional teams responsible for managing the edge network infrastructure, core servers providing critical shared services and management tools, and the access network infrastructure that supports these critical core services, as well as the remote management of services hosted by third party data centres in accordance with the Microsoft Cloud Infrastructure and Operations ISMS Statement of Applicability version 2016.01 dated March-21-2016.
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 05/10/2016
CSA STAR certification level Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover "The scope covers infrastructure, security and engineering systems of Microsoft Azure services"
PCI certification Yes
Who accredited the PCI DSS certification Coalfire Systems Inc
PCI DSS accreditation date April 2016
What the PCI DSS doesn’t cover The scope is: applications/software, hardware, infrastructure/network, storage, web, security services, system security services and IT support
Other security certifications Yes
Any other security certifications
  • ISO27001
  • CSA
  • ITAR

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes Security & privacy are built into the Azure platform starting with the Security Development Lifecycle (SDL) and at each subsequent phase through to the Operational Security Assurance (OSA) that ensures security through the life cycle of cloud based services

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach The Security Development Lifecycle (SDL) is a company-wide, mandatory process that aims to reduce the number and severity of vulnerabilities in Microsoft software. Introduced in 2004, the SDL embeds security requirements in the entire software development lifecycle. SDL, which has significantly decreased the number and severity of vulnerabilities in Microsoft software over the past decade.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Microsoft designed its software for security from the ground up and helps ensure that the cloud infrastructure is resilient to attack. We use an “assume breach” stance as a security strategy, and our global incident-response team works around the clock to mitigate the effects of any attacks against the Microsoft Cloud. These practices are backed by centres of excellence that fight digital crime, respond to security incidents and vulnerabilities in Microsoft software, and combat malware.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Azure logging of administrative operations, including system access, to create an audit trail in case of unauthorized or accidental changes. You can retrieve audit logs for your Azure Active Directory tenant, and view access and usage reports. This helps you gain visibility into the integrity and security of your deployment, and better determine where possible security risks may lie. In the Azure Management Portal, you can view usage and asset reports that include anomalous sign-in events, user-specific reports, and activity logs
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incident management is based on ITIL good practice. Users can report incidents by mail, telephone or by directly logging the incident on the support portal themselves. If there is a requirement incident reports can be provided and e-mailed to the customer.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used Hyper-V
How shared infrastructure is kept separate Each deployment is isolated from other deployments.

Each virtual network is isolated from other virtual networks.

Traffic between VMs always traverses through trusted packet filters.

Protocols such as Address Resolution Protocol (ARP), Dynamic Host Configuration Protocol (DHCP), and other OSI Layer-2 traffic from a VM are controlled using rate-limiting and anti-spoofing protection.

VMs cannot capture traffic on the network that is not destined for them.

Customer VMs cannot send traffic to Azure private interfaces, or other customers’ VMs, or Azure infrastructure services themselves. Customer VMs can only communicate with other VMs owned or controlled by the same customer.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £2430 per unit
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑