Starting in 8.1R12 / 8.2R6 and above, support was added for HTTP Strict Transport Security (HSTS). This is a web mechanism to help protect websites against downgrade attack similar to SSLStrip. For more information, please refer to KB40348 - Support for HTTP Strict Transport Security (HSTS) with Pulse Connect Secure and Pulse Policy Secure
To mitigate this type of attack for other releases, we recommend that you block port 80 (HTTP) access to your PCS in your firewall. This will break SSLStrip's ability to rewrite SSL pages as HTTP as the pages are always encrypted with HTTPS. SSLStrip's rewriting engine preys on HTTP to HTTPS redirects so without this redirect it will essentially block SSLStrip attacks from occurring.
Another solution is to configure your firewall to port forward users who connect to the IVE on port 80 to another web server that will present an instruction page. The instruction page could be used to educate users about the requirement to type in
instead of just PCS