Manualshelf

Hardware reference guide

ManualsBrandsAlto ManualsComputer equipmentBEXT 100H
12345678910
4 GlobalProtect Administrator’s Guide
About the GlobalProtect Components GlobalProtect Overview
GlobalProtect Mobile Security Manager
The GlobalProtect Mobile Security Manager provides management, visibility, and automated configuration
deployment for mobile devices—either company provisioned or employee owned—on your network. Because
the Mobile Security Manager is part of the integrated GlobalProtect mobile solution, the GlobalProtect gateway
can leverage information about managed devices and use the extended host information collected by the Mobile
Security Manager to provide enhanced security policy enforcement for managed devices. Gateways retrieve the
extended HIP profiles from the Mobile Security Manager and use the information to enforce security policies
for devices that connect to your network.
The deployment policies you create on the Mobile Security Manager provide simplified account provisioning
to mobile device users for access to your corporate applications (such as email and VPN configurations).
You can also perform certain actions such as locking the device, sounding an alarm to help locate the device,
or even wiping a device that has been compromised.
To communicate with a device, the Mobile Security Manager sends a push notification over the air (OTA).
For iOS devices, it sends push notifications over the Apple Push Notification service (APNs) and for
Android devices it sends them using the Google Cloud Messaging (GCM). When a device receives a push
notification, it checks in by establishing an HTTPS connection to the device check-in interface on the Mobile
Security Manager.
When a device checks in with the Mobile Security Manager, it submits host information that includes
additional information beyond what the GlobalProtect gateway collects, including a list of all installed apps,
the location of the device at the time of check-in (this can be disabled), whether the device has a passcode
set, and/or whether it is rooted/jailbroken. In addition, if the Mobile Security Manager has a WildFire
subscription, it can detect whether a device has Malware (Android devices only).
By leveraging the extended HIP data that the Mobile Security Manager collects, you can create a very
granular security policy for mobile device users on your GlobalProtect gateways.
See Set Up the GlobalProtect Mobile Security Manager for more information.