Hardware reference guide

ManualsBrandsAlto ManualsComputer equipmentBEXT 100H

101

102

103

104

105

106

107

108

109

110

102 GlobalProtect Administrator’s Guide

Define Deployment Policies Set Up the GlobalProtect Mobile Security Manager

Create Deployment Policies

Step 1 Create a new policy rule. 1. Select Policies > Policies and click Add.

2. Enter a descriptive

Name to identify the policy rule.

Step 2 Specify which mobile device users to

deploy this configuration to. There are

two ways to specify which managed

devices will get the configuration: by

user/group name and/or by HIP match.

The Mobile Security Manager uses the

Users/HIP Profiles settings you specify

to determine which configuration to

deploy to a device upon check-in.

Therefore, if you have multiple

configurations, you must make sure to

order them properly. As soon as the

Mobile Security Manager finds a match, it

will deliver the configuration. Therefore,

more specific configurations must

precede more general ones. See Step 4 for

instructions on ordering the list of rules.

Before you can create policy rules to

deploy configurations to specific

users or groups, you configure the

Mobile Security Manager to access

your user directory as described in

Integrate the Mobile Security

Manager with your LDAP

Directory.

Select the

Users/HIP Profiles tab and then specify how to determine

a configuration match for this policy rule:

• To deploy this configuration to a specific user or group, click

Add

in the User section of the window and then select the user or

group you want to receive this configuration from the drop-down.

Repeat this step for each user/group you want to add.

• To deploy this configuration to devices that match a specific HIP

profile, click

Add in the HIP Profiles section of the window and

then select a HIP profile.

It is a good idea to test you deployment policies before

pushing them out to your entire mobile user base. Consider

initially creating a configuration that applies to users in your

IT group only to allow them enroll with Mobile Security

Manager and test the deployment policies. Then, after you

have thoroughly tested the configuration, you could modify

the deployment policy to push the deployments out to

mobile users.

Step 3 Specify which configuration profiles to

deploy to devices that match the

user/HIP profile criteria you defined.

1. Attach configuration profiles to the policy rule. If your rule is

designed to match both iOS and Android devices, you must

attach separate configuration profiles as follows:

• To add an iOS configuration profile or an iOS provisioning

profile, click

Add in the iOS section and then select the

profile to add. Repeat this step for each iOS profile to deploy

to devices matching this rule.

• To add an Android configuration profile, click

Add in the

Android section and then select the profile to add to the rule.

Repeat this step for each configuration profile to deploy to

devices matching this rule.

2. Click

OK to save the policy rule.

3. Repeat Step 1 through Step 3 for each policy rule you need.