Manualshelf

Hardware reference guide

ManualsBrandsAlto ManualsComputer equipmentBEXT 100H
169170171172173174175176177178
GlobalProtect Administrator’s Guide 171
GlobalProtect Quick Configs Mixed Internal and External Gateway Configuration
Step 5 Create the HIP profiles you will need to
enforce security policy on gateway access.
See Use Host Information in Policy
Enforcement for more information on
HIP matching.
1. Create the HIP objects to filter the raw host data collected by
the agents. For example, if you are interested in preventing users
that are not up to date with required patches, you might create a
HIP object to match on whether the patch management
software is installed and that all patches with a given severity are
up to date.
2. Create the HIP profiles that you plan to use in your policies.
For example, if you want to ensure that only Windows users
with up-to-date patches can access your internal applications,
you might attach the following HIP profile that will match hosts
that do NOT have a missing patch:
Step 6 Configure the internal gateways. Select
Network > GlobalProtect > Gateways and add the following
settings:
• Interface
• IP Address
• Server Certificate
Authentication Profile and/or Configuration Profile
Notice that it is not necessary to configure the client configuration
settings in the gateway configurations (unless you want to set up HIP
notifications) because tunnel connections are not required. See
Configure a GlobalProtect Gateway for step-by-step instructions on
creating the gateway configurations.
Quick Config: GlobalProtect Mixed Internal & External Gateway Configuration (Continued)