Manualshelf

Hardware reference guide

ManualsBrandsAlto ManualsComputer equipmentBEXT 100H
21222324252627282930
GlobalProtect Administrator’s Guide 15
Set Up the GlobalProtect Infrastructure Set Up GlobalProtect User Authentication
Set Up GlobalProtect User Authentication
The portal and gateway require the end-user authentication credentials before the GlobalProtect agent/app will
be allowed access to GlobalProtect resources. Because the portal and gateway configurations require you to
specify which authentication mechanisms to use, you must configure authentication before continuing with the
portal and gateway setup. The following sections detail the supported authentication mechanisms and how to
configure them:
About GlobalProtect User Authentication
Set Up External Authentication
Set Up Client Certificate Authentication
Set up Two-Factor Authentication
About GlobalProtect User Authentication
The first time a GlobalProtect agent/app connects to the portal, the user is prompted to authenticate to the
portal in order to download the GlobalProtect configuration, which includes the list of gateways the agent can
connect to, the location of the Mobile Security Manager, and optionally a client certificate for connecting to the
gateways. After successfully downloading and caching the configuration, the agent/app attempts to connect to
one of the gateways specified in the configuration and/or to the specified Mobile Security Manager. Because
these components provide access to your network resources and settings, they also require the end user to
authenticate.
The level of security required on the portal, Mobile Security Manager, and the gateways (and even from gateway
to gateway) varies depending on the sensitivity of the resources each protects; GlobalProtect provides a flexible
authentication framework that allows you to choose the authentication profile and/or certificate profile that is
appropriate on each component.
The following sections describe the authentication features available on the portal and the
gateway. For details on how to set up authentication on the Mobile Security Manager, see
Configure the Mobile Security Manager for Enrollment.