Hardware reference guide

ManualsBrandsAlto ManualsComputer equipmentBEXT 100H

100

GlobalProtect Administrator’s Guide 87

Set Up the GlobalProtect Mobile Security Manager Define Deployment Policies

Create HIP Objects and HIP Profiles

Step 1 Create the HIP objects to filter the data

reported by the device.

The tag feature allows you to create

custom labels for the devices you

manage for easy grouping. For

example, you could create tags to

distinguish personal devices from

company provisioned devices. You could

then create HIP objects that match

specific tags, providing endless

possibilities as to how you can group

managed devices for configuration

deployment. For more information on

creating tags, see Group Devices by Tag

for Simplified Device Administration.

For details on a specific HIP object

field, refer to the online help.

A HIP match will occur if any one

of the apps on the list is installed on

the device.

1. Select

Policies > Host Information > HIP Objects and click Add.

2. On the

General tab, enter a Name and optionally a Description

for the object.

3. Define the match criteria for the HIP object as follows:

• To match on identifying characteristics of the mobile device,

such as OS, GlobalProtect app version, or phone number

select the

Host Info check box and then set values to match

on. For each item to match on, select an operator from the

drop-down that indicates whether to match if the specified

value

Is, Is Not, or Contains the value you enter or select. For

example, if you will use this object to build a profile for use

in policies to be deployed to iOS devices, select

Is and iOS

from the drop-downs in the

OS field.

• To match on the state of the device, such as whether it is

jailbroken/rooted or has a passcode set, select the

Settings

tab and then select

Yes or No to determine how to match the

setting. For example, if you want the object to match devices

that do not have a passcode set, select

No in the Passcode

field.

• To match based on specific apps installed on the device,

select the

Apps > Include and click Add to specify one or

more App packages to match. The app list you define can

either be a black list or a white list, depending on how you set

up the HIP profile to match the object For example, to create

an app black list, you would add a list of apps here and then

set up the HIP profile to

NOT match the object.

• (Android devices only) To match on whether or not the

device has malware-infected apps installed, select

Apps >

Criteria

and then select a value from the Has Malware

drop-down. Or, to allow specific apps that WildFire has

determined contain malware, select

Yes and then click Add

and then specify the app packages to exclude from being

designated as malware.

4. Click

OK to save the HIP object.

5. Repeat these steps to create each additional HIP objects you

require.