The chapter provides information on configuring Microsoft Intune for iOS
endpoints.
Where Can I Use This?
What Do I Need?
NGFW (managed by Panorama or Strata Cloud Manager)
Prisma Access (managed by Panorama or Strata Cloud Manager)
GlobalProtect Gateway license or Prisma Access license with the
Mobile User subscription
When deployed with Microsoft Intune, GlobalProtect supports the following connection
methods:
Always On
In an Always On configuration, GlobalProtect automatically connects
as soon as the you log in.
On-Demand
In an on-demand configuration, you must manually connect
GlobalProtect through the application. Traffic is routed through the
GlobalProtect app only after you initiate and establish the
connection.
Per-App
In a per-app configuration, you can define which managed apps are
allowed to route traffic through GlobalProtect. To do so, you can attach a
VPN profile to an app, add URLs for the app you want access to, or do a
combination of both.
GlobalProtect with Microsoft Intune supports certificate-based (SCEP only) and SAML
authentication. Before deploying the app, determine the appropriate connection and
authentication methods for your environment.
On iOS devices, the GlobalProtect app is upgraded automatically
by Apple's app store.
