Manually Add and Delete Devices From the Quarantine List
You can add a device manually from either
the quarantine pages, from the GlobalProtect, Threat, Traffic, or Unified logs, or by using
an API. You can also manually delete the device from the quarantine
pages, as shown in the following steps.
To manually add a device to the quarantine
list from the
of the device. GlobalProtect
uses the Host ID to identify the device.
) To add Host ID information
to the Traffic, Threat, and Unified logs, select
security policy rule; then, select
Host ID is required to add a device to the quarantine list. When
a user connects to the network with the GlobalProtect app, GlobalProtect
automatically adds Host ID information for the connected endpoint
to the GlobalProtect log. For GlobalProtect to automatically add
Host ID information to the Traffic, Threat, or Unified logs, you
must add a policy rule that has
for source traffic.
To make sure that you are adding the Host ID
for all devices you want to quarantine (either manually or automatically),
create a security policy that allows all traffic and specify
. It does not matter what
order you place this policy in the list of policies for it to work.
with the device and click
column does not display, select
the header of any column and then select the