Devices running Windows 10 IoT can use the
GlobalProtect app. Use your organization’s distribution method,
such as Microsoft System Center Configuration Manager (SCCM), to
deploy and install the GlobalProtect app on your IoT devices running
Windows 10 IoT Enterprise.
A GlobalProtect Windows IoT deployment
supports certificate-based authentication. You must install the
certificate used for authentication on each IoT device in its local
machine store. If an IoT device has multiple certificates with the
same Root CA, GlobalProtect uses the first certificate in the IoT
device’s local machine store to authenticate; be sure that your
certificates are in the correct order in your devices.
The
following sections describe how to install the GlobalProtect app
on devices running Windows IoT:
Modify
the Registry Keys on the IoT Device (On-Demand or Always On)
You must specify the OS type as IoT, the device
type as headless, and the portal address. Optionally, you can specify
a username and password. If you do not specify a username and password,
GlobalProtect uses certificate-based authentication.
You
can use the following methods of installation for the
Modify
the Registry Keys on the IoT Device (Always On with Pre-logon)
You must specify the portal address, the pre-logon timeout
value, and the service-only value. You must delete the GlobalProtect
value to prevent the IoT device from automatically launching the
app interface upon system restart. A pre-logon VPN tunnel does not
associate the username because the user has not logged in.
You
can use the following methods of installation for the