GlobalProtect
Define GlobalProtect Host Compliance Notifications
Table of Contents
Expand All
|
Collapse All
GlobalProtect Docs
-
- 10.1 & Later
- 9.1 (EoL)
-
- 6.3
- 6.2
- 6.1
- 6.0
- 5.1
-
- 6.1
- 6.0
- 5.1
-
- 6.3
- 6.2
- 6.1
- 6.0
- 5.1
Define GlobalProtect Host Compliance Notifications
This section provides you information on how to define globalprotect host compliance
notifications
Host Compliance notifications help guide your users toward security compliance by
providing timely, actionable alerts. The decision to display a notification when a
user's device matches a HIP profile—or when it doesn't—should be based on what you
want the user to do.
If your HIP profile is configured to find non-compliant devices, (for example, it
matches when antivirus software is missing), then you should display the
notification on a match to tell the user how to fix the problem. However, if your
profile identifies fully compliant devices, you should display the notification for
users who do not match, as they are the ones who need to take corrective action.
- On the firewall hosting your GlobalProtect gateway(s), select NetworkGlobalProtectGateways.Select the gateway configuration for which you want to add HIP notification messages.Select AgentHIP Notification, and then click Add.Select the HCP to which this message applies from the Host Information drop-down.Depending on whether you want to display the message when the corresponding HCP is matched or not matched, select Match Message or Not Match Message. In some cases, you might want to create messages for both a match and a non-match, depending on what objects you are matching and what your objectives are for the security policy.Enable the Match Message or Not Match Message, and then select whether you want to display the message as a Pop Up Message or a System Tray Balloon.Enter your message text in the Template text box, and then click OK.Repeat this procedure for each message that you want to define.Commit the changes.