Prisma Access Mobile Users license (for use with Prisma
GlobalProtect app version 6.2 or later for Windows and
Content release version 8699-7991 or later
Use the following procedure to configure the GlobalProtect app to run a remediation
script whenever a GlobalProtect endpoint fails one or more process checks to help
the endpoint recover from a HIP check failures. With this feature enabled, the
GlobalProtect app will provide a specified timeout period in which the endpoint can
run the remediation script if it fails a process check. After the timeout period
expires, the GlobalProtect app resubmits the HIP report.
The remediation scripts you write should check whether the processes you have
set up in the
are running and, if not,
execute the script and start the process.
Configure a HIP remediation timeout on the portal.
Select the portal configuration to which you are adding the agent
configuration, and then select the
Select the agent configuration that you want to modify, or
a new one.
To enable the HIP remediation feature, set a
Remediation Process Timeout (sec)
By default, this field is set to 0, indicating that the feature is
disabled. Enter a value from 1-600 seconds to indicate the amount of
time you want to allow for the remediation script to finish.
twice to save your app and portal
Deploy the remediation script to your endpoints using mobile device management
As a best practice, use standard formats for the scripts you deploy (for
example, deploy shell scripts on macOS endpoints and batch scripts on
Windows endpoints). The name of the script is case sensitive and must use
the predefined name and location as follows: