Changes to Default Behavior in GlobalProtect App 5.0
Changes to default behavior in GlobalProtect app 5.0 for Android, iOS, Chrome, Windows, Windows 10 UWP, Mac, and Linux.
The following topic describes changes to default behavior in GlobalProtect app 5.0:
Default Behavior in GlobalProtect App 5.0.x
There are no changes to default behavior in the following GlobalProtect app 5.0.x releases:
- GlobalProtect app 5.0.9
- GlobalProtect app 5.0.8
- GlobalProtect app 5.0.7
- GlobalProtect app 5.0.6
- GlobalProtect app 5.0.5
- GlobalProtect app 5.0.4
- GlobalProtect app 5.0.3
- GlobalProtect app 5.0.2
- GlobalProtect app 5.0.1
Default Behavior in GlobalProtect App 5.0.0
The following table describes changes to default behavior in GlobalProtect app 5.0.0:
Description of Change
MDM-based Client Certificate Deployment
If you manage iOS endpoints using a mobile device management (MDM) system and want to use client certificates for GlobalProtect client authentication, you must now deploy client certificates as part of the VPN profile that is pushed from the MDM server. If you deploy client certificates from the MDM server using any other method, the certificates can no longer be used by the app.
GlobalProtect app 5.0 cannot retrieve UDIDs for HIP-based policy enforcement directly from iOS endpoints, as in previous versions of the app. To retrieve UDIDs, you must now specify the UDID attribute in the VPN profile that is pushed from the MDM server. If you do not specify the UDID attribute in the VPN profile, the GlobalProtect app generates random UDIDs to identify the endpoints.
Saved Portal Addresses and User Credentials
Since users must install GlobalProtect app 5.0 as a brand new app on iOS endpoints, information stored in older versions of the app (4.1.x and earlier releases), including saved portal addresses and user credentials, is not carried over to the 5.0 version of the app. In MDM-based deployments, users must re-enter only the information that is not pushed from the MDM server on the new app. If users install GlobalProtect app 5.0 manually from the Apple App Store, they must re-enter both their portal address and user credentials on the new app.
When GlobalProtect app 5.0 for iOS endpoints is running in the background, error messages and alerts from the app now display on the endpoint as system notifications. If a notification requires user interaction (for example, if a user must re-enter their credentials after authentication fails), users can tap the system notification to open the GlobalProtect app and complete the interaction. Users can no longer provide inputs for GlobalProtect outside the app. In addition, users can tap a system notification to open the GlobalProtect app and view more details about the notification.
(Windows and Mac only)
When you configure a HIP object that performs
Custom Checkssuch as to collect registry or plist entries, GlobalProtect now hides this information in the Host Profile summary.
Recommended For You
Recommended videos not found.