>
    Redesigned GlobalProtect App User Interface for Windows and macOS
    Focus
    Download PDF
    Focus
    1. Home
    2. GlobalProtect
    3. New Features Released in GlobalProtect App 6.0
    4. Redesigned GlobalProtect App User Interface for Windows and macOS
    Download PDF
    GlobalProtect

    Redesigned GlobalProtect App User Interface for Windows and macOS

    Table of Contents

    Redesigned GlobalProtect App User Interface for Windows and macOS

    Software Support: Starting with GlobalProtect™ app 6.0
    OS Support: Windows 10 and macOS
    The GlobalProtect app 6.0 for Windows and macOS introduces a streamlined user interface and a more intuitive connection process. The redesigned app features improved workflows that enable a better user experience. With this redesign, the GlobalProtect app can now provide friendly, informative messages to help end users understand connectivity or access issues. Additionally, end users can now have a better understanding on monitoring the security state and activity on their endpoint.
    The following user experience enhancements are redesigned in GlobalProtect app 6.0:
    • A Status Panel that displays the state of the GlobalProtect connection and allows end users to connect or to disconnect from GlobalProtect.
    • A Settings Panel that allows end users to view, modify, monitor, and troubleshoot their GlobalProtect app settings
    • Seamless Login connection experience from the status panel that allows end users to log in. With the On-Demand connect method, end users can now select the client certificate from a list of valid certificates to authenticate with the portal or gateway on the Windows endpoint.
    • Resilient Connection that enables GlobalProtect to reconnect automatically after interruptions with network activity.

    Welcome Page

    If end users are logging in to the endpoint for the first time, the GlobalProtect app now displays a friendly, welcome page upon successful login. End users can click Get Started to enter the IP address (or domain) of the GlobalProtect portal or their user credentials, and then click Connect to initiate the connection.

    Status Panel

    GlobalProtect opens the status panel when you launch the app. The status panel displays the state of the GlobalProtect connection and allows end users to connect to or disconnect from GlobalProtect.
    If there are notifications that triggered on the GlobalProtect app, the Notifications dialog appears next to the status panel.
    End users can now click the star icon (
    ) to designate a preferred gateway. Upon the next connection, the app automatically connects to the preferred gateway.
    If end users want to remove the preferred gateway designation and instead connect to the best available gateway, they can simply clear the star icon to remove this gateway as a preferred gateway.
    By default, end users automatically connect to the Best Available gateway that is identified by a check mark from the Change Gateway drop-down. If the end user sets the preferred gateway, a star displays by the gateway from the Change Gateway drop-down.
    If you configured manual external gateways in your portal agent configuration, end users can choose a specific gateway using the gateway search field.
    The status panel also contains additional information and options for the redesigned GlobalProtect app.
    The hamburger menu on the status panel now includes the following options:
    • Refresh Connection—Allows end users to perform network discovery. This option is available only if you Enable Rediscover Network Option in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App).
    • Report an Issue—Allows end users to report an issue to their administrator. This option is available only if you enable the GlobalProtect app log collection for troubleshooting on the GlobalProtect portal.
    • Settings—Opens the settings panel where end users can view, modify, monitor, and troubleshoot their GlobalProtect app settings.
    • Help Center—Opens the GlobalProtect Help page, which provides general information about how to use the GlobalProtect app. This option does not display on the Settings menu if you disable (select None) the App Help Page in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> GlobalProtect Portal ConfigurationGeneralAppearance).
    • Disconnect—Disconnects the GlobalProtect app. This option is available only if you configure the Connect Method as User-logon (Always On) and Allow User to Disable GlobalProtect App in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App).
      If your configuration includes a challenge to end users, the GlobalProtect app now prompts them to respond to one or more reasons such as Internet speed slow or App not working (if required). The reasons for disconnecting are displayed only if you configure Display the following reasons to disconnect GlobalProtect (Always-on mode) in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App). End users can provide a reason for disconnecting if you configured Allow User to Disable GlobalProtect App as Allow with Comment in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App).
      If you did not configure the GlobalProtect app to display the reasons for disconnecting, end users are prompted to provide a reason for disconnecting from the app.

    Settings Panel

    The settings panel now allows end users to view and modify the following settings for the GlobalProtect app:
    • Connections—The Connections tab displays the portal(s) associated with the GlobalProtect account. End users can add, edit, or delete portals from this tab. This tab also displays the gateway to which the end user is connected. End users can view connection statistics about the gateway (for example, gateway IP address, location, and VPN session uptime) when you set Enable Advanced View to Yes in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App).
    • Preferences—The Preferences tab is now available only if you configure at least one of the following options:
      • Enable Biometric Sign-in—End users can choose to use biometric (fingerprint) information to sign in. This option is available only if you configure the Save User Credentials to Only with User Fingerprint in the GlobalProtect agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> Authentication). End users must supply a fingerprint that matches a trusted fingerprint template on the endpoint to use a saved password for authentication to GlobalProtect portal and gateways.
      • Do not display a welcome page upon each successful connection—End users can choose to display a welcome page upon successful login. This option is available only if you set the Welcome Page to factory-default in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App).
      • Connect with SSL—End users can choose to use SSL or stay with IPSec. This option is available only if you set Connect with SSL Only to User can Change in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App).
      • Always run diagnostic tests and include logs—End users can choose to enable the GlobalProtect app to run diagnostic tests and to include diagnostic logs. This option is available only if you enable the GlobalProtect app log collection for troubleshooting on the GlobalProtect portal.
    • Troubleshooting—On macOS endpoints, the Troubleshooting tab allows end users to Collect Logs and set the logging level to Debug Logs or Dump Logs, view information about the network configuration, route settings, active connections, and logs and, if your administrator has given you the ability to decide whether you want your endpoint to perform Autonomous DEM tests to determine the cause of a user experience issue—you can toggle the Enable User Experience Tests setting.
      On Windows endpoints, the Troubleshooting tab allows end users to Collect Logs and set the logging level to Debug Logs or Dump Logs and, if your administrator has given you the ability to decide whether you want your endpoint to perform Autonomous DEM tests to determine the cause of a user experience issue—you can toggle the Enable user experience tests setting.
      Click Advanced to access the Advanced Logging Settings window, which displays information about the network configuration, route settings, active connections, and logs.
    • Notifications—The Notifications tab displays the detailed information about specific notifications triggered on the GlobalProtect app.
      End users are also notified if there are no new notifications triggered on the GlobalProtect app.
    • Host Information Profile—The Host Profile Information tab displays the endpoint data that GlobalProtect uses to monitor and enforce security policies using the Host Information Profile. End users can Resubmit to manually resubmit HIP data to the gateway.
      If you configured multiple internal gateways in non-tunnel mode and internal host detection, end users can click More Details to monitor the Host Information Profile (HIP) report submission for each gateway from a central location to help you to quickly troubleshoot HIP related issues.
    • About—The About tab displays the version of GlobalProtect currently installed on the endpoint and allows end users to Check for Updates.

    Seamless Login

    With the On-Demand connect method, end users must launch the GlobalProtect app from the system tray to manually initiate the connection. After the connection initiates, users can continue the login process on the status panel to establish the connection.
    Optionally, if end users are logging in to GlobalProtect for the first time on a Windows endpoint, they can now select the client certificate from a list of valid certificates from the Certificate drop-down to authenticate with the portal or gateway.
    Optionally, if you require end users to accept terms of use to comply with corporate policies and to see a page to review your company’s terms of service before connecting to GlobalProtect, you must set Have User Accept Terms of Use Before Creating Tunnel to Yes in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App).
    If end users do not accept terms of use, they will not be able to connect to GlobalProtect.
    Optionally, if end users click Cancel, they must enter the IP address (or domain) of the GlobalProtect portal, and then click Connect to initiate the connection.
    If multiple portals are saved on the app, select a portal from the Portal drop-down. By default, the most recently connected portal is pre-selected from the Portal drop-down.
    Optionally, the endpoint is automatically connected to the Best Available gateway (default) based on the configuration that you defined and the response times of the available gateway. To manually connect to a specific gateway, select the gateway from the Change Gateway drop-down (external gateways only).
    When end users disconnect from GlobalProtect by clicking Disconnect, the status panel now displays the amount of time that GlobalProtect attempts to reconnect.
    With the Always On connect method, the connection initiates automatically, which allows end users to establish a connection without launching the GlobalProtect app. If you configure the GlobalProtect portal to Save User Credentials, the connection establishes automatically without requiring any user interaction. If you disable the Save User Credentials option, end users can log in and establish a connection by entering their credentials.
    When your end users password expires or a RADIUS or AD administrator requires a password change at the next login, they can update their password on the app. A notification appears when their password is about to expire.
    If prompted, end users must enter their Current Password, New Password, and Confirm Password. Then, click Update Password to reconnect to GlobalProtect with their new password.

    Resilient Connection

    If you customize resilient VPN by specifying the Automatic Restoration of VPN Connection Timeout to Yes in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App), GlobalProtect automatically attempts to attempt to reestablish the connection after the tunnel is disconnected. You can configure the Wait Time Between VPN Connection Restore Attempts in the GlobalProtect portal agent configuration (NetworkGlobalProtectPortals<portal-config> Agent<agent-config> App) to adjust the amount of time GlobalProtect waits between attempts to restore the connection
    With the Always On connect method, if the end user switches from an external network to an internal network before the timeout value expires, GlobalProtect does not perform network discovery. As a result, GlobalProtect restores the connection to the last known external gateway.
    To trigger an internal host detection, the end user must select Refresh Connection from the hamburger menu on the status panel.

    © 2025 Palo Alto Networks, Inc. All rights reserved.