: Starting with GlobalProtect™
app 6.1. Requires content release version 8615-7549.
: Windows 10, ARM64-Based Windows 10, macOS 11 and later
releases, and ARM-Based macOS 11 and later releases
You can now configure advanced internal host
detection through the portal if you want to add an extra security
layer during internal host detection by the GlobalProtect app. With
the advanced internal host detection, the app validates the server
certificate of the internal gateways in addition to performing a
reverse DNS lookup of the internal host to determine whether the
app is inside the enterprise network.
Enabling the advanced
internal host detection stops malicious actors from spoofing the
reverse DNS server response during the internal host detection and
thereby prevents unauthorized access to the endpoints in the enterprise
network. When you enable the advanced internal host detection through
the portal and the user logs in to the GlobalProtect app, the workflow
looks as follows:
user attempts to log in with advanced internal host detection enabled,
the GlobalProtect app is considered as inside the enterprise network
The reverse DNS lookup of an internal host
using the specified IP address to the hostname is successful during the
internal host detection process.
The app successfully validates the server certificate of
at least one of the configured internal gateways.
the advanced internal host detection fails, the endpoint is considered
as outside the network and the app performs a network discovery
to connect to the best available external gateway.
advanced internal host detection is disabled.