GlobalProtect gateways provide security enforcement
for traffic from GlobalProtect agents/apps. Additionally, if the
HIP feature is enabled, the gateway generates a HIP report from
the raw host data the clients submit and can use this information
in policy enforcement.
—Provide security enforcement
and/or virtual private network (VPN) access for your remote users.
—An interface on the internal network
configured as a GlobalProtect gateway for applying security policy
for access to internal resources. When used in conjunction with
User-ID and/or HIP checks, an internal gateway can be used to provide
a secure, accurate method of identifying and controlling traffic
by user and/or device state. Internal gateways are useful in sensitive
environments where authenticated access to critical resources is
required. You can configure an internal gateway in either tunnel
mode or non-tunnel mode.
You Configure GlobalProtect Gateways on
an interface on any Palo Alto Networks next-generation firewall.
You can run both a gateway and a portal on the same firewall, or
you can have multiple, distributed gateways throughout your enterprise.