While a third-party MDM system allows you to push configuration
settings that allow access to your corporate resources and provides
a mechanism for enforcing device restrictions, it does not secure
the connection between the mobile endpoint and services to which
it connects. To enable the client to establish secure tunnel connections,
you must enable VPN support on the endpoint.
The following table describes typical settings that you can configure
using your third-party MDM.
Type of connection enabled by the policy.
Identifier for the custom SSL VPN in reverse
Host name or IP address of the GlobalProtect
<hostname or IP address>
User account for authenticating the connection.
Authentication type for the connection.
Certificate | Password
(Certificate User Authentication only) Credential for
authenticating the connection.
Enable VPN On Demand
(Optional) Domain and hostname that will
establish the connection and the on-demand action: