Configure GlobalProtect Gateways

Because the GlobalProtect configuration that the portal delivers to the agents includes the list of gateways the client can connect to, it is a good idea to configure the gateways before configuring the portal.
The GlobalProtect Gateways can be configured to provide two main functions:
  • Enforce security policy for the GlobalProtect agents and apps that connect to it. You can also enable HIP collection on the gateway for enhanced security policy granularity. For more information on enabling HIP checks, see Use Host Information in Policy Enforcement.
  • Provide virtual private network (VPN) access to your internal network. VPN access is provided through an IPSec or SSL tunnel between the client and a tunnel interface on the gateway firewall.
    You can also configure GlobalProtect gateways on VM-Series firewalls deployed in the AWS cloud. By deploying the VM-Series firewall in the AWS cloud you can quickly and easily deploy GlobalProtect gateways in any region without the expense or IT logistics that are typically required to set up this infrastructure using your own resources. For details, see Use Case: VM-Series Firewalls as GlobalProtect Gateways in AWS.

Related Documentation