While a third-party MDM system allows you to push configuration
settings that allow access to your corporate resources and provides
a mechanism for enforcing device restrictions, it does not secure
the connection between the mobile endpoint and services it connects
to. To enable the client to establish secure tunnel connections,
you must enable VPN support on the endpoint.
The following table describes typical settings that you can configure
using your third-party MDM system.
Type of connection enabled by the policy.
Identifier for the custom SSL VPN in reverse
Host name or IP address of the GlobalProtect
<hostname or IP address>
User account for authenticating the connection.
Authentication type for the connection.
Certificate | Password
Certificate User Authentication only
for authenticating the connection.
Enable VPN On Demand
) Domain and hostname that
will establish the connection and the on-demand action: