As mobile endpoints become more powerful, end users
increasingly rely on them to perform business tasks. However, these
same endpoints that access your corporate network also connect to
the internet without protection against threats and vulnerabilities.
By using a third-party mobile endpoint management system—such as
a mobile device management (MDM) or enterprise mobility management
(EMM) system—you can easily manage both company-provisioned and
employee-owned devices (such as in a BYOD environment).
A mobile endpoint management system simplifies the administration
of mobile endpoints by enabling you to automatically deploy your
corporate account configuration and VPN settings to compliant endpoints.
You can also use your mobile endpoint management system for remediation
of security breaches by interacting with an endpoint that has been
compromised. This protects both corporate data as well as personal
end user data. For example, if an end user loses an endpoint, you can
remotely lock the endpoint from the mobile endpoint management system
or even wipe the endpoint (either completely or selectively).
In addition to the account provisioning and remote device management
functions that a mobile endpoint management system can provide,
when integrated with your existing GlobalProtect™ VPN infrastructure,
you use host information that the endpoint reports to enforce security
policies for access to apps through the GlobalProtect gateway. You
can also use the monitoring tools that are built into the Palo Alto
next-generation firewall to monitor mobile endpoint traffic.