Download and Install the GlobalProtect Mobile App

The GlobalProtect app provides a simple way to extend the enterprise security policies out to mobile endpoints. As with other remote endpoints running the GlobalProtect app, the mobile app provides secure access to your corporate network over an IPsec or SSL VPN tunnel. The app automatically connects to the gateway that is closest to the end user’s current location. In addition, traffic to and from the endpoint is automatically subject to the same security policy enforcement as other hosts on your corporate network. The mobile app also collects information about the host configuration and can use this information for enhanced HIP-based security policy enforcement.
There are two primary methods for installing the GlobalProtect app: You can deploy the app from your third-party MDM and transparently push the app to your managed endpoints; or, you can install the app directly from the official store for your endpoint:
This workflow describes how to install the GlobalProtect app directly on the mobile endpoint. For instructions on how to deploy the GlobalProtect app from AirWatch, see Deploy the GlobalProtect Mobile App Using AirWatch.
  1. Create an agent configuration for testing the app installation.
    As a best practice, create an agent configuration that is limited to a small group of users, such as administrators in the IT department responsible for administering the firewall:
    1. Select
      Network
      GlobalProtect
      Portals
      .
    2. Select an existing portal configuration to modify or
      Add
      a new one.
    3. On the
      Agent
      tab, either select an existing configuration or
      Add
      a new configuration to deploy to the test users/group.
    4. On the
      User/User Group
      tab,
      Add
      the
      User/User Group
      who will be testing the app.
    5. Select the
      OS
      for the app you are testing (
      iOS
      ,
      Android
      , or
      WindowsUWP
      ).
    6. (
      Optional
      ) Select the agent configuration that you just created/modified, and then click
      Move Up
      so that it is higher on the list than the more generic configurations you have created.
    7. Commit
      the changes.
  2. From the endpoint, follow the prompts to download and install the app.
    • On Android endpoints, search for the app on Google Play.
    • On iOS endpoints, search for the app at the App Store.
    • On Windows 10 UWP endpoints, search for the app at the Microsoft Store.
  3. Launch the app.
    When successfully installed, the GlobalProtect app icon displays on the endpoint’s Home screen. To launch the app, tap the icon. When prompted to enable GlobalProtect VPN functionality, tap
    OK
    .
    app_enable_VPN.PNG
  4. Connect to the portal.
    1. When prompted, enter the
      Portal
      name or address, User
      Name
      , and
      Password
      . The portal name must be an FQDN and it should not include the https:// at the beginning.
      portal_login.png
    2. Tap
      Connect
      and verify that the app successfully establishes a connection to GlobalProtect.
      If a third-party mobile endpoint management system is configured, the app prompts you to enroll.

Related Documentation