Download and Install the GlobalProtect Mobile App
The GlobalProtect app provides a simple way
to extend the enterprise security policies out to mobile endpoints.
As with other remote endpoints running the GlobalProtect app, the mobile
app provides secure access to your corporate network over an IPsec
or SSL VPN tunnel. The app automatically connects to the gateway
that is closest to the end user’s current location. In addition,
traffic to and from the endpoint is automatically subject to the
same security policy enforcement as other hosts on your corporate
network. The mobile app also collects information about the host
configuration and can use this information for enhanced HIP-based
security policy enforcement.
There are two primary methods
for installing the GlobalProtect app: You can deploy the app from
your third-party MDM and transparently push the app to your managed
endpoints; or, you can install the app directly from the official
store for your endpoint:
- iOS endpoints—App Store
- Android endpoints—Google Play
- Windows 10 phones and Windows 10 UWP endpoints—Microsoft Store
- Chromebooks—For details on installing the GlobalProtect app for Chrome OS, see Download and Install the GlobalProtect App for Chrome OS.
This
workflow describes how to install the GlobalProtect app directly
on the mobile endpoint. For instructions on how to deploy the GlobalProtect
app from AirWatch, see Deploy
the GlobalProtect Mobile App Using AirWatch.
- Create an agent configuration for testing the
app installation.As a best practice, create an agent configuration that is limited to a small group of users, such as administrators in the IT department responsible for administering the firewall:
- Select .
- Select an existing portal configuration to modify or Add a new one.
- On the Agent tab, either select an existing configuration or Add a new configuration to deploy to the test users/group.
- On the User/User Group tab, Add the User/User Group who will be testing the app.
- Select the OS for the app you are testing (iOS, Android, or WindowsUWP).
- (Optional) Select the agent configuration that you just created/modified, and then click Move Up so that it is higher on the list than the more generic configurations you have created.
- Commit the changes.
- From the endpoint, follow the prompts to download and
install the app.
- On Android endpoints, search for the app on Google Play.
- On iOS endpoints, search for the app at the App Store.
- On Windows 10 UWP endpoints, search for the app at the Microsoft Store.
- Launch the app.When successfully installed, the GlobalProtect app icon displays on the endpoint’s Home screen. To launch the app, tap the icon. When prompted to enable GlobalProtect VPN functionality, tap OK.
- Connect to the portal.
- When prompted, enter the Portal name
or address, User Name, and Password.
The portal name must be an FQDN and it should not include the https://
at the beginning.
- Tap Connect and verify that
the app successfully establishes a connection to GlobalProtect.If a third-party mobile endpoint management system is configured, the app prompts you to enroll.
- When prompted, enter the Portal name
or address, User Name, and Password.
The portal name must be an FQDN and it should not include the https://
at the beginning.