1. Home
    2. GlobalProtect
    3. GlobalProtect™ Administrator's Guide
    4. GlobalProtect Apps
    5. Deploy the GlobalProtect App Software
    6. Download and Install the GlobalProtect Mobile App

    Download and Install the GlobalProtect Mobile App

    The GlobalProtect app provides a simple way to extend the enterprise security policies out to mobile endpoints. As with other remote endpoints running the GlobalProtect app, the mobile app provides secure access to your corporate network over an IPsec or SSL VPN tunnel. The app automatically connects to the gateway that is closest to the end user’s current location. In addition, traffic to and from the endpoint is automatically subject to the same security policy enforcement as other hosts on your corporate network. The mobile app also collects information about the host configuration and can use this information for enhanced HIP-based security policy enforcement.
    There are two primary methods for installing the GlobalProtect app: You can deploy the app from your third-party MDM and transparently push the app to your managed endpoints; or, you can install the app directly from the official store for your endpoint:
    This workflow describes how to install the GlobalProtect app directly on the mobile endpoint. For instructions on how to deploy the GlobalProtect app from AirWatch, see Deploy the GlobalProtect Mobile App Using AirWatch.
    1. Create an agent configuration for testing the app installation.
      As a best practice, create an agent configuration that is limited to a small group of users, such as administrators in the IT department responsible for administering the firewall:
      1. Select
        Network
        GlobalProtect
        Portals
        .
      2. Select an existing portal configuration to modify or
        Add
         a new one.
      3. On the
        Agent
         tab, either select an existing configuration or
        Add
         a new configuration to deploy to the test users/group.
      4. On the
        User/User Group
         tab,
        Add
         the
        User/User Group
         who will be testing the app.
      5. Select the
        OS
         for the app you are testing (
        iOS
        ,
        Android
        , or
        WindowsUWP
        ).
      6. (
        Optional
        ) Select the agent configuration that you just created/modified, and then click
        Move Up
         so that it is higher on the list than the more generic configurations you have created.
      7. Commit
         the changes.
    2. From the endpoint, follow the prompts to download and install the app.
      • On Android endpoints, search for the app on Google Play.
      • On iOS endpoints, search for the app at the App Store.
      • On Windows 10 UWP endpoints, search for the app at the Microsoft Store.
    3. Launch the app.
      When successfully installed, the GlobalProtect app icon displays on the endpoint’s Home screen. To launch the app, tap the icon. When prompted to enable GlobalProtect VPN functionality, tap
      OK
      .
      app_enable_VPN.PNG
    4. Connect to the portal.
      1. When prompted, enter the
        Portal
         name or address, User
        Name
        , and
        Password
        . The portal name must be an FQDN and it should not include the https:// at the beginning.
        portal_login.png
      2. Tap
        Connect
         and verify that the app successfully establishes a connection to GlobalProtect.
        If a third-party mobile endpoint management system is configured, the app prompts you to enroll.

    Related Documentation

    © 2019 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo