While a third-party MDM system allows you to push configuration
settings that allow access to your corporate resources and provides
a mechanism for enforcing endpoint restrictions, it does not secure
the connection between the mobile endpoint and the services to which
it connects. To enable the app to establish secure connections,
you must enable VPN support on the endpoint.
The following table describes typical settings that you can configure
using your third-party MDM system:
Type of connection enabled by the policy.
N/A. This information will not be passed as part
of the profile, Identifier/subtype will identify the GlobalProtect
Identifier for the custom SSL VPN in reverse
Host name or IP address of the GlobalProtect portal.
<hostname or IP address>
User account for authenticating the connection.
Authentication type for the connection.
Certificate | Password
Certificate User Authentication only
Credential for authenticating the connection.
N/A (no key)
Enable VPN On Demand
) Domain and hostname
that establish the connection and the on-demand action: