Because the GlobalProtect portal configuration that
is delivered to the apps includes the list of gateways to which the
endpoint can connect, it is recommended that you configure the gateways
before configuring the portal.
Enforce security policy for the GlobalProtect apps that
connect to the gateways. You can also enable HIP collection on the
gateway for enhanced security policy granularity. For more information
on enabling HIP checks, see Host
Information.
Provide virtual private network (VPN) access to the internal
corporate network. VPN access is provided through an IPsec or SSL
tunnel between the endpoint and the tunnel interface on the firewall
hosting the gateway.
You can also configure
GlobalProtect gateways on VM-Series firewalls deployed in the AWS
cloud. By deploying the VM-Series firewall in the AWS cloud, you
can quickly and easily deploy GlobalProtect gateways in any region
without the expense or IT logistics that are typically required
to set up this infrastructure. For details, see Use Case: VM-Series Firewalls as GlobalProtectGateways
in AWS.
