Objects > GlobalProtect > HIP Objects
Select to
define objects for a host information profile (HIP). HIP objects
provide the matching criteria for filtering the raw data reported
by an app that you want to use to enforce policy. For example, if
the raw host data includes information about several antivirus packages
on an endpoint, you might be interested in a particular application
because your organization requires that package. For this scenario,
you create a HIP object to match the specific application you want
to enforce.
The best way to determine the HIP objects you need is to determine
how you will use the host information to enforce policy. Keep in
mind that the HIP objects are merely building blocks that allow
you to create the HIP profiles that your security policies can use.
Therefore, you may want to keep your objects simple, matching on
one thing, such as the presence of a particular type of required
software, membership in a specific domain, or the presence of a
specific endpoint OS. With this approach, you have the flexibility
to create a very granular, HIP-augmented policy.
To create a HIP object, click Add to open
the HIP Object dialog. For a description of what to enter in a specific
field, see the tables that follow.