GlobalProtect Features
Focus
Focus

GlobalProtect Features

Table of Contents
End-of-Life (EoL)

GlobalProtect Features

Learn about the exciting new GlobalProtect™ features introduced in the PAN-OS® 10.0 release.
The following table describes new GlobalProtect features introduced in PAN-OS 10.0. For features related to the GlobalProtect app, see the GlobalProtect App 5.1 Release Notes and GlobalProtect Features.
New GlobalProtect Feature
Description
Identification and Quarantine of Compromised Devices
GlobalProtect now makes it easier for you to block compromised devices from your network by allowing you to track compromised devices using unique attributes, such as the hardware serial number of the device and unique host information. This ability can be preferable to blocking a compromised endpoint from a network based on its IP address, because if a device’s IP address changed (for example, if a user moved their endpoint from a work location to their home), security policies based on IP addresses could allow the endpoint back on the network.
After GlobalProtect identifies a device as compromised (for example, if GlobalProtect detects that a device has been infected with malware and is performing command and control actions), it can add the device to a quarantine list and permanently block it from accessing the network. You can set security policies to quarantine the device or manually add it to a quarantine list.
Enhanced Logging for the Selected GlobalProtect Gateway
To help you to determine the reason for choosing the specific gateway to which to connect, the GlobalProtect app now collects and reports information to identify gateway selection criteria and latency between the gateway and the endpoint. After you enable the Log Gateway Selection Criteria option that is available as an app setting in the App Configuration area, the GlobalProtect app sends the logs about the gateway selection criteria to the firewall. With the additional GlobalProtect log fields, you can easily identify the priority and response time of the selected gateway, the list of gateway connection attempts, and statistics about the pre-tunnel and post-tunnel network latency.