Restrict Transparent Agent Upgrades to Internal Network Connections
As part of a GlobalProtect portal configuration, you can now control when transparent upgrades occur for a GlobalProtect client. With this configuration, if the user connects from outside the corporate network, the upgrade is postponed. Later, when the user connects from within the corporate network, the upgrade is activated. This feature allows you to hold the updates until users can take advantage of good network availability and high bandwidth from within the corporate network. The upgrades will not hinder users when they travel to environments with low bandwidth.
- Customize the GlobalProtect Agent.
- Select NetworkGlobalProtectPortals and select the portal configuration for which you want to add an agent configuration (or Add a new configuration).
- Select the Agent tab and select the configuration you want to modify (or Add a new configuration).
- Select the App tab.By default, the App configurations display the options with default values that you can customize for each client configuration. By default, GlobalProtect prompts the end user to upgrade.
- Change the default behavior so that GlobalProtect app
upgrades occur automatically.Set Allow User to Upgrade GlobalProtect App to one of the following:
Upgrades for Allow Transparently and Internal occur only if the GlobalProtect software version on the portal is more recent than the GlobalProtect software version on the endpoint. For example, a GlobalProtect 3.1.3 agent connecting to a GlobalProtect 3.1.1 portal is not upgraded.
- Allow Transparently—Upgrades occur automatically without interaction with the user. Upgrades can occur when the user is working remotely or connected from within the corporate network.
- Internal—Upgrades occur automatically without interaction with the user, provided the user is connected from within the corporate network. This setting is recommended to prevent slow upgrades in low-bandwidth situations. When a user connects outside the corporate network, the upgrade is postponed and re-activated later when the user connects from within the corporate network. You must configure internal gateways and internal host detection to use this option.
- Save the agent configuration settings.
- If you are done creating agent configurations, click OK to close the Configs dialog.
- If you are done configuring the portal, click OK to close the GlobalProtect Portal Configuration dialog.
- Commit your changes.
GlobalProtect Features New GlobalProtect Features Description Clientless VPN You can now use Clientless VPN for securing remote access to common enterprise web applications that use ...
Customize the GlobalProtect Agent
Customize the GlobalProtect Agent The portal agent configuration allows you to customize how your end users interact with the GlobalProtect agents installed on their systems ...
GlobalProtect Portals Agent App Tab
GlobalProtect Portals Agent App Tab Select Network GlobalProtect Portals Agent App to specify how end users interact with the GlobalProtect agents installed on their systems. ...
GlobalProtect Features Clientless VPN IPv6 for GlobalProtect Split Tunnel to Exclude by Access Route External Gateway Priority by Source Region Internal Gateway Selection by Source ...
Types of Gateways
Types of Gateways GlobalProtect gateways provide security enforcement for traffic from GlobalProtect agents/apps. Additionally, if the HIP feature is enabled, the gateway generates a HIP ...
Define the GlobalProtect Agent Configurations
Define the GlobalProtect Agent Configurations After a GlobalProtect user connects to the portal and is authenticated by the GlobalProtect portal, the portal sends the agent ...
Components of the GlobalProtect Infrastructure
Components of the GlobalProtect Infrastructure To block risky applications and protect mobile users from malware, you must set up the GlobalProtect infrastructure, which includes the ...
End User Experience
End User Experience End users who are remote (not inside the corporate network) connect to one of the gateways in AWS or Azure. When you ...
Managing the GlobalProtect Agent Software
Managing the GlobalProtect Agent Software Select Device GlobalProtect Client ( firewall only ) to download and activate the GlobalProtect agent software on the firewall that ...