Restrict Transparent Agent Upgrades to Internal Network Connections
As part of a GlobalProtect portal configuration,
you can now control when transparent upgrades occur for a GlobalProtect
client. With this configuration, if the user connects from outside
the corporate network, the upgrade is postponed. Later, when the
user connects from within the corporate network, the upgrade is
activated. This feature allows you to hold the updates until users
can take advantage of good network availability and high bandwidth
from within the corporate network. The upgrades will not hinder
users when they travel to environments with low bandwidth.
select the portal configuration for which you want to add an agent
a new configuration).
tab and select
the configuration you want to modify (or
By default, the
display the options with default values that you can customize for
each client configuration. By default, GlobalProtect prompts the
end user to upgrade.
Change the default behavior so that GlobalProtect app
upgrades occur automatically.
Allow User to Upgrade GlobalProtect App
one of the following:
occur automatically without interaction with the user. Upgrades
can occur when the user is working remotely or connected from within
the corporate network.
—Upgrades occur automatically
without interaction with the user, provided the user is connected
from within the corporate network. This setting is recommended to
prevent slow upgrades in low-bandwidth situations. When a user connects
outside the corporate network, the upgrade is postponed and re-activated later
when the user connects from within the corporate network. You must
configure internal gateways and internal host detection to use this
only if the GlobalProtect software version on the portal is more
recent than the GlobalProtect software version on the endpoint.
For example, a GlobalProtect 3.1.3 agent connecting to a GlobalProtect
3.1.1 portal is not upgraded.
Save the agent configuration settings.
If you are done creating agent configurations,
to close the Configs dialog.
If you are done configuring the portal, click
close the GlobalProtect Portal Configuration dialog.