Agent Configurations Based on Software and App Settings
Use the following steps to push agent configurations to connecting endpoints based on the presence of specific software and app settings on the endpoint:
- The Windows Registry and macOS plist enable you to deploy app settings directly to endpoints.
- Define the data that the GlobalProtect app collects from connecting endpoints after users successfully authenticate to the portal.
- To collect registry data from Windows endpoints, selectWindowsand thenAddtheRegistry Keyand correspondingRegistry Value.
- To collect plist data from macOS endpoints, selectMacand thenAddthePlistkey and correspondingKeyvalue.
- Add custom config selection criteria for your agent configuration.The portal can determine whether an endpoint is managed or unmanaged by verifying the presence of specific software and app settings on the endpoint, as defined in the Windows Registry and macOS plist (Step 1). After the GlobalProtect app collects data from connecting endpoints (as defined in Step 3), it sends this data to the portal to match against the custom checks that you specify in the config selection criteria for each agent configuration. If an endpoint matches all config selection criteria for an agent configuration, the portal pushes that agent configuration to the endpoint.To deliver your agent configuration to connecting endpoints based on custom host information, use the following steps:
- Select.Config Selection CriteriaCustom Checks
- EnableCustom Checksand then define any of the following registry and plist data to match:
- To check Windows endpoints for a specific registry key, use the following steps:
- Adda new registry key ().Custom ChecksRegistry Key
- When prompted, enter theRegistry Keyto match.
- (Optional) To deliver this configuration only if the endpoint does not have the specified registry key or key value, selectKey does not exist or match the specified value data.
- (Optional) To deliver this configuration based on specific registry values,AddtheRegistry Valueand correspondingValue Data. To deliver this configuration only if the endpoint does not have the specifiedRegistry ValueorValue Data, selectNegate.
- To check macOS endpoints for a specific entry in the plist, use the following steps:
- Adda new plist ().Custom ChecksPlist
- When prompted, enter thePlistname.
- (Optional) To deliver this configuration only if the endpoint does not have the specified plist, selectPlist does not exist.
- (Optional) To deliver this configuration based on specific key-value pairs within the plist, clickAddand then enter theKeyand correspondingValue. To match only if endpoints do not have the specified key or value, selectNegate.
- Save the portal configuration.
- Commityour changes.
Recommended For You
Recommended videos not found.