topic Re: Globalprotect auth certificate profile in General Topics

Globalprotect auth certificate profile

securehops — Sun, 22 Sep 2024 02:20:53 GMT

Hi,

Question on global protect authentication certificate profiles. On our gateways, I've had a certificate profile configured to prevent non-company devices from connecting. Has worked great, no real issues. However, this was only configured on the gateway, no the portal authentication. I'm trying to resolve an issue where bad actors are attempting globalprotect logins from valid active directory usernames and wind up locking those accounts out. I was wondering if certificate profile was added to the portal configuration as well, would it prevent these failed authentication attempts from occuring?

Re: Globalprotect auth certificate profile

Edsnow — Sun, 22 Sep 2024 02:51:31 GMT

Enabling cert Auth for GP portal would be extra layer of the protection. Even though if the malicious actor has the valid credentials they need to provide the valid certificate for successful authentication.

Re: Globalprotect auth certificate profile

securehops — Sun, 22 Sep 2024 03:02:55 GMT

thanks but it doesn't answer my question. I know it provides extra protection. I am looking for a way to prevent malicious actors from locking out my user accounts due to invalid login attempts. I'm wondering if adding the certificate profile for portal would prevent it