topic How do I identify iOS company assets in HIP Profiles? in General Topics https://live.paloaltonetworks.com/t5/general-topics/how-do-i-identify-ios-company-assets-in-hip-profiles/m-p/27772#M20248 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>We are currently testing GlobalProtect as an SSL VPN replacement. In our current Juniper environment, we use a user cert (pushed to all company iOS assets via MDM) to verify an iOS device is a company asset. Is there any similar methodology we can use with the Global Protect environment as a HIP Profile that we can use to build policy against?</P><P></P><P>As an aside, we are testing using the new Global Protect app, not via IPSec tunneling.</P><P></P><P>Thanks,</P><P>Ben</P></BODY></HTML> Thu, 02 May 2013 18:45:53 GMT bgranholm 2013-05-02T18:45:53Z How do I identify iOS company assets in HIP Profiles? https://live.paloaltonetworks.com/t5/general-topics/how-do-i-identify-ios-company-assets-in-hip-profiles/m-p/27772#M20248 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>We are currently testing GlobalProtect as an SSL VPN replacement. In our current Juniper environment, we use a user cert (pushed to all company iOS assets via MDM) to verify an iOS device is a company asset. Is there any similar methodology we can use with the Global Protect environment as a HIP Profile that we can use to build policy against?</P><P></P><P>As an aside, we are testing using the new Global Protect app, not via IPSec tunneling.</P><P></P><P>Thanks,</P><P>Ben</P></BODY></HTML> Thu, 02 May 2013 18:45:53 GMT https://live.paloaltonetworks.com/t5/general-topics/how-do-i-identify-ios-company-assets-in-hip-profiles/m-p/27772#M20248 bgranholm 2013-05-02T18:45:53Z Re: How do I identify iOS company assets in HIP Profiles? https://live.paloaltonetworks.com/t5/general-topics/how-do-i-identify-ios-company-assets-in-hip-profiles/m-p/27773#M20249 <HTML><HEAD></HEAD><BODY><P>Checking presence of a certificate is not included in HIP Profile. However you could configure a GlobalProtect Gateway with certificate profile and require the client to present a valid certificate before a connection is allowed. Since only the device under MDM will have the valid certificate, only managed devices can connect. </P></BODY></HTML> Fri, 03 May 2013 05:38:21 GMT https://live.paloaltonetworks.com/t5/general-topics/how-do-i-identify-ios-company-assets-in-hip-profiles/m-p/27773#M20249 jmenon 2013-05-03T05:38:21Z