Global Protect HIP check issues

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Global Protect HIP check issues

L0 Member

Have had an open case with support since August 2019 with HIP checks setup for Global Protect.  There are options to allow HIP checks for a large number of different AV vendors and their products.  The issue we have come across is that we have defined specific AV vendors that can be used and all others are denied.  The vendors we have allowed we want to check that AV is present and updates and scans are completed within a set number of days.  The Global Protect client will not detect that scans have been run for multiple different vendors even our corporate AV(BitDefender).  The only workaround for now is to turn off the check for scan times for those HIP objects.  Even though this is the same issue for different vendors we have to open a case and submit logs for each one.  We were told that the HIP checks we are trying to accomplish are not available for all AV vendors.  This seems to be an issue that they should address by not having the AV vendors listed as an option for these checks if it cannot detect it.  Is anyone else experiencing these issues and very drawn out support cases to get resolved? 

2 REPLIES 2

Community Team Member

Hi @mattwech ,

 

Trying to configure HIP checks which aren't available sounds like a feature request.

Is the case closed as such or still under investigation ? It does seem strange that AV vendors are listed as an option if it cannot detect it.

 

Cheers,

-Kiwi.

 
LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.

L4 Transporter

I've found some other odd behavior with HIP checks as well, as it relates to registering/not registering to windows.   I am not surprised you are having an issue with this.   By chance, have you checked with the actual AV vendor to ensure that their product is registered and reporting to windows security center?  I'm guessing this may have something to do with the way GP is trying to grab the info from windows itself, and not the vendor.

  • 2742 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!