07-24-2022 06:17 AM
In Global Protect HIP check we have allowed only specific domain machine and specific antivirus. Firewall will continue to check domain and antivirus if Global Protect license is expired ?
Any impact if GP license expired ? Do we require to remove HIP profile from rules in such case ?
07-24-2022 01:27 PM
Hi @Deepak25
As you can see from official documentation GlobalProtect license is required for "performing HIP checks"
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClG0CAK
I haven't personally expirience expired GP license, but I would expect that GP will contiue to gather HIP data and will submit it to the firewall, but since the license has expired firewall will ignore it and will not use that data to build HIP profile for any of the connected users. Because of this all GP users will not match any of the security rules that are enforcing HIP.
07-25-2022 02:30 PM
You won't actually receive HIP data when the license expires. It isn't just that the HIP data can't be used within policy, the firewall and the agent stop exchanging the data when it becomes unlicensed.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
