In Global Protect HIP check we have allowed only specific domain machine and specific antivirus. Firewall will continue to check domain and antivirus if Global Protect license is expired ?
Any impact if GP license expired ? Do we require to remove HIP profile from rules in such case ?
As you can see from official documentation GlobalProtect license is required for "performing HIP checks"
I haven't personally expirience expired GP license, but I would expect that GP will contiue to gather HIP data and will submit it to the firewall, but since the license has expired firewall will ignore it and will not use that data to build HIP profile for any of the connected users. Because of this all GP users will not match any of the security rules that are enforcing HIP.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!