Can we continue to check domain and antivirus if GP license expired

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can we continue to check domain and antivirus if GP license expired

L3 Networker

In Global Protect HIP check we have allowed only specific domain machine and specific antivirus. Firewall will continue to check domain and antivirus if Global Protect license is expired ?

Any impact if GP license expired ? Do we require to remove HIP profile from rules in such case ?

 

2 REPLIES 2

Hi @Deepak25 

As you can see from official documentation GlobalProtect license is required for "performing HIP checks"

https://docs.paloaltonetworks.com/globalprotect/9-1/globalprotect-admin/globalprotect-overview/about...

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClG0CAK

 

I haven't personally expirience expired GP license, but I would expect that GP will contiue to gather HIP data and will submit it to the firewall, but since the license has expired firewall will ignore it and will not use that data to build HIP profile for any of the connected users. Because of this all GP users will not match any of the security rules that are enforcing HIP.

Cyber Elite
Cyber Elite

@Deepak25,

You won't actually receive HIP data when the license expires. It isn't just that the HIP data can't be used within policy, the firewall and the agent stop exchanging the data when it becomes unlicensed. 

  • 1600 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!