08-16-2016 06:53 AM
Greetings,
I have used the following article to distribute client certificates for GlobalProtect:
My understanding is that with this method of certificate distribution, all client machines will have the same client certificate.
I understand that with any system, there's always a risk with regards to security, and that the risk will have to be managed accordingly.
My question is are there any major security concerns with each client machine having the same client certificate? If there's any documentation that I can reference, that would be helpful as well.
08-16-2016 11:24 AM
Since they still have to sign into globalprotect with their credentials I wouldn't be to worried about having the same cert on all of their equipment, as anybody who gets the cert would still need the username and password. Most organziations use certs pretty heavily and many will have the same cert on all of their machines. We use a cert for one of our wireless SSIDS that uses a common cert, then have another SSID that uses the machine cert to authenticate.
08-16-2016 12:27 PM
Makes sense. Thanks for the response.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
