11-06-2021 12:35 AM
Hello ,
for one of our customer , they did some pentest and came back with a report that our Global Protect Portal shows the version of GP
They advised if is it possible to hide GP version info .
When a user opens the GP Portal , version info is not displayed . But could be with pentest/VA tool it is
So is there a way to completely hide version related info for GP so that a hacker or pentester cant see it
11-06-2021 06:47 AM - edited 11-06-2021 12:03 PM
Hi @FWPalolearner ,
Have you tried disabling the portal page -> https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClbpCAC I am curious if it will work. It may not. I viewed the source HTML of my portal, and I don't see version info. The GP client and portal exchange versions in order to determine if a client upgrade is necessary. I would hope that occurs after login.
Many of my customers use software distribution servers to roll out the GP client, and they do not need the portal. You would use the method that works best for you.
Thanks,
Tom
11-06-2021 12:04 PM
Hi @FWPalolearner ,
The link is fixed now.
Thanks,
Tom
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
