GP HIP Profile Applied to Security Policy with Multiple Zones

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

GP HIP Profile Applied to Security Policy with Multiple Zones

L0 Member

Hi everyone! 

 

First LIVE post, hoping to learn about how HIP profiles function when applied to security policies. 

 

I have a zone created for my Global Protect VPN users, I want to apply a HIP Profile that checks if the computer is domain joined and denies access to the gateway if the check fails. My understanding is that the HIP profile needs to be applied to a security policy. Adding it to my GP zone is not an issue however, I have security policies that preceded the GP zone that have “any” zone set as the source, meaning if a VPN user matches it is allowed to certain destinations. What happens if I apply the HIP profile with a security policy that has “any” as the source zone? Will it only deny traffic for Global Protect users who have HIP collection or will this also effect other endpoints coming from different zones? 

0 REPLIES 0
  • 410 Views
  • 0 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!