03-22-2024 08:53 AM
Hi everyone!
First LIVE post, hoping to learn about how HIP profiles function when applied to security policies.
I have a zone created for my Global Protect VPN users, I want to apply a HIP Profile that checks if the computer is domain joined and denies access to the gateway if the check fails. My understanding is that the HIP profile needs to be applied to a security policy. Adding it to my GP zone is not an issue however, I have security policies that preceded the GP zone that have “any” zone set as the source, meaning if a VPN user matches it is allowed to certain destinations. What happens if I apply the HIP profile with a security policy that has “any” as the source zone? Will it only deny traffic for Global Protect users who have HIP collection or will this also effect other endpoints coming from different zones?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
