cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who rated this post

Cyber Elite
Cyber Elite

@Hamid.Saffarzadeh,

I don't think you'll have any luck in preventing a Globalprotect Agent from attempting to connect if another VPN instance is running on the client. Unless you block everything but the expected country of origin from accessing the portal/gateway and force the user to disconnect first, but that only works if you only operate in a single country.

 

What you could do is attempt to maintain a list of VPN processes and use them in HIP-Objects to detect if someone is running a VPN application (outside of those that function directly from a browser). This would allow you to utilize that information in your security rulebase to drop the traffic for these users and provide them with a HIP-Notification that they must disconnect and shutdown all 3rd-party VPN applications prior to connecting to GlobalProtect. It's not a foolproof method and would need to be manually maintained and built-out, but it would function.

 

View solution in original post

Who rated this post