" signature #38407 must be applied upstream from any interfaces implementing SSL Decryption, or hosting a GlobalProtect portal or a GlobalProtect gateway." How can you ensure IPS is applied on the Global Protect interface? There are no manual created security policies required for access to that AFIK? I can't even see access to the portal page in the traffic logs i.e. if I browse to the portal page from external and then check the logs filtering for that public IP there is nothing there. I can see actual VPN traffic in the logs. Is IPS etc. just inherently on for Global Protect portal access?
... View more