GlobalProtect 6.1: New Features and Behavior

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Team Member



Traditional technologies used to protect mobile endpoints but have long outlived their usefulness and are no longer capable of stopping advanced techniques used by modern attackers. Both users and applications have shifted to locations outside the traditional network perimeter. GlobalProtect enables organizations to protect the mobile workforce by extending the Next-Generation Security Platform to all users, regardless of location.


Read on to learn about all the new features and behavior introduced with the release of GlobalProtect 6.1.


Proxy Auto Configuration (PAC) Deployment from GlobalProtect


The GlobalProtect portal can now push the URL for your proxy auto-configuration (PAC) files to your endpoints. Upon connection, the portal returns the PAC URL to the endpoint. After establishing a tunnel with the gateway, the endpoint connects to the PAC URL and fetches the PAC file, which will update the proxy settings on the endpoint. Different PAC URLs can be deployed to different endpoints based on username or group membership. Once the endpoint has the proxy settings, it uses the proxy server to access the internet.

After you enable the feature, the new proxy configurations pushed through the app replaces the proxy settings already available on the endpoint. When the user disconnects the GlobalProtect app, the endpoint proxy configurations get automatically disabled, reverting to the initial settings on the endpoint.


This feature is available for all GlobalProtect users.


globalprotect portal, globalprotectglobalprotect portal, globalprotect


Note: Both Proxy Auto-Config (PAC) and Web Proxy Auto-Discovery Protocol (WPAD) standards are supported.


Advanced Internal Host Detection


You can now configure advanced internal host detection through the portal if you want to add an extra security layer during internal host detection by the GlobalProtect app. The app validates the server certificate of the internal gateways in addition to performing a reverse DNS lookup of the internal host to determine whether the app is inside the enterprise network.

Enabling the advanced internal host detection stops malicious actors from spoofing the reverse DNS server response during the internal host detection and prevents unauthorized access to the endpoints in the enterprise network. 


globalprotect portal, globalprotect, advanced internal host detectionglobalprotect portal, globalprotect, advanced internal host detection


Simplified macOS GlobalProtect App Deployment Using Jamf MDM Integration


Jamf Pro can now be used to deploy the GlobalProtect app to macOS endpoints to support large-scale GlobalProtect app deployments in on-premises and Prisma Access environments. Administrators can also provide a seamless user experience for macOS end users by deploying Jamf configuration profiles that can automatically load system and network extensions.



Additional information



We encourage you to check out the GlobalProtect resources on LIVEcommunity. Ideally, LIVEcommunity's product pages (find 'em in our nav bar) will be your first and last stop on your journey to learn more about the Palo Alto Networks products you're using. From discussions and blogs to videos and additional resources, LIVEcommunity can help you get the most from your cybersecurity toolbox.


Feel free to share your questions, comments and ideas in the section below.


Thank you for taking time to read this blog.

Don't forget to hit the Like (thumbs up) button and to Subscribe to the LIVEcommunity Blog area.


Kiwi out!

Register or Sign-in