Palo Alto: GlobalProtect by Palo Alto Networks

GlobalProtect provides a comprehensive security solution for mobile devices built upon the technologies of the Palo Alto Networks enterprise security platform and tailored to address mobile requirements. It delivers unprecedented levels of integration to deliver a unique solution that combines technology, global intelligence and policy enforcement over mobile apps and threats. These principles allow businesses to provide a safe environment for applications and data while still permitting users to enjoy the native user experience of their preferred device.

GlobalProtect safely enables mobile devices based on three categories of security requirements:
Manage the Device
GlobalProtect enables organization to manage mobile device configuration, provision apps and oversee device usage throughout the organization with GlobalProtect Mobile Security Manager.

Protect the Device
GlobalProtect establishes an IPsec/SSL VPN tunnel to protect the device. The tunnel terminates on a Palo Alto Networks next-generation firewall, which delivers consistent enforcement of security policy and threat preventions to users regardless of where they are located. The next-generation firewall inspects the traffic for threats to protect the mobile device from malicious content.

Control the data
GlobalProtect uses apps, users, content and device state as policy criteria for determining the network resources that users can access. Unmanaged or non-compliant devices can be blocked from accessing sensitive resources. The solution also controls business data on mobile devices while respecting the user’s privacy for personal data.


<< How GlobalProtect Works >>

GlobalProtect Gateway
Delivers mobile threat prevention and policy enforcement based on apps, users, content, device and device state. Extends a VPN tunnel to mobile devices with GlobalProtect App. Integrates with WildFire for preventing new malware.

GlobalProtect App
Enables device management, provides device state information, and establishes secure connectivity. Connects to the GlobalProtect Gateway to access applications and data in accordance to policy. Exchanges device configuration and device state with the GlobalProtect Mobile Security Manager.

GlobalProtect Mobile Security Manager
Provides device management to configure the device. Uses WildFire malware signatures to identify devices with infected apps. Shares information about the device and device state with GlobalProtect Gateway for enforcing security policies. Hosts an enterprise app store for managing business apps. Isolates business data by controlling lateral data movement between business and personal apps.


<< Platform support >>
GlobalProtect Gateway
* Palo Alto Networks next-generation firewall

GlobalProtect Mobile Security Manager
* Palo Alto Networks GP-100

GlobalProtect App
* Android 4.0.3 and later (Google Play)
* Apple iOS 6.0 and later (App Store)
* Microsoft Windows XP, Vista, 7, 8, and 8.1
* Apple Mac OS X 10.6 and later
* Linux (using vpnc)


Reference:
GlobalProtect: Safely Enable Mobile Devices
https://www.paloaltonetworks.com/products/technologies/globalprotect.html