GlobalProtect: Safely Enable Mobile Devices

Mobile devices are creating new ways of conducting business, while also introducing new risk vectors. The challenge enterprises face today is how to make mobile devices secure for business use. Traditional approaches to security have not met the specific needs for mobile devices. Businesses must find ways to make mobile computing safe for business, while still satisfying end user requirements for ease of use and platform choice. Instead of blocking mobile computing, companies must find ways to safely enable mobile devices.

Safely Enabling Mobile Devices

GlobalProtect from Palo Alto Networks provides a comprehensive security solution for mobile devices built upon the technologies of the next-generation network security platform and tailored to address mobile requirements. It delivers unprecedented levels of integration to deliver a unique solution that combines technology, global intelligence and policy enforcement over mobile apps and threats. These principles allow businesses to provide a safe environment for applications and data while still permitting users to enjoy the native user experience of their preferred device.

Build your mobile initiatives upon a strong foundation for security. Use GlobalProtect to ensure that the proper security is in place to protect and manage mobile devices and to keep data safe.

Applying Apps and Threats Intelligence to Mobile Devices

The foundation of the solution uses a collection of technologies for analyzing and detecting how mobile apps and threats work.  By analyzing millions of mobile apps and examining their functions, Palo Alto Networks has built a database of intelligence on how apps use the network, the domains and URLs they contact, the protocols they use, and more. This intelligence covers all apps, including the apps that you want to manage (in order to safely provide access while minimizing risk), and the ones that you want to block (for compliance and security reasons).

The intelligence on app and threat behaviors feed the signature database and application decoders used for policy enforcement in the Palo Alto Networks next-generation security platform.

  • App-ID can determine when a specific app is being used, and take actions to safely enable its use.
  • The intelligence on how apps use URLs is a component of the URL filtering database.
  • Signatures on mobile exploits and malware are added to the mobile threat prevention technologies including intrusion prevention and antivirus.

In addition, the intelligence is updated in an ongoing manner, including through dynamic means. Palo Alto Networks WildFire, a cloud-based sandbox for performing real-time analysis of app behaviors, continuously examines new apps as they emerge in app stores, and examines samples gathered from GlobalProtect Gateways from around the world.

GlobalProtect Components at a Glance

GlobalProtect Gateway – GlobalProtect Gateway delivers mobile threat prevention and policy enforcement based on apps, users, content, device and device state. VPN connections terminate at the GlobalProtect Gateway, which provides consistent enforcement of policy and threat prevention for Internet and corporate traffic. The gateway uses apps, users, content, device and device state as policy enforcement criteria. GlobalProtect Gateway runs on the Palo Alto Networks next-generation security platform, which is available in hardware (such as the PA-5000 Series or the PA-200) and virtualized (such as the VM-Series) form factors.  

GlobalProtect App – GlobalProtect App is a lightweight client that communicates with GlobalProtect Gateway and GlobalProtect Mobile Security Manager. It establishes a VPN connection with GlobalProtect Gateway to protect traffic and enforce policy. It works in conjunction with GlobalProtect Mobile Security Manager to manage devices and share information about the device state.

GlobalProtect Mobile Security Manager GlobalProtect Mobile Security Manager ensures that devices are appropriately managed and configured for use in a business environment. It manages mobile devices by providing the device settings and account information for use with corporate applications and networks. GlobalProtect Mobile Security Manager checks the device state for ongoing compliance with company policies. Information about the device state is shared with the GlobalProtect Gateway for enforcement of policy. GlobalProtect Mobile Security Manager integrates with the WildFire to identify Android devices that are infected with malware. GlobalProtect Mobile Security Manager runs on the GP-100 appliance.

How globalprotect works

file

GlobalProtect safely enables mobile devices based on three categories of security requirements:

Manage the Device:

GlobalProtect enables organization to manage mobile device configuration and oversee device usage throughout the organization with GlobalProtect Mobile Security Manager. As the organization extends access to new devices, whether they are corporate or end-user (BYOD) owned, the first step is to ensure that the appropriate levels of device management are available. GlobalProtect Mobile Security Manager will push the profile that’s appropriate for the given device and its use case.

Protect the Device:

GlobalProtect protects the device in multiple ways.

First, it secures network connection for privacy, thus providing protection against packet sniffing on untrusted networks. By establishing an IPsec/SSL VPN tunnel, the content passing within cannot be intercepted or modified by 3rd parties.

Second, it can automatically establish the VPN tunnel in order to consistently enforce policy for users everywhere, thus closing the gap between protections and policies provided to internal and external users. When enabled, the device will automatically connect to a GlobalProtect Gateway whenever network connectivity is available, regardless of location.

Third, it employs mobile threat prevention to block dangerous content from reaching the device. These technologies include vulnerability protection, URL filtering, malware detection and WildFire for dynamically analyzing app behaviors.

Control the data:

GlobalProtect provides security teams with granular control over who can access particular applications and data. Only users with managed devices can access the application. GlobalProtect Mobile Security Manager delivers information about device state for security policy. Users who have unmanaged devices, or devices in non-compliant states (such as jailbroken devices or malware infected states) can be blocked from accessing specific applications.

The next-generation security platform includes file and data filtering technology to control the movement of data to mobile devices.

Platform support

GlobalProtect Gateway

GlobalProtect Mobile Security Manager

GlobalProtect App

  • Android 4.0.3 and later (Google Play)
  • Apple iOS 6.0 and later (App Store)
  • Microsoft Windows XP, Vista, 7, 8, and 8.1
  • Apple Mac OS X 10.6 and later
  • Linux (using vpnc)