Secure the mobile workforce

Protect Your Growing Mobile Workforce

Implement a Zero Trust Architecture

Enable and Secure Bring-Your-Own-Device (BYOD)

GlobalProtect - Business Benefits

Remote Access VPN

  • Provides secure access to internal and cloud-based business applications.

Advanced Threat Prevention

  • Secures internet traffic.
  • Stops threats from reaching the endpoint.
  • Protects against phishing and credential theft.
  • Quarantines compromised devices by leveraging immutable characteristics.

URL Filtering

    • Enforces acceptable use policies.
    • Filters access to malicious domains and adult content.
    • Prevents the use of avoidance and evasion tools.
    • Secures access to SaaS applications.
    • Controls access and enforces policies for SaaS applications while blocking unsanctioned applications.

Bring-Your-Own-Device Policies

  • Supports app-level VPN for user privacy.
  • Enables secure, clientless access for partners, business associates, and contractors.
  • Supports automated identification of unmanaged devices.
  • Supports customized authentication mechanisms for managed and unmanaged devices.

Zero Trust Implementation

  • Delivers reliable user identification.
  • Delivers immediate and accurate host information for visibility and policy enforcement.
  • Enforces step-up multi-factor authentication to access sensitive resources.

Key Benefits

Extending the Platform Protection Externally

GlobalProtect safeguards your mobile workforce by inspecting all traffic using your Next-Generation Firewalls deployed as Internet gateways, whether at the perimeter, in the Demilitarized Zone (DMZ), or in the cloud. Laptops, smartphones, and tablets with the GlobalProtect app automatically establish a secure IPsec/SSL VPN connection to the Next-Generation Firewall using the best gateway, thus providing full visibility of all network traffic, applications, ports, and protocols. By eliminating the blind spots in mobile workforce traffic, your organization can maintain a consistent view into applications

Implementing Zero Trust in Your Network

Not all users need access to all assets inside your corporate network. Security teams are adopting Zero Trust principles to segment their networks and enforce precise controls for access to internal resources. GlobalProtect provides the fastest, most authoritative user identification for the platform, enabling you to write precise policies that allow or restrict access based on business need. Furthermore, GlobalProtect provides host information that establishes device compliance criteria associated with security policies. These measures allow you to take preventive steps to secure your internal networks, adopt Zero Trust network controls, and reduce the risk of attack. When GlobalProtect is deployed in this manner, the internal network gateways may be configured with or without a VPN tunnel. In addition, GlobalProtect enables you to quarantine compromised devices by utilizing an endpoint’s immutable characteristics. This will allow administrators to restrict network access as well as prevent the compromised endpoint from infecting other users and devices. Quarantine restrictions can apply whether the compromised device is external or on the internal network.


The Palo Alto Networks Next-Generation Firewall plays a critical role in preventing breaches. Use GlobalProtect to extend the protection of the platform to users wherever they go. By using GlobalProtect, you can get consistent enforcement of security policy so that even when users leave the building, their protection from cyberattacks remains in place.