Hi , I want to make sure Linux machines are unable to connect through GlobalProtect VPN. I believe using a HIP profile is the correct approach, but I want to make sure I'm not missing anything. Can someone confirm the full configuration steps? My understanding is: Create a HIP Object that identifies Linux devices. Add the HIP Object to a HIP Profile. Create a security policy from Untrust to Trust that matches the HIP Profile and denies access. Enable HIP checks by configuring the HIP Profile/Collector on the GlobalProtect Gateway. Am I missing any additional steps or best practices for blocking Linux endpoints from connecting to GlobalProtect? submitted by /u/alohalou [link] [comments]