Hacker News new | ask | show | jobs
by warhorse10_9 2067 days ago
I posted this in a comment response below.

All of these things are actually configured by the company/library you are connecting to. They are configuration options for the firewall that are enforced by global protect. Blame your library IT, not Palo Alto.
1 comments
shrubble 2067 days ago
Have you yourself used the interface for configuration of these options?

How easy is it for a non-expert to determine what the vpn client will or will not do, once deployed?

link
bnjms 2067 days ago
It isn’t. You will have to speak with the IT staff to understand how they have it configured. If you have an issue with this use a third party open source client.

The point is, any enterprise client is expected to have these features. Don’t install them on your personal laptop if you have a problem with what is expected behavior.

link
musicale 2067 days ago
> The point is, any enterprise client is expected to have these features

"Features" seems like an excessively charitable word to describe spyware/malware-like behavior.

Expected by whom? Certainly not library patrons. On the contrary, library patrons expect their privacy to be protected.

http://www.ala.org/advocacy/privacy

link
asdfasgasdgasdg 2067 days ago
> Expected by whom?

By the people who pay Palo Alto Networks.

link
msh 2067 days ago
No, people who pay for Spyware to spy on their employers / users.
link
warhorse10_9 2067 days ago
Let's lay this out. Let's say you are a government IT shop (it doesn't matter what level, state, nation whatever), or a bank, or a hospital, you are required by law to control how data is processed on your network. Therefore you must monitor compliance for devices connecting to your network. This is what GlobalProtect was designed for. It can be used in less restrictive environments, but the IT shop should make sure to audit the rules and policies of the client to not be overly burdensome on users. Palo Alto has numerous courses to train IT professionals to configure their products. It is on the IT professionals to configure the services correctly.
link
asdfasgasdgasdg 2067 days ago
Right. The people who pay Palo Alto Networks, in other words.
link
warhorse10_9 2067 days ago
Yes, I have. That interface is not for non-experts. It is for the IT professionals configuring the portal.
link