How long is the Host Information Profile (HIP) report cached on GlobalProtect gateway firewall?

How long is the Host Information Profile (HIP) report cached on GlobalProtect gateway firewall?

5555
Created On 02/08/24 02:00 AM - Last Modified 04/19/24 20:12 PM


Question


How long is the Host Information Profile (HIP) Report cached on GlobalProtect gateway firewall?

Environment


  • Palo Alto Firewalls
  • Supported PAN-OS
  • GlobalProtect Gateway
  • GlobalProtect App
  • Prisma Access Mobile Users

Answer


  1. There is no cache time of HIP report in the GlobalProtect Gateway firewall.
  2. The HIP reports are saved in the HIP database based on computer, username, and IP address.
  3. After a successful Gateway connection, the GlobalProtect client sends hipreportcheck message.
  4. Part of the message is md5 checksum based on the HIP report content.
  5. The gateway will compare the checksum the client is reporting with the one sent in the previous report (if any).
  6. If the md5 sum is different (or there is no previous report), the gateway will request the GlobalProtect client for the hip report.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008X2tCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language