How to resolve HIP Match issue on OS device for Crowdstrike Falcon

How to resolve HIP Match issue on OS device for Crowdstrike Falcon

6954
Created On 08/13/21 19:22 PM - Last Modified 08/07/24 19:56 PM


Objective


How to resolve HIP Match issue on OS device for Crowdstrike Falcon

Environment


  • PAN-OS
  • GlobalProtect
  • OS devices (Windows, macOS, Linux, etc)
  • HIP object for Crowdstrike Falcon

Procedure


Cause
  • When the firewall has a HIP object for Crowdstrike Falcon , Any OS  devices wont match to this hip object , however the Mac and Windows device can match properly.
  • The issue is OS device hip object showed the Crowdstrike Falcon and the hip object on firewall configure CrowdStrike Falcon and this is causing the HIP match wont hit on firewall properly.
  • This is the wrong firewall config : ( Objects > GlobalProtect > HIP objects > Anti-MalwareCrowdStrike, Inc. > Product
User-added image
  • This is the OS device hip match : ( Monitor > HIP Match
User-added image


To FIX
  1. Navigate to Objects > Hip objects > Anti-MalwareCrowdStrike, Inc. > Product > Crowdstrike Falcon
User-added image
  1. Change ONLY "product name and used the lower case "Crowdstrike Falcon" and use the lowercase "s"
  2. Click OK
  3. Commit

Additional Information




 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000oMPrCAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language