Forum Discussion

Karim El-Melhaoui's avatar
Karim El-Melhaoui
Brass Contributor
Nov 15, 2021

Network isolation with Always-On VPN

We are having trouble with reaching the client when using the Isolate Device on workstations, we are unable to communicate with the machine following the isolation as it prevents the Always-On VPN (GlobalProtect) from operating. 

 

Anyone that has a workaround to this?

-Karim 

  • Karim El-Melhaoui When isolating a device, only certain processes and destinations are allowed. Therefore, devices that are behind a full VPN tunnel won't be able to reach the Microsoft Defender for Endpoint cloud service after the device is isolated. It is recommended to use a split-tunneling VPN for Microsoft Defender for Endpoint and Microsoft Defender Antivirus cloud-based protection-related traffic.

Resources