Enable ADEM in Cloud Managed Prisma Access for Remote Sites
Table of Contents
Enable ADEM in Cloud Managed Prisma Access for Remote Sites
To enable Autonomous DEM for Remote Networks
in Cloud Managed Prisma Access:
- In your Cloud Managed app, selectManage.
- InRemote Networks Setup, under theAutonomous DEMcolumn, to enable Remote Networks on aCompute Location, move its slider to the right until it turns blue.
- Make sure you have security policy rules required to allow the GlobalProtect app to connect to the ADEM service and run the synthetic tests.The following screen shows you an example of what fields you need to configure.
You must add the ADEM URLs to make the endpoints register to the ADEM portal.- Add a security profile for your endpoint agent registration. You will need to create a security policy for it.ClickAllow All Traffic for ADEM clients.
TheAllow All Traffic for ADEM Clientspage opens. - Add the ADEM URLs.To do so, click the+icon under .
- TheAddress Groupspage opens. Click the+icon under .
Add the following URLs one by one by clicking the+icon:- agents.dem.prismaaccess.com
- agents.jp1.ap-northeast-1.dem.prismaaccess.com
- agents.sg1.ap-southeast-1.dem.prismaaccess.com
- agents.au1.ap-southeast-2.dem.prismaaccess.com
- agents.ca1.ca-central-1.dem.prismaaccess.com
- agents.eu1.eu-central-1.dem.prismaaccess.com
- agents.uk1.eu-west-2.dem.prismaaccess.com
- agents.us1.us-east-2.dem.prismaaccess.com
- updates.dem.prismaaccess.com
- agents.in1.ap-south-1.dem.prismaaccess.com
- To enable the app to connect to the ADEM service and to run the application tests, you must have a policy rule to allow the remote sites to connect to applications over HTTPS.
- To enable the app to run network monitoring tests, you must have a policy rule to allow ICMP and TCP traffic.
- (Optional) If you plan to run synthetic tests that use HTTP, you must also have a security policy rule to allow the remote sites to access applications over HTTP.