Known Issues—Autonomous DEM

Review the open issues in Autonomous Digital Experience Management (DEM).
These are the issues we’re currently working on.
When performing a new installation of GlobalProtect 5.2.10 or later on an M1 MacBook device that does not have Rosetta 2 installed, the Autonomous DEM agent does not get installed even though the message that GlobalProtect displays indicates that the agent installed successfully.
Manually install Rosetta 2 on the M1 MacBook device and then refresh the GlobalProtect connection to enable GlobalProtect to re-initiate the install of the Autonomous DEM agent.
On a Windows operating system running GlobalProtect version 5.2.8, if the endpoint is in a Trusted network with VPN tunnel established to the internal gateway, the ADEM portal displays the GlobalProtect status as
and VPN status as
. The trend line shows a blue background indicating that the test was run while VPN was disabled.
Autonomous DEM does not run network performance tests to the service connection, and hence the network performance metrics are not measured for service connections. The service connection is included when tracing the network path from the endpoint to the application.
The license usage count that displays on
License Details
displays the number of unique endpoints that are connected to the Autonomous DEM service, instead of unique users. The license count is incremented based on number of endpoint agents connected.
When you install GlobalProtect app 5.2.6 on macOS devices, the pop-up prompt appears, prompting end users for administrative privileges to modify system settings.
: Select
so that the pop-up prompt does not appear again.
Synthetic tests from Prisma Access location vantage points are performed on all Prisma Access locations within a given region, even if you have not deployed the infrastructure to that specific location. You may see additional locations on the
Prisma Access Locations
Prisma Access Locations
Topology View
does not visually identify the hop details.
If you have enabled SSL Decryption on Prisma Access, the endpoint agent cannot register to the Autonomous DEM portal successfully. To enable the endpoint agent to successfully connect and communicate with the ADEM portal, you must add the FDQN to an allow list. Note that the allow list is required only for endpoint agent and ADEM connectivity and is not required for synthetic tests; synthetic tests comply with the SSL Decryption policy.
: You must add a policy rule with no decrypt for the DEM Portal FQDNs listed below so that the endpoint agent can register with the portal.
For applications that are being split tunneled, the synthetic test does not perform a trace path to display a hop-by-hop detailed topology on the
User Details
page for the specific application. The telemetry from the application and network performance tests are collected and available on Autonomous DEM.
Autonomous DEM is not supported with Config Selection Criteria for device checks in the GlobalProtect portal configuration.
: Do not use a certificate profile for
Device Selection Criteria
in your GlobalProtect portal configuration, to use Autonomous DEM for user experience and application performance monitoring.

Recommended For You