: Get Started with Common Services: License Activation, Subscription, & Tenant Management
Focus
Focus

Get Started with Common Services: License Activation, Subscription, & Tenant Management

Table of Contents

Get Started with
Common Services
: License Activation, Subscription, & Tenant Management

Get Started with
Common Services
: License Activation, Subscription, & Tenant Management.
Welcome to
Common Services
: License Activation, Subscription, & Tenant Management. Activate and manage all your available licenses from one location. In multitenant deployments, you can create multiple tenants, build a hierarchy, and share and allocate license subscriptions for the desired tenants.

After you activate a license for your product, there are a few ways to access Subscription, Tenant Management, and Product Management.
Prisma SASE Multitenant Portal and FedRAMP
Tenant View of the
hub
Multitenant
AIOps for NGFW
and
Strata Cloud Manager
If you're a
FedRAMP Moderate customer as of January 2024 or
Prisma SASE FedRAMP High "In Process" customer as of December 2023, the following also applies to you.
If you have received information about the transition of your tenant to the Prisma SASE Multitenant Portal, you can access through the
original support account view of the hub
Prisma SASE Platform button
Tenants and Services
Common Services
Subscription or Tenant Management
.
To access directly from the hub, toggle to
tenant view of the hub
Common Services
Subscription or Tenant Management
Depending on your licensed products, and if you have received information about the migration of your tenant, you can access through
Settings
Subscriptions or Tenants
.
Regardless of how you access Subscriptions or Tenants, you’ll use approximately the following flow to manage your deployment.
  1. Activate licenses for your deployment type.
  2. Manage your tenants.
  3. Manage users, roles, and service accounts with identity and access.
  4. (
    Optional
    ) Manage devices in your deployment with Device Associations.
  5. (
    Optional
    ) View health, security, and telemetry metrics with AIOps for NGFW.
  6. (
    Optional
    ) Monitor and manage items such as multitenant status, alerts, alarms, virtual ION devices through the
    Strata Multitenant Cloud Manager
    .
See the Common Services FAQ for further information about tenants, the tenant transition, or the tenant view of the hub.

Who Can Use This Guide for License Activation, Subscription, and Tenant Management?

The following topics address who can use
Common Services
: Subscriptions and Tenant Management.

Cloud Managed
Prisma Access

First-Time Activation
Transitioned to
Strata Multitenant Cloud Manager
Managed Security Service Provider (MSSP)
FedRAMP
If you're a new Cloud managed
Prisma Access
customer as of August 2022, use Cloud-managed
Prisma Access
and add-ons License Activation and Subscription Management to activate licenses and manage subscriptions.
If you're an existing Cloud managed
Prisma Access
customer, you have received information about the transition of your
Prisma Access
tenant to the
Strata Multitenant Cloud Manager
. After your
Prisma Access
instance is transitioned to a tenant, you will no longer see a
Prisma Access
app tile on the hub. However, there will be a button on the hub to navigate to sase.paloaltonetworks.com. After the transition, use Cloud-managed
Prisma Access
and add-ons License Activation and Subscription Management to activate licenses and manage subscriptions. Until then, continue to manage your deployment as you have been doing.
If you're a managed security service provider (MSSP) or distributed enterprise
Prisma Access
customer as of July 2022, use Cloud-managed
Prisma Access
and add-ons License Activation and Subscription Management.
If you're a FedRAMP Moderate customer as of January 2024, you can use Cloud-managed
Prisma Access
and add-ons License Activation and Subscription Management
If you're a FedRAMP High "In Process" customer as of December 2023, use the FedRAMP High "In Process" license activation.

Panorama Managed
Prisma Access

First-Time Activation
Transitioned to
Strata Multitenant Cloud Manager
Prisma Access
China
FedRAMP
If you're a new Panorama managed
Prisma Access
customer as of August 2022, use Activate a License for Panorama-managed
Prisma Access
and Subscription Management to activate licenses and manage subscriptions.
If you're an existing Panorama managed
Prisma Access
customer, you have received information about the transition of your
Prisma Access
license activation to the
Strata Multitenant Cloud Manager
. After the transition, you can only use the
Common Services
for Activate a License for Panorama-managed
Prisma Access
. You can't use the other
Common Services
such as Tenant Management or Identity & Access. Continue to manage your tenants and user role permissions on Panorama as you have been doing. However, you can use
Common Services
: Identity and Access for managing other apps such as ADEM and Insights.
If you're a new Panorama managed
Prisma Access
China customer as of March 2023, use Activate a License for Panorama-Managed
Prisma Access
China to activate your licenses. You can't use the other
Common Services
such as Tenant Management or Identity & Access. Continue to manage your tenants and user role permissions on Panorama as you have been doing. However, you can use
Common Services
: Identity and Access for managing other apps such as Insights.
If you're a FedRAMP Moderate customer as of January 2024, you can use Activate a License for Panorama-managed
Prisma Access
If you're a FedRAMP High "In Process" customer as of December 2023, use the FedRAMP High "In Process" license activation.

Prisma SD-WAN

First-Time Activation
Transitioned to
Strata Multitenant Cloud Manager
Managed Security Service Provider (MSSP)
FedRAMP
If you're a
Prisma SD-WAN
customer as of July 2022, use
Prisma SD-WAN
License Activation.
If you're an existing Cloud managed
Prisma SD-WAN
customer, you have received information about the transition of your
Prisma SD-WAN
tenant to the
Strata Multitenant Cloud Manager
. After your
Prisma SD-WAN
instance is transitioned to a tenant, you will no longer see a
Prisma SD-WAN
app tile on the hub. However, there will be a button on the hub to navigate to sase.paloaltonetworks.com. After the transition, use License Activation for
Prisma SD-WAN
. Until then, continue to manage your deployment as you have been doing.
If you're a managed security service provider (MSSP) or distributed enterprise
Prisma SD-WAN
customer as of July 2022, use
Prisma SD-WAN
License Activation.
If you're a FedRAMP Moderate customer as of January 2024, you can use Activate a License for
Prisma SD-WAN
If you're a FedRAMP High "In Process" customer as of December 2023, use the FedRAMP High "In Process" license activation for
Prisma SD-WAN
.

CASB

Enterprise License Agreement Add-On

If you're an ELA customer using the AIOps for NGFW add-on, which is compatible with tenants and tenant service groups (TSGs) as of February 2023, use activate an Enterprise License Agreement to activate licenses.
If you're an ELA customer using the IoT Security add-on, which is compatible with tenants and tenant service groups (TSGs) as of March 2023, use activate an Enterprise License Agreement to activate licenses.

AIOps for NGFW

If you're using the AIOps for NGFW license, which is compatible with tenants and tenant service groups (TSGs) as of February 2023, use Activate AIOps for NGFW to activate licenses.

SaaS Security Posture Management

Consumer
If you're using the standalone SaaS Security Posture Management license, which is compatible with tenants and tenant service groups (TSGs) as of February 2023, use SaaS Security Posture Management to activate licenses.

IoT Security Subscriptions

Consumer
If you're using an IoT Security subscription, which is compatible with tenants and tenant service groups (TSGs) as of May 2023, use activate IOT Security subscriptions.

VM Flex

If you're a VM Flex customer using AIOps for NGFW or IoT, which is compatible with tenants and tenant service groups (TSGs) as of June 2023, use Activate a VM Flex License Agreement to activate licenses.

Cloud Identity Engine

Remote Browser Isolation

If you're a Remote Browser Isolation (RBI) customer as of November 2023, use RBI License Activation to activate licenses.

Recommended For You