Focus
Focus
Table of Contents

Activate SaaS Security Posture Management

Learn about SaaS Security Posture Management activation.
Where Can I Use This?What Do I Need?
  • From email activation link
  • Commercial deployments
  • Customer Support Portal account
Welcome to SaaS Security Posture Management activation. SaaS Security Posture Management helps detect and remediate misconfigured settings in sanctioned SaaS applications through continuous monitoring. Select Activate Subscription in your email, then use one of the following options:
The SaaS Security Posture Management license is a standalone license that is available only on tenants. It does not require any other app or prerequisite.
If you are looking for an app bundle that includes SSPM, see the Next Generation Cloud Access Security Broker (CASB-X) for cross platform license or the CASB on Prisma Access add-on bundle when activating a license for Prisma Access (Managed by Strata Cloud Manager) and Add-ons.

First time Activation - One Customer Support Portal Account

Learn how to activate your SaaS Security Posture Management application for the first time if you have only one Customer Support Portal account.
If you have only one Customer Support Portal account, follow these steps for first time SaaS Security Posture Management activation.
  1. Because you have only one Customer Support Portal account associated with your username, the Customer Support Account is prepopulated.
  2. Allocate the product to the Recipient of your choice.
    1. The name provided matches your Customer Support Portal account for convenience. You can use the name provided or change it.
  3. Select a Region where you want to deploy your product.
  4. The web interface shows if you have Prisma Access or NGFW available in this tenant where you can associate firewalls or devices.
  5. Agree to the terms and conditions, and Activate.
    A single default tenant is autocreated behind the scenes, and the product is activated in the tenant.
    This tenant, and any others created by this Customer Support Portal account, will have the Superuser role.
  6. Common ServicesProducts displays the status of the activation, such as initializing or complete.
  7. After the status is complete, you must go to the Common ServicesDevice Associations tab to add firewalls to the tenant: Device Associations.
  8. After the status is complete, you can launch SSPM from one of the following options.
    • Launch from email:
    • Launch from the hub tile:
    • Launch from Common ServicesProducts:
  9. Get started with SaaS Security Inline.

First time SaaS Security Posture Management Activation - Multiple Customer Support Portal Account

Learn how to activate your SaaS Security Posture Management application for the first time if you have multiple Customer Support Portal accounts.
If you have multiple Customer Support Portal accounts, follow these steps for first time SaaS Security Posture Management activation.
  1. If you have multiple Customer Support Portal accounts, choose the Customer Support Account number that you want to use.
  2. Allocate the product to the Recipient of your choice.
    You can allocate your entire license to one recipient or you can share it with multiple recipients in a tenant hierarchy. What is a tenant?
    1. If you need just one tenant, use or rename the tenant provided. The name provided matches your Customer Support Portal account for convenience.
    2. (Optional) This step applies if you are a managed security service provider (MSSP), a distributed enterprise customer, or need multiple tenants. After you create the first tenant, you can Allocate to subtenant and use or rename the tenant provided.
      A subscription gets allocated on a tenant or a sub-tenant. This step is for choosing a tenant where you want to allocate a license, not for building a complete tenant hierarchy. You can create only a tenant and subtenant here, and you can choose to allocate a license to that subtenant.
      After activation, you can build out your tenant hierarchy as needed through tenant management. You can create your tenant hierarchy to reflect your existing organizational structure. You can also consider identity and access inheritance when creating the hierarchy, in addition to tenant hierarchy limits.
    3. Select Done.
  3. Select a Region where you want to deploy your product.
  4. The web interface shows if you have Prisma Access and NGFW available in this tenant where you can apply CASB-X.
  5. Agree to the terms and conditions, and Activate.
    A single default tenant is autocreated behind the scenes, and the product is activated in the tenant.
    This tenant, and any others created by this Customer Support Portal account, will have the Superuser role.
  6. Common ServicesProducts displays the status of the activation, such as initializing or complete.
  7. After the status is complete, you must go to the Common ServicesDevice Associations tab to add firewalls to the tenant: Device Associations.
  8. After the status is complete, you can launch SSPM from one of the following options.
    • Launch from email:
    • Launch from the hub tile:
    • Launch from Common ServicesProducts:
  9. Get Started with SSPM documentation.

Return Visit SaaS Security Posture Management Activation

Learn how to activate your SaaS Security Posture Management for repeat visits.
Follow these steps if you have already completed first time activation, you have already created your tenant hierarchy through Identity & AccessTenants or tenant management, and you are returning to activate another product in your existing hierarchy.
  1. Choose the Customer Support Account number that you want to use to activate.
  2. Allocate the subscription to the Recipient tenant of your choice.
    You can hover over each tenant to see which apps you already activated.
  3. Select a Region where you want to deploy your product.
  4. Agree to the terms and conditions, and Activate.
  5. (Optional) Manage your product from Strata Cloud Manager.

Convert SSPM Evaluation to Production Through Common Services

Learn how to convert a standalone SaaS Security Posture Management (SSPM) evaluation license to a production license on a single tenant through Common Services.
If you have an evaluation license for standalone SaaS Security Posture Management (SSPM), you can convert it to a production license. After you receive an email from Palo Alto Networks identifying the SSPM license you are converting, click the email link to begin the activation process.
  1. Select Get Started with SaaS Security Posture Management (SSPM) in your email.
  2. You are automatically directed to Common ServicesSubscription & Add-ons, where you activate the subscription for your product.
  3. Use one of the following activation methods.
    • Select your existing Tenant to convert your evaluation license to a production license on the existing tenant:
    • Select Create New to convert your evaluation license to a production license on a new tenant:
  4. The Customer Support Account is auto-populated with the same CSP that you used for the evaluation.
  5. The Region is auto-populated with the same region that you used for the evaluation.
  6. Agree to the terms and conditions, and Activate.
  7. .
  8. Common ServicesTenant Management displays the status of the activation, such as initializing or complete.
  9. After the status is complete, you can launch SSPM from one of the following options.
    • Launch from the hub tile:
    • Launch from Common ServicesTenant Management. You’ll notice that you have a new Contract serial number:
  10. Get Started with SSPM documentation.