NGFW

and

Prisma Access

Managed by

Strata Cloud Manager

Use one of the various ways to access
Identity & Access
.
(
New users only
) Add Access to your tenant where
AI Access Security
is active.
This step is required only if the user for which you’re granting
AI Access Security
access isn’t already registered with the Palo Alto Networks Customer Support Portal (CSP).
Assign role-based access for
AI Access Security
.
You don’t need to configuring a tenant role for a user if access to only
Enterprise DLP
is required.
Select
User
and for the
Identity Address
, enter the email address for which you granted access in the previous step.
For
Apps & Services
, select
AI Access Security
.
Select a predefined
Common Services
Role
.
Add Another
to enable additional role-based access to subscriptions for the admin on
Strata Cloud Manager
.
You must click
Add Another
for each you subscription you want to enable role-based access. Skip this step if you only want to enable role-based access to
AI Access Security
.
Enable role-based access for
Prisma Access
.
This controls which parts of
Strata Cloud Manager
the admin has access to. For example, if the assigned role privileges does not allow the admin access to Web Security policy rules then the admin cannot implement policy rules to control access to GenAI apps.
Enable role-based access for
Enterprise Data Loss Prevention (E-DLP)
.
This defines the access privileges to configure
Enterprise DLP
data patterns and profiles which define is what considered sensitive data that must be blocked.
Add Another
and enable role-based access for
SaaS Security Inline
on
Strata Cloud Manager
.
Review the role privileges if you are assigning a predefined role to the admin. Role based access to
SaaS Security Inline
can giver your admin the privileges to tag and configure the risk score for GenAI apps.
Submit
.