Prisma SASE FedRAMP Moderate and High "In Process" FQDNs
Table of Contents
Expand all | Collapse all
- Activate a License for Remote Browser Isolation
-
- What is a Tenant?
- Add a Tenant
- Edit a Tenant
- Manage Tenant Licenses
- Delete a Tenant
- Transition from Single Tenant to Multitenant Cloud-managed Prisma Access FedRAMP
- Move an Internal Tenant
- Acquire an External Tenant
- Approve an External Tenant Acquisition
- Limitations for Moving and Acquiring Tenants
- Tenant Hierarchy Limits
Prisma SASE FedRAMP Moderate and High "In Process" FQDNs
Learn which fully qualified domains (FQDNs) are supported for use in Prisma SASE
FedRAMP Moderate and High "In Process" environments.
Because Palo Alto Networks enforces strict incoming Security policy rules for Prisma SASE
FedRAMP tenants, you must provide Palo Alto Networks customer services with a list of
fully qualified domains (FQDNs) for the administrative users who will be accessing your
environment. After you submit a support ticket with these FQDNs, customer services will
create an allow list for them, which will let users log in from these FQDNs and access
the environment.
Moderate FQDNs
The following are FedRAMP Moderate FQDNs.
Product | Domain |
---|---|
ADEM (Panorama-managed only). Cloud-managed will have ADEM allow listed
by default, so you don't need to configure it. |
|
API Gateway | https://api-usgov-mod.cloudmgmt.paloaltonetworks.com/ |
App Services (Hub & CIE) |
|
CASB (SaaS API / SSPM) |
|
CASB (SaaS Inline) |
|
Cloud Management |
|
Cortex
Data Lake |
|
DLP | https://gov.dlp.pubsec-cloud.paloaltonetworks.com |
Insights |
|
IoT |
|
Lumos V&R |
|
Prisma SASE Multitenant Portal |
|
Prisma SD-WAN | *.prismasasegov.com |
Panorama | Cortex
Data Lake -gov1.us1.cent1.gov.Cortex
Data Lake .paloaltonetworks.com*.api2-lc-prod-gov.gpcloudservice.com *.fei-lc-prod-gov.gpcloudservice.com Br-gov1.us1.cent1.gov. Cortex
Data Lake .paloaltonetworks.comLic.lc.prod.us.cs.paloaltonetworks.com api.us1.cent1.gov. Cortex
Data Lake .paloaltonetworks.comsdwanapps-pa-panorama-autofedramptf.hood.cloudgenix.com sdwanapps-pa-panorama.rogers.prismasasegov.com sdwanapps-pa-panorama.campbel.prismasasegov.com |
PanOS Cloud Component |
|
Wildfire |
|
High "In Process" FQDNs
The following are FedRAMP High "In Process" FQDNs.
Product | Domain |
---|---|
ADEM | *.prismasasegov.com |
API Gateway | api-usgov.cloudmgmt.paloaltonetworks.com |
Cortex
Data Lake |
|
CIE/DSS | *.paloaltonetworks.us |
Cloud Management | [ul]admin.gov.panorama.paloaltonetworks.com
paas-1.gov.panorama.paloaltonetworks.com |
DLP | [ul]gov.dss.paloaltonetworks.comui-gov.dss.paloaltonetworks.comapi.dlp.paloaltonetworks.comvault-fh.dss.paloaltonetworks.commongoe-fh0.dss.paloaltonetworks.commongoe-fh1.dss.paloaltonetworks.commongoe-fh2.dss.paloaltonetworks.commongodb-fh-prod.dss.paloaltonetworks.com_mongodb._tcp.mongoe-fh0.dss.paloaltonetworks.com_mongodb._tcp.mongoe-fh1.dss.paloaltonetworks.com_mongodb._tcp.mongoe-fh2.dss.paloaltonetworks.com_mongodb._tcp.mongodb-fh-prod.dss.paloaltonetworks.com |
hub | fed.apps.paloaltonetworks.us |
Insights | *.prismasasegov.com |
IoT Security | https://fedramp-banff-pentest1.iot-gov.paloaltonetworks.com |
Panorama | Cortex
Data Lake -gov1.us1.cent1.gov.Cortex
Data Lake .paloaltonetworks.com*.api2-lc-prod-gov.gpcloudservice.com *.fei-lc-prod-gov.gpcloudservice.com Br-gov1.us1.cent1.gov. Cortex
Data Lake .paloaltonetworks.comLic.lc.prod.us.cs.paloaltonetworks.com api.us1.cent1.gov. Cortex
Data Lake .paloaltonetworks.comsdwanapps-pa-panorama-autofedramptf.hood.cloudgenix.com sdwanapps-pa-panorama.rogers.prismasasegov.com sdwanapps-pa-panorama.campbel.prismasasegov.com |
PanOS CC (Cloud Component) | [ul]dlp.gov-hawkeye.services-edge.paloaltonetworks.comurlcat.gov-hawkeye.services-edge.paloaltonetworks.comace.gov-hawkeye.services-edge.paloaltonetworks.comenforcer.gov-hawkeye.services-edge.paloaltonetworks.com
gov-hawkeye.services-edge.paloaltonetworks.com |
Prisma Access | *.prismasasegov.com |
Prisma SASE Multitenant Portal | *.prismasasegov.com |
Prisma SD-WAN | *.prismasasegov.com |
SaaS | [ul]https://ingestion-prod-us.gov.adv-saas-vis.paloaltonetworks.com/https://api-prod-us.gov.adv-saas-vis.paloaltonetworks.com/
https://*.gov.saasprod.paloaltonetworks.com/enforcer.gov-iot.services-edge.paloaltonetworks.comgov-iot.services-edge.paloaltonetworks.com |
Sase Portal | fed.sase.paloaltonetworks.us |
Prisma SD-WAN | *.prismasasegov.com |
Wildfire | [ul]gov.wildfire.paloaltonetworks.usgvs.gov.wildfire.paloaltonetworks.us |