Prisma SASE FedRAMP Moderate and High "In Process" Support
Table of Contents
Expand all | Collapse all
- Activate a License for Remote Browser Isolation
-
- What is a Tenant?
- Add a Tenant
- Edit a Tenant
- Manage Tenant Licenses
- Delete a Tenant
- Transition from Single Tenant to Multitenant Cloud-managed Prisma Access FedRAMP
- Move an Internal Tenant
- Acquire an External Tenant
- Approve an External Tenant Acquisition
- Limitations for Moving and Acquiring Tenants
- Tenant Hierarchy Limits
Prisma SASE FedRAMP Moderate and High "In Process" Support
Learn which apps and features Prisma SASE FedRAMP Moderate and High "In Process"
environments support for use.
Prisma SASE FedRAMP Moderate and High "In Process" environments support the following
apps and features for use.
Prisma SASE FedRAMP Moderate Support
The following apps and features are supported for use in a FedRAMP Moderate
environment:
- Cloud-managedPrisma Access, including:
- Multitenant Platform (Prisma AccessIncidents not supported, Alerts and Alarms not documented)
- Advanced WildFire Cloud (full detections)
- Panorama-managedPrisma Access
- CDSS add-on services, including:
- FIPS dependencies: FIPS Mode is recommended to be enabled for customers of on-premise Panorama Management and computers using the GlobalProtect Agent
- Prisma SD-WANstandalone and add-on
- FIPS dependencies: FIPS Mode is recommended to be enabled for Panorama only
Prisma SASE FedRAMP High "In Process" Support
The following apps and features are supported for use in a FedRAMP High "In Process"
environment.
- Cloud-managedPrisma Access, including:
- CDSS add-on services, including:
- Dedicated hub for federal
- Dedicated support environment for federal
- FIPS dependencies: FIPS Mode is recommended that endpoints have FIPS enabled
- Multitenant Platform (Prisma AccessIncidents not supported, Alerts and Alarms not documented)
- Panorama-managedPrisma Access
- CDSS add-on services, including:
- Dedicated hub for federal
- Dedicated support environment for federal
- FIPS dependencies: FIPS Mode is recommended to be enabled for customers of on-premise Panorama Management and computers using the GlobalProtect Agent
- Prisma SD-WANstandalone and add-on
Customer Responsibility Matrix
Support side URL for Prisma SASE FedRAMP "In Process": support-fed.paloaltonetworks.us.
Customer
Responsibilities | Implementation Status | Control
Organization | |||
Implemented | Service Provider System Specific | Configured by Customer (Customer System
Specific) | Shared (Service Provider and Customer
Responsibility | Inherited from Pre-existing
Authorization | |
AC-2: Account
Management | |||||
AC-02 (a-g),
(i-k) | x | x | x | x | x |
AC-02 (05) | x | x | x | x | x |
CA-03: System
Interconnections | |||||
CA-03 (03) | x | x | x | x | |
IA -02/08: Identification &
Authentication: Org & Non-org Users | |||||
IA-02 | x | x | x | x | |
IA-02 (02) | x | x | x | x | x |
IA-02 (12) | x | x | x | x | |
IA-08 | x | x | x | x | |
IA-08 (01-04) | x | x | x | x | |
IR-9: Information Spillage
Response | |||||
IR-09 (a-f) | x | x | x | x | |
SA-04: Acquisition Process | |||||
SA-04 (10) | x | x | x | x | |
SC-08: Transmission Confidentiality
& Integrity | |||||
SC-08 | x | x | x | x | x |
SC-08 (01) | x | x | x | x | x |