Autonomous DEM for Hybrid Workforce
Where Can I Use This? | What Do I Need? |
- Prisma Access (Managed by Strata Cloud Manager)
- Prisma Access (Managed by Panorama)
- Strata Cloud Manager
|
- Prisma Access license
- Autonomous DEM license
|
Autonomous DEM for Hybrid Workforce monitors the experience of all
applications irrespective of where they are hosted. It also continuously monitors the
experience of every user as they shift between working from home, connected over a
non-trusted network, to working from the office over a trusted corporate campus network.
Whether the user is connected from an untrusted network or a trusted network, ADEM will
continue to do application performance monitoring.
An untrusted network can be any network such as the user’s home, a retail shop, a hospital,
hotel, or airport from where users are connected to Prisma Access. Even if your user
disables the VPN manually, ADEM will continue to do the user experience and application
monitoring. When mobile users are in their office campus, they are connected to a
trusted network.
Autonomous DEM is enabled when GlobalProtect endpoints connect
to Prisma Access. Once enabled, it will continue to monitor user
experience across hybrid work environments on and off campus.
When you create an application test, by default the End-to-end Application Experience
monitoring from Trusted Networks (in Office) (in the Advanced
Mobile Users Test Options section on the New App
Test page) is disabled. Select the application test on which you want to
monitor user experience at all times irrespective of whether the user is in a trusted or
untrusted network and select the End-to-end Application Experience monitoring
from Trusted Networks (in Office) check box for the application in order
for Autonomous DEM to continue to do the Application Performance Monitoring. The
End-to-end Application Experience monitoring from Untrusted Networks when
VPN is disabled check box is selected by default.
The following table describes the various states in GlobalProtect
and how Autonomous DEM performs when GlobalProtect is in each state.
These states are displayed in the GlobalProtect app settings. Autonomous
DEM monitoring is supported in all the states.
GlobaProtect Status | Connected To | VPN Status | ADEM Monitoring | What it means |
Connected | Prisma Access | Enabled | Yes | VPN is connected to Prisma Access through GlobalProtect. User
is logged in from an untrusted network (logged in remotely). |
Connected | Internal network (from a trusted network) | Enabled | Yes | VPN is connected to the internal network when
the user is logged in from a trusted network (logged in from within
the office or headquarters). |
Disabled | N/A | Disabled | Yes | VPN is not connected to Prisma Access. |
Connected Internal | N/A | Disabled | Yes | User is not connected to the VPN. User is on
a trusted network. |