Cloud Management

1. Add a rule.
   1. Select ManageConfigurationNGFW and Prisma AccessSecurity ServicesSecurity Policy and Add Rule
   2. Select the Rule Type.
   3. Enter a descriptive Name for the rule.
   4. (Optional) You can give your rule a detailed Description.
   5. (Optional) You can add Tags to your rules to group them using keywords.
   6. (Optional) You can limit the rule to specific times with a Schedule.
   7. Set the Source Zone to Users.
      You can select Users to enforce policy for individual users or a group of users.
   8. Set the Destination Zone to IT Infrastructure.
   9. Add the application that correspond to the network services you want to safely enable.
      For example, select dns, ntp, ocsp, ping, and smtp.

      Keep the Service set to Application Default to ensure that any applications that the rule allows are allowed only on their standard ports.
   10. Set the Action to Allow.
   11. Set the Profile Group to best-practice.
2. Configure the log settings.
   1. Verify that Log at Session End is enabled.
3. Attach security profiles to scan all allowed traffic for threats.
   1. In ActionsProfile Group, select a Profile Group from the drop-down to attach to the rule.
4. Select Save to save the policy rule, then Push Config.