Secure the endpoints in your mobile workforce by onboarding your mobile users so that
they can access Prisma Access using the Prisma Access Agent.
Where Can I Use This?
What Do I Need?
Prisma Access (Managed by Strata Cloud Manager)
Prisma Access (Managed by Panorama)
NGFW (Managed by Panorama)
Check the prerequisites for the deployment you're
using
Contact your Palo Alto Networks account representative to
activate the Prisma Access Agent feature
Onboard your mobile users so that they can access Prisma Access using the Prisma Access Agent. When your end users access your organization's network and
resources using the Prisma Access Agent, traffic is sent through the tunnel to Prisma Access or NGFW for policy enforcement and threat prevention. The Prisma Access Agent also provides host information profile reports to ensure that
the endpoints comply with your Security policy before they can access sensitive
applications.
You can also set up staged rollouts of the Prisma Access Agent at this time, or configure the staged rollouts later. After
the initial deployment of the Prisma Access Agents, you can
use the upgrade rollout functionality to automatically upgrade groups of devices. With
upgrade rollouts, you don't have to rely on mobile device management (MDM) software,
such as Jamf Pro and Microsoft Intune, to upgrade Prisma Access Agents.
Before configuring mobile users, ensure that you have the required licenses (Prisma Access license for mobile users and a Strata Logging Service license
with proper firewall storage space). If mobile users will be connecting to other
connected networks, you will need either the Zero Trust Network Access or Enterprise
Edition Prisma Access license that will provide the corporate access node (CAN)
necessary to connect.
You can configure the agent on a Prisma Access tenant (instance) that already has
GlobalProtect configured (coexistence-enabled
tenant).
