Prisma Access Agent Administration
  • Prisma Access Agent Administration
  • Prisma Access Agent Documentation
  • All Documentation
>
Create and Manage HIP Objects for the Prisma Access Agent
Focus
Download PDF
Focus
  1. Home
  2. Prisma Access Agent
  3. Configure the Prisma Access Agent
  4. Configure HIP Notifications for the Prisma Access Agent
  5. Create and Manage HIP Objects for the Prisma Access Agent
Download PDF
Prisma Access Agent

Create and Manage HIP Objects for the Prisma Access Agent

Table of Contents
Define which host attributes you want to monitor or use for policy enforcement by creating HIP objects and HIP Profiles on the gateway.
Where Can I Use This?What Do I Need?
  • Prisma Access (Managed by Strata Cloud Manager)
  • Prisma Access 5.1 Preferred or Innovation
  • Prisma Access license with the Mobile User subscription
  • Prisma Access Agent version: 25.1.0.14
  • macOS 14 and later or Windows 10 version 2024 and later desktop devices
  • Contact your Palo Alto Networks account representative to activate the Prisma Access Agent feature
HIP objects consist of the matching criteria used to filter out the host information that you're interested in using to enforce policy from the raw data reported by the Prisma Access Agent. For example, while the raw host data might include information about several antivirus packages that are installed on the endpoint, you might only be interested in one particular application. In this case, you would create a HIP object to match the specific antivirus software you're interested in enforcing.
The best way to determine what HIP objects you need is to determine how you will use the host information you collect to enforce the policy. Keep in mind that the HIP objects themselves are merely building blocks that enable you to create the HIP Profiles that are used in your security policies. Therefore, try to keep your objects simple by matching on one item. This item could be the presence of a particular type of required software, membership in a specific domain, or a specific OS. By doing this, you will have the flexibility to create a granular HIP-augmented policy.
  1. You can configure HIP objects from ManageConfigurationNGFW and Prisma AccessObjectsHIPHIP Objects.
  2. Click Add HIP Object.
  3. Enter a Name and Description for the object.
  4. Select the tab that corresponds to the category of host information you're interested in matching against, and then select the check box to enable the object to match against the category.
    For example, to create an object that looks for information about antivirus or antispyware software, select the Anti-Malware tab, and then select the Anti-Malware check box to enable the corresponding fields. Complete the fields to define the desired matching criteria.
    For example, the following image shows how to create a HIP object that matches if the endpoint has the AVAST Free Antivirus software application installed, has Real Time Protection enabled, and has malware definitions that have been updated within the last five days.
    Repeat this step for each category you want to match against in this object. For more information, see Table: Data Collection Categories.
  5. Save and Add your HIP object.
  6. To manage your HIP objects, you can select an existing object from the HIP notifications table or click Add in the Edit Global Agent Settings page to open the HIP notifications window.
    From there, click Manage HIP Object to view the list of HIP objects that you configured. You can select a HIP object and Delete, Clone, or Move it.

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.