Prisma Access Agent Administration
  • Prisma Access Agent Administration
  • Prisma Access Agent Documentation
  • All Documentation
>
What HIP Data is Collected by the Prisma Access Agent
Focus
Download PDF
Focus
  1. Home
  2. Prisma Access Agent
  3. Troubleshoot Prisma Access Agents
  4. Download Host Information Profile Reports for Prisma Access Agents
  5. What HIP Data is Collected by the Prisma Access Agent
Download PDF
Prisma Access Agent

What HIP Data is Collected by the Prisma Access Agent

Table of Contents
Review the types of Host Information Profile data that is collected by the Prisma Access Agent.
Where Can I Use This?What Do I Need?
  • Prisma Access (Managed by Strata Cloud Manager)
  • Prisma Access (Managed by Panorama)
  • NGFW (Managed by Panorama)
  • Check the prerequisites for the deployment you're using
  • Contact your Palo Alto Networks account representative to activate the Prisma Access Agent feature
The Host Information Profile (HIP) feature enables you to collect information about the security status of your endpoints—such as whether they have the latest security patches and antivirus definitions installed, whether they have disk encryption enabled, whether the endpoint is jailbroken or rooted, or whether it is running specific software you require within your organization—and base the decision as to whether to allow or deny access to a specific host based on adherence to the host policies you define.
The Prisma Access Agent collects information about the host that the agent runs on and submits the host information to the gateway upon successful connection. The gateway checks the raw host information against any HIP objects and HIP profiles that have been defined. If it finds a violation, the corresponding security policy is enforced. For example, you can configure endpoints to have a minimum version of anti-malware software installed before they are allowed access to corporate resources and applications.
By default, the Prisma Access Agent collects vendor-specific data about the end user security packages that are running on the endpoint and reports this data to the gateway for policy enforcement when you configure HIP data collection in Prisma Access Agent Settings.
The following types of data are collected by the Prisma Access Agent.
HIP Data CategoryDescription
General
Information about the host itself, including the hostname, logon domain, operating system, app version, and, for Windows systems, the domain to which the machine belongs.
Patch Management
Information about any patch management software that is enabled or installed on the host and whether thy are missing any patches.
Not supported on Panorama Managed deployments.
Firewall
Information about any firewalls that are installed or enabled on the host.
Anti-malware
Information about any antivirus or anti-spyware software that is enabled or installed on the endpoint, whether or not real-time protection is enabled, the virus definition version, last scan time, and the vendor and product name.
Disk backup
Information about whether disk backup software is installed, the last backup time, and the vendor and product name of the software.
Disk encryption
Information about whether disk encryption software is installed, which paths are configured for encryption, and the vendor and product name of the software.
Data loss prevention
Information about whether data loss prevention (DLP) software is installed or enabled to prevent sensitive corporate information from leaving the corporate network or from being stored on a potentially insecure device. This information is only collected from Windows endpoints.
Certificate
Information about the machine certificate installed on the endpoint.

Technical Documentation

Company

Legal Notices

© 2025 Palo Alto Networks, Inc. All rights reserved.