Learn about the features that are supported in the Prisma Access Agent.
Where Can I Use This?
What Do I Need?
Prisma Access Agent
Prisma Access Agent version 25.1.0.14
macOS 14 and later or Windows 10 version 2024 and later desktop devices
Internet access
The Palo Alto Networks Prisma Access Agent is a secure access agent that is
purpose-built for a remote-first workforce. It’s focused on making the entire user
experience better for end users, network admins, and IT help desk personnel without
compromising on security.
You can use the Prisma Access Agent to access your organization's network,
resources within the network, SaaS applications, or the internet securely from any
location so that you can be productive in a hybrid workforce. Prisma Access Agent
enables you to easily connect to corporate headquarters, data centers, branch offices,
or educational institutions where Prisma Access or Palo Alto Networks
Next-Generation Firewalls (NGFW) are deployed. When you’re connected to a location
(gateway) while working from anywhere, you benefit from the same security policies that
protect the sensitive resources in your organization's network.
In addition, the Prisma Access Agent can help secure you and your devices from
threats and malware through Advanced Threat Prevention, Advanced URL Filtering, DNS
Security, sandboxing, and more.
Prisma Access Agent Features
The following features provide for a simplified agent experience:
Automatic Location Selection
The Prisma Access Agent is a
simplified app that enables you to access your organization's network,
resources, SaaS applications, or the internet using your organization's
security policies that are extended to your device. If your administrator
has configured the agent in Always On mode, you are
automatically connected to your network using the best available location
whenever you log on to your device. If your app is configured in
On Demand mode, you can connect to the best
location with the click of a button.
To minimize disruptions when you re accessing your
organization’s network, resources within the network, SaaS applications, or
the internet, the Prisma Access Agent provides ample notifications so
that you’re always aware of the status of your connection.
Prisma Access Agent notifications are fully integrated with your
operating system, enabling you to customize how they behave like any other
application on macOS or Windows.
Problem Resolution
You can save time by using the resources provided by
the Prisma Access Agent to help resolve issues without having to
contact your IT help desk or administrator. If the Application Experience
agent is installed on your device, you can leverage the insights provided by ADEM to
fix potential problems.
Antitamper Feature
To safeguard the Prisma Access Agent, your
administrator can enable the antitamper feature, which prevents any
unauthorized user from tampering with the Prisma Access Agent, such as
unauthorized removal of the agent from your device. The antitamper feature
can protect the following Prisma Access Agent resources on your
device:
Prisma Access Agent folders and files—Unauthorized users can’t
delete or rename any Prisma Access Agent-related files and
folders.
Prisma Access Agent services and host information profile (HIP)
processes—Unauthorized users can’t stop any Prisma Access Agent-related services and HIP processes. The HIP processes collect
information about the host that the Prisma Access Agent running is
running on and submits the host information to Prisma Access for
inspection.
Prisma Access Agent Registry keys (Windows-only)—Unauthorized
users can’t delete or update the Windows Registry keys for the Prisma Access Agent.
The PACli command-line interface—Unauthorized users can’t disable the
Prisma Access Agent or the anti-tamper feature using the PACli
command-line interface. Administrators and authorized users who need to
perform certain actions for troubleshooting at the command line must
provide the anti-tamper unlock password when prompted.
