Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
>
Clear
Prisma Access Browser Prerequisites
Updated on
Aug 12, 2024
Focus
Download PDF
Updated on
Aug 12, 2024
Focus
Home
Prisma Access Browser
Prisma Access Browser Prerequisites
Download PDF
Prisma Access Browser
Prisma Access Browser Prerequisites
Table of Contents
Filter
Expand All
|
Collapse All
Prisma Access Browser Docs
Activation & Onboarding
Getting Started
Deployment
Administration
Integrations
User Guide
Release Notes
Previous
Overview: What is the Prisma Access Browser?
Next
Deploy the Prisma Access Browser
Prisma Access Browser
Prerequisites
Learn about the prerequisites for
Prisma Access Secure Enterprise Browser
(
Prisma Access Browser
), including: system requirements, domains to allow, and IdP proxy requirements,.
Where Can I Use This?
What Do I Need?
Strata Cloud Manager
Standalone
Prisma Access Browser
Prisma Access
with
Prisma Access Browser
bundle license or
Prisma Access Browser
standalone license
Superuser or
Prisma Access Browser
role
System Requirements
Windows
Windows 10 64-bit
Windows 11 64-bit
No admin privileges are required
macOS
macOS Big Sur 11.0 or later.
Intel x86 or Apple M1 and above
No admin privileges are required
Android
Android 11 and above
iOS
iOS 17 and above
Domains to Allow
All the services listed below use SSL Pinning. These domains must be excluded from SSL decryption on your gateway or proxy to ensure they function correctly.
The
Prisma Access Browser
communicates with the following domains:
*.talon-sec.com/* See below
https://*.browser-intake-ddog-gov.com/*
https://public-trace-http-intake.logs.datadoghq.com/*
https://rum-http-intake.logs.datadoghq.com/*
https://browser-http-intake.logs.datadoghq.com/*
https://public-trace-http-intake.logs.datadoghq.eu/*
https://rum-http-intake.logs.datadoghq.eu/*
https://browser-http-intake.logs.datadoghq.eu/*
https://api.us.frontegg.com/auth/vendor/*
https://talon-session-recordings-prod-us-east-1.s3.amazonaws.com/*
Replacing *.talon-sec.com/*
If your organization is not able to use an all-encompassing URL, enter the following URLs:
Palo Alto Networks highly recommends that the
https://*.talon-sec.com
entry be used as a network requirement.
There is no guarantee that this list will not change. URLs may be modified and additional services may be added in the future.
Policy service
https://gateway.talon-sec.com
Device service
https://gateway.talon-sec.com
Event ingestion service
https://gateway.talon-sec.com
Login service
https://login.talon-sec.com
Login proxy service
https://ext-proxy.talon-sec.com
Sync service
https://gateway.talon-sec.com
Vault service
https://gateway.talon-sec.com
Static assets service
https://assets.talon-sec.com
Onboarding service
https://auth.talon-sec.com
User requests service
https://gateway.talon-sec.com
Malware protection
https://riskapi.talon-sec.com
Updates service
https://bfe078e7921507bb.talon-sec.com
https://updates.talon-sec.com
Crash reporting
https://gateway.talon-sec.com
Browser Engine
https://extensions.talon-sec.com
IdP Proxy Requirements
The IdP Proxy prevents applications from using the
Prisma Access Browser
. To enable the proxy to function, your firewall/proxy must allow access to the following IP addresses.
Ingress IP addresses
- traffic will flow into the proxy through:
https://idp-proxy.talon-sec.com
This FQDN resolves to the following IP addresses:
13.248.159.237
76.223.24.47
Egress IP addresses
- Traffic will flow out of the proxy through:
If your Prisma Access Browser tenant is located in the
US
:
If your Prisma Access Browser tenant is located in the
EU
:
3.88.246.246
3.231.124.107
18.159.163.147
3.73.9.244
3.73.9.169
3.123.106.233
3.68.54.94
35.85.101.56
54.214.168.174
44.238.8.92
54.184.95.247
52.207.65.93
50.19.8.101
3.222.196.200
54.71.84.74
18.198.253.83
3.65.70.29
3.78.96.210
18.198.253.83
3.65.70.29
3.78.96.210
Previous
Overview: What is the Prisma Access Browser?
Next
Deploy the Prisma Access Browser
Recommended For You