Create and Manage HIP Objects for the Dynamic Privilege Access Prisma Access Agent

Table of Contents

Filter

Expand All | Collapse All

Prisma Access Docs

Activation & Onboarding
Administration
Version
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Integrations
Incidents & Alerts
Release Notes
Version
- 5.2 Preferred and Innovation
- 5.1 Preferred and Innovation
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred

Create a HIP Notification for the Dynamic Privilege Access Prisma Access Agent

Create and Manage HIP Profiles for the Dynamic Privilege Access Prisma Access Agent

Create and Manage HIP Objects for the Dynamic Privilege Access Prisma Access Agent

Define which host attributes you want to monitor or use for policy enforcement by creating HIP objects and HIP Profiles on the Prisma Access gateway.

Where Can I Use This?	What Do I Need?
Prisma Access (Managed by Strata Cloud Manager)	Prisma Access 5.1 Innovation Prisma Access license with the Mobile User subscription macOS 12 or later desktop devices or Windows 10 version 2024 or later or Windows 11 desktop devices Role: Superuser

You can define which host attributes you're interested in monitoring or using for policy enforcement by creating HIP objects and HIP Profiles on the Prisma Access gateway.

HIP objects consist of the matching criteria used to filter out the host information that you are interested in using to enforce policy from the raw data reported by the Prisma Access Agent. For example, while the raw host data might include information about several antivirus packages that are installed on the endpoint, you might only be interested in one particular application. In this case, you would create a HIP object to match the specific application you are interested in enforcing.

The best way to determine what HIP objects you need is to determine how you will use the host information you collect to enforce the policy. Keep in mind that the HIP objects themselves are merely building blocks that allow you to create the HIP Profiles that are used in your security policies. Therefore, try to keep your objects simple by matching on one item, such as the presence of a particular type of required software, membership in a specific domain, or a specific OS. By doing this, you will have the flexibility to create a granular HIP-augmented policy.

From Strata Cloud Manager, select WorkflowsPrisma Access SetupAccess AgentPrisma Access Agent.
Edit the Global Agent Settings.
Select HIP Notifications and click Add.
Click Create HIP Object.
Enter a Name and Description for the object.
Select the tab that corresponds to the category of host information you are interested in matching against, and then select the check box to enable the object to match against the category.

For example, to create an object that looks for information about antivirus or antispyware software, select the Anti-Malware tab, and then select the Anti-Malware check box to enable the corresponding fields. Complete the fields to define the desired matching criteria.

For example, the following image shows how to create a HIP object that matches if the endpoint has the AVAST Free Antivirus software application installed, has Real Time Protection enabled, and has malware definitions that have been updated within the last 5 days.

Repeat this step for each category you want to match against in this object. For more information, see Table: Data Collection Categories.
Save and Add your HIP object.
To manage your HIP objects, you can select an existing object from the HIP notifications table or click Add in the Edit Global Agent Settings page to open the HIP notifications window.

From there, click Manage HIP Object to view the list of HIP objects that you configured. You can select a HIP object and Delete, Clone, or Move it.