- Home
- Prisma Access
- Prisma Access Administration
- Configure Dynamic Privilege Access Settings
- Set Up the Prisma Access Agent for Dynamic Privilege Access
- Configure HIP Notifications for the Dynamic Privilege Access Prisma Access Agent
- Create and Manage HIP Objects for the Dynamic Privilege Access Prisma Access Agent
Prisma Access
Create and Manage HIP Objects for the Dynamic Privilege Access Prisma Access Agent
Table of Contents
Expand All
|
Collapse All
Prisma Access Docs
-
-
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
-
-
-
- 5.2 Preferred and Innovation
- 5.1 Preferred and Innovation
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Create and Manage HIP Objects for the Dynamic Privilege Access Prisma Access Agent
Define which host attributes you want to monitor or use for policy enforcement by
creating HIP objects and HIP Profiles on the Prisma Access gateway.
Where Can I Use This? | What Do I Need? |
---|---|
|
|
You can define which host attributes you're interested in monitoring
or using for policy enforcement by creating HIP objects and HIP Profiles on the Prisma Access gateway.
HIP objects consist of the matching criteria used to filter out the
host information that you are interested in using to enforce policy from the raw
data reported by the Prisma Access Agent. For example, while the raw host data
might include information about several antivirus packages that are installed on the
endpoint, you might only be interested in one particular application. In this case,
you would create a HIP object to match the specific application you are interested
in enforcing.
The best way to determine what HIP objects you need is to determine
how you will use the host information you collect to enforce the policy. Keep in
mind that the HIP objects themselves are merely building blocks that allow you to
create the HIP Profiles that are used in your security policies. Therefore, try to
keep your objects simple by matching on one item, such as the presence of a
particular type of required software, membership in a specific domain, or a specific
OS. By doing this, you will have the flexibility to create a granular HIP-augmented
policy.
- From Strata Cloud Manager, select WorkflowsPrisma Access SetupAccess AgentPrisma Access Agent.Edit the Global Agent Settings.Select HIP Notifications and click Add.Click Create HIP Object.Enter a Name and Description for the object.Select the tab that corresponds to the category of host information you are interested in matching against, and then select the check box to enable the object to match against the category.For example, to create an object that looks for information about antivirus or antispyware software, select the Anti-Malware tab, and then select the Anti-Malware check box to enable the corresponding fields. Complete the fields to define the desired matching criteria.For example, the following image shows how to create a HIP object that matches if the endpoint has the AVAST Free Antivirus software application installed, has Real Time Protection enabled, and has malware definitions that have been updated within the last 5 days.Repeat this step for each category you want to match against in this object. For more information, see Table: Data Collection Categories.Save and Add your HIP object.To manage your HIP objects, you can select an existing object from the HIP notifications table or click Add in the Edit Global Agent Settings page to open the HIP notifications window.From there, click Manage HIP Object to view the list of HIP objects that you configured. You can select a HIP object and Delete, Clone, or Move it.