Identification and Quarantine of Compromised Devices in a Prisma Access GlobalProtect Deployment
Focus
Focus
Prisma Access

Identification and Quarantine of Compromised Devices in a Prisma Access GlobalProtect Deployment

Table of Contents

Identification and Quarantine of Compromised Devices in a Prisma Access GlobalProtect Deployment

Use the GlobalProtect feature to isolate and add compromised devices to a quarantine list.
Where Can I Use This?What Do I Need?
  • Prisma Access (Managed by Panorama)
  • Prisma Access (Managed by Strata Cloud Manager)
Prisma Access allows you to identify and quarantine compromised devices that are connected with the GlobalProtect app. You do this by either manually or automatically adding devices to a quarantine list. After you quarantine the device, you can block the quarantined device from accessing the network to ensure consistent policy.
Each Prisma Access mobile user location sends and receives its quarantine information between the Panorama that manages Prisma Access and its nearest service connection. If you have next-generation firewalls or gateways, you should have the service connection redistribute the quarantine list information to and from Panorama and the on-premises firewalls or gateways. You should also redistribute the quarantine list information from Panorama to the service connection to ensure consistent policy enforcement for all mobile user locations (gateways) in Prisma Access.