Ticket Request to Disable GlobalProtect
Focus
Focus
Prisma Access

Ticket Request to Disable GlobalProtect

Table of Contents

Ticket Request to Disable GlobalProtect

Instead of enabling users to directly disable GlobalProtect, you can allow a user to request for GlobalProtect to be disabled via a ticket.
Where Can I Use This?
What Do I Need?
  • Prisma Access (Cloud Management)
  • Prisma Access (Panorama Managed)
Instead of enabling users to directly disable GlobalProtect, you can allow a user to create a ticket in order to disable GlobalProtect. The GlobalProtect admin can then decide whether or not to allow each specific user to disable GlobalProtect.

How It Works

After you’ve set up this feature, here’s the workflow for a ticket request to disable GlobalProtect:
  • A user attempts to disable GlobalProtect in the GlobalProtect app. GlobalProtect displays a request number to the user.
  • The user shares the request number with the GlobalProtect admin.
  • The GlobalProtect admin logs in to
    Prisma Access (Cloud Management)
    and uses the request number to generate a ticket.
  • The GlobalProtect admin shares the ticket number with the user. The user enters the ticket number into the app to disable GlobalProtect.

Set It Up

Cloud Management

  1. Set an Agent Override Key
    Before you can enable the option for ticket requests to disable GlobalProtect, you must first need to set an Agent User Override Key.
    Go to
    GlobalProtect Setup
    GlobalProtect App
    Global App Settings
    and enter a four character key to set the
    Agent Override Key
    .
    If you're using Strata Cloud Manager, go to
    Workflows
    Prisma Access
    Setup
    GlobalProtect
    GlobalProtect App
    Global App Settings
    .
  2. Allow for GlobalProtect to be disabled with a ticket
    Go to
    GlobalProtect Setup
    GlobalProtect App
    App Settings
    App Configuration
    Disable GlobalProtect
    and set the option to
    Allow with Ticket
    .
    If you're using Strata Cloud Manager, go to
    Workflows
    Prisma Access
    Setup
    GlobalProtect
    GlobalProtect App
    App Settings
    App Configuration
    Disable GlobalProtect
    and set the option to
    Allow with Ticket
    .
  3. Generate a ticket
    After setting the
    Agent Override Key
    and the option to
    Allow with Ticket
    , you’ll be able to
    Generate Ticket
    .
    When a user attempts to disable GlobalProtect in the app, GlobalProtect will display a request number to them. Submit that request number here to generate a ticket for GlobalProtect to be disabled for that user.

Panorama

  1. Set an Agent Override Key
    Before you can enable the option for ticket requests to disable GlobalProtect, you must first need to set an Agent User Override Key.
    Go to
    Network
    GlobalProtect
    Portals
    and select the connection name your want to set an Override Key for. Select
    Agent
    and then enter a key to set the
    Agent Override Key
    .
  2. Allow for GlobalProtect to be disabled with a ticket
    Go to
    Network
    GlobalProtect
    Portals
    and select the connection name your want to Allow users to disconnect from. Select
    Agent
    , choose a
    Config
    , select
    App
    App Configurations
    Allow user to disconnect GlobalProtect App (Always-on mode)
    , and set the option to
    Allow with Ticket
    .
  3. Generate a ticket
    After setting the
    Agent Override Key
    and the option to
    Allow with Ticket
    , you’ll be able to
    Generate Ticket
    .
    When a user attempts to disable GlobalProtect in the app, GlobalProtect will display a request number to them. Submit that request number here to generate a ticket for GlobalProtect to be disabled for that user.

Recommended For You