Integrate Third-Party Enterprise Browser with Explicit Proxy
Learn how to integrate a third-party browser with Prisma Access Explicit
Proxy.
Where Can I Use This?
What Do I Need?
Prisma Access (Managed by Strata Cloud Manager)
Prisma Access license (Minimum Prisma Access version of
5.2.0, Cloud Services plugin version of 5.2, and dataplane of
10.2.4 is required)
End users who use the Prisma Access browser can access both SaaS
and private web applications using a secure, authenticated, and encrypted channel. Prisma Access ensures that a user is authenticated and authorized before they get
access to any application.
Prisma Access extends this support to third-party enterprise browsers, allowing
Explicit Proxy users to securely authenticate and be authorized to access private and
SaaS applications using the same security, encryption, and authentication methods.
You can use Prisma Access Browser with a third-party browser; however, you can't
use multiple third-party browsers at the same time.
Private application access solution through Prisma Access explicit proxy
only supports Prisma Access Browser with one additional third-party explicit proxy.
Currently, you cannot use multiple third-party explicit proxies with this
solution.
Any advanced settings configured for existing Explicit Proxy customers are
applied to all third-party browsers to Explicit Proxy public or private app
access traffic.
Configure a Third-Party Enterprise Browser
To integrate a third-party enterprise browser with Prisma Access, allowing users to
securely access applications from that browser, complete the following steps:
Enable third-party enterprise browser integration with Prisma Access.
Log in to Strata Cloud Manager.
Go to WorkflowsIntegrationsPrisma Access and click the settings icon under Third Party
Enterprise Browser.
On the settings page, enable Third Party Enterprise Browser
Integration.
Under Import Certificate File, select
Browse to upload the public certificate, and
Save.
You must get
the public key from your third-party enterprise
browser.
All certificate expiration notifications are managed
in the third-party enterprise browser as it manages the
certificate lifecycle.
Push Config to push the Third Party
Enterprise Browser Integration configuration to the Prisma Access Explicit Proxy.
Configure Prisma Access Explicit Proxy integration on the third-party enterprise
browser:
On your third-party enterprise browser, enable Palo Alto Explicit
Proxy integration.
Add the public key provided to integrate the Palo Alto Strata Cloud Manager.
Configure the encoded tenant ID provided when you configure Third
Party Integration for the Palo Alto Networks Strata Cloud Manager.
Configure Explicit Proxy FQDN.
When the configuration is setup successfully, you can see the
Integration as enabled and Certificate
as Valid under Third Party Enterprise
Browser.