New Features - Strata Cloud Manager - May 2025

To ensure comprehensive web security for managed desktops, Remote Browser Isolation (RBI) now supports the Mozilla Firefox browser. This expanded support adds to existing isolated browsing compatibility alongside the Google Chrome, Microsoft Edge, and Safari browsers on both macOS and Windows operating systems. By extending browser support to Firefox, RBI, integrated with Prisma® Access, ensures that you can maintain security policy adherence across a wider variety of desktop environments, improving security adoption and maintaining consistent threat defense regardless of the browser choice. This broad support simplifies administration and strengthens your organization’s security posture by extending crucial protection against malware and zero-day attacks across most major desktop browsing surfaces.

Strata Cloud Manager for Configuration Management is a solution that is defined and controlled based on the region where it is deployed. You can deploy Strata Cloud Manager in the locations of your choosing, based on data location preferences and where you have the most users. For this reason, we are rolling out region-specific support for Strata Cloud Manager as soon as we are able to do so for each region.

Update:

Strata Cloud Manager now supports the following additional regions:

• Saudi Arabia
• Israel
• Indonesia

Installers with minimal technical knowledge often face challenges onboarding NGFWs at branch locations. Enhanced visibility and status monitoring for Zero Touch Provisioning (ZTP) addresses this by improving the NGFW activation process for branch locations, providing visibility and troubleshooting capabilities. Status monitoring for ZTP onboarding and bootstrapping offers real-time status updates in Strata Cloud Manager for administrators to review and monitor throughout the activation and onboarding process.

With status monitoring for onboarding and bootstrapping, you can monitor the detailed bootup status, including Firewall Licensing, Content Updates, Wildfire Updates, Antivirus Updates, Routing Mode Changes, and Software Upgrades. The feature introduces status bars and status spinners that reflect the progress of each stage, ensuring you have a clear understanding of the activation process. In case of any interruptions or errors, such as issues with device certificates, TSG ID validation, software updates, or content updates, the bootstrap status indicates where the process failed and allows you to immediately restart.

Strata Cloud Manager provides user interface improvements that streamline security operations and management efficiency. These updates focus specifically on making policy and device management more intuitive, simplifying complex workflows, improving data visibility, and ensuring a smoother user experience. The core goal is to provide administrators with greater control and clarity over their security posture and device lifecycle.

• Precise Security Policy Rule Insertion: New security policy rules can now be inserted immediately after a selected rule, simplifying the organization and management of rule sets.

• NGFW Update Schedule Pagination: NGFW software update schedules now feature pagination with clearly defined column headings, which improves both clarity and performance when handling large datasets.

• Non-Disruptive Device Details View: Device details for each update schedule now open in a sidebar panel instead of expanding within the main table. This allows users to view essential details without losing context or disrupting the main table's structure.

Strata Cloud Manager (SCM) now enables you to configure IPv4 multicast routing on virtual routers and logical routers. You can enable Protocol-Independent Multicast (PIM), Internet Group Management Protocol (IGMP), and Multicast Source Discovery Protocol (MSDP) on supported interfaces. Additionally, SCM enables you to configure PIM Interface Timer profiles, MSDP Timer profiles, and IGMP Interface Query profiles. You can also create IPv4 mroutes, which are static unicast routes that point to a multicast source. Logical routers support only IGMPv2 and IGMPv3 (not IGMPv1). Only logical routers support a multicast static group (virtual routers do not).

Strata Copilot now extends its reach to new regions, enhancing global accessibility. This expansion brings the powerful AI-driven assistance to users in China, Qatar, and Saudi Arabia. By increasing geographical coverage, Strata Copilot offers more organizations the opportunity to streamline their security operations, leverage intelligent insights, and improve overall efficiency in managing their Palo Alto Networks solutions in Strata Cloud Manager across these diverse locations.

Update:

Strata Copilot now supports the following additional regions:

• China
• Qatar
• Saudi Arabia

Prisma® Access Agent now supports transparent proxy connections, offering always-on internet security and private app access for your mobile users. This feature enables seamless coexistence with third-party VPN agents, enhancing your organization's security posture. You can use it to secure all internet traffic from browser and nonbrowser apps, even when users are disconnected from the tunnel. The solution forwards internet traffic to Prisma Access, preventing users from bypassing Prisma Access.

You can support various scenarios including users connecting from home, branch offices, or public Wi-Fi. It's compatible with endpoints running third-party VPNs in full or split tunnel modes. The feature prevents conflicts on endpoints and offers admin controls to maintain smooth operation. You will find this useful for maintaining consistent security across diverse networks. It supports continuous trust verification for mobile users through device posture checks. By implementing this functionality, you can enforce security policies regardless of user location or connection method, strengthening your overall security stance and strengthening your overall security posture with always-on connectivity.