What's New in the NetSec Platform
Enhanced Split Tunnel Configuration
Table of Contents
Expand All
|
Collapse All
What's New
-
-
- AI Access Security Dashboard for Prisma Access Browser
- AI Access Security Recommendations for Prisma Access Browser
- Audit Logging for Enterprise DLP Snippet Access
- Custom Defined Application Settings
- EDM Auto Provisioning for Enterprise DLP
- Flexible Software Upgrades for Cloud Managed NGFWs
- Hardware Security Module
- Host Compliance Service
- Improved Snippet and Report Display for Enterprise DLP
- Inbound Policy Rule Recommendations for Device Security
- IPv6 for Cloud Managed NGFWs
- Log Forwarding Card (LFC) Support
- Multiple Applications per Deployment Profile
- Policy Application Dependency Management
- QoS Support
- Quarantine Device Lists for Cloud Managed NGFWs
- Remote Browser Isolation Enhanced Print Options
- Securing AI Agents with a Standalone MCP Server
- TechDocs Strata Copilot: Your AI Assistant on TechDocs
- Strata Cloud Manager: Admin Role Profile Configuration
- Strata Cloud Manager: GRE Tunnel Termination
- Strata Cloud Manager: IPv6 Service Route Configuration
- Strata Cloud Manager: Management Service Route
- Strata Cloud Manager: Master Key Management for NGFWs
- Strata Cloud Manager: NDP Proxy
- Strata Cloud Manager: Netflow Monitoring
- Strata Cloud Manager: Response Page Customization
- Strata Cloud Manager Simplified Navigation Structure
- Visibility into Agent Versions for Connected Devices
- Flexible Multitenant License Allocation
- Zero Touch Provisioning Over Cellular
-
- Administrator-Initiated Collection of Diagnostics in Prisma Access Agent
- Centralized Firewall Management
- Configuration Management Support by Region
- Dedicated Tunnels for Panorama Connectivity
- Advanced Device-ID
- DNS Rewrite with Condition Check
- DNS Security Log Type Support
- Dynamic Language Detection for Remote Browser Isolation
- Enhanced Anti-Tamper Protection for Prisma Access Agent
- Enhanced Application Logs for ICMPv6
- Enhanced Packet Capture with Support for Range Filters
- Enhanced Shared Optimization
- Granular Kubernetes Traffic Inspection at the Namespace Level
- GRE Tunnel over a Cellular Interface
- High Availability Firewall Pair Upgrade Orchestration from Panorama
- HTTP/2 Network Support
- Hyperscale Security Fabric
- IPv6 Support for Geolocation
- LAN Health Monitoring When Local Access is Blocked
- Log Collector Scaling Optimization
- Mobile Support for Prisma Access Agent
- New Region Support for ZTNA Connector
- NGFW with Prisma SD-WAN Data Center Integration
- Optimize Egress Traffic for EKS Containerized Workloads
- Optimized Global Find and Policy Management
- Optimized Prisma Access Agent MTU for macOS
- PA-455R-5G Next-Generation Firewall
- PA-500 Series Next-Generation Firewall
- PA-5450 Firewall Support for Secure Web Gateway
- PA-5500 Series Next-Generation Firewall
- PAN-OS System Certificates
- Plugin Bundling
- Prisma Access Agent Certificate Authentication for Panorama Managed Deployments
- Prisma Access Agent Endpoint OS Type Support on Panorama Managed Deployments
- Prisma Access Agent Stale Configuration Management on Panorama Managed Deployments
- Prisma Access Agent Traffic Enforcement for Non-TCP and Non-UDP Traffic
- Regional Support for ZTNA Connector
- Reverse DNS Lookup for Path Tracking
- Secure Custom AI Models on Private Endpoints
- Secure Serverless Workloads in Cloud Environments
- Session Timeout for Prisma Access Agents in Panorama Managed Deployments
- Simplified HA Device Configuration in SD-WAN
- Single Icon for Accessing Prisma Access Agent and Access Experience
- Telemetry Autoenablement
- Virtual Router Configuration Support for Cloud Managed NGFWs
- Secure Boot Support for VM-Series on Google Cloud Platform (GCP)
- Refine Cloud Application Discovery for Enhanced Security
- Enhance AI Security with India Region Support
- Unified AI Security Logging in Strata Cloud Manager
- Visibility for ZTNA Connector
-
- Advanced DNS Resolver
- Custom Routing for Email DLP
- Encrypted Sliver C2 Detection with Advanced Threat Prevention
- Enhanced Root Cause Analysis for Application Experience
- Gain Visibility into AI Security Threats
- Identity and Access Management Support for SCIM
- Multi-Region Network Intercept
- Malicious Code Extraction from Plain Text
- New Prisma Access Locations
- New Region Support for EDM
- Prisma Access Agent Endpoint DLP Support
- Strata Copilot: Accessibility Change
- Strata Copilot: New Region Support
- Strengthen Threat Analysis with User IP Data
- Traffic Replication for Explicit Proxy: Enhanced Visibility for SASE
- Unified Incident Management and Response for Enterprise DLP
-
- Strata Copilot: AI Canvas (Beta)
- Strata Copilot: Device Quarantine
- DNS Security Tunnel Detector Enhancements
- Evidence-based Verdict in Access Analyzer
- ICAP Forwarding for Enterprise DLP
- In-Browser Translation for Remote Browser Isolation
- Magic Link Activation for Enterprise DLP
- Print with Header and Footer for Remote Browser Isolation
- Quantum Readiness for Strata Cloud Manager
- Security Lifecycle Review (SLR) for AWS
- Tenant-Level Data Transfer Across Prisma Access
-
- Automatic Sensitive Data Masking in API Payloads
- API Detection Services for the European Region
- Legacy UEBA Policies Migration to Behavior Threats
- Strata Copilot: New Region Support
- ZTNA Connector: Streamlined Deployment and Expanded Regional Logging
- BGP Filtering and Route Metric Support for Prisma Access
- Colo-Connect Inter-Region
- Customizable Prisma Access Agent Session Timeout Settings
- CVE Threat Research for Strata Copilot
- Define AI Content Boundaries with Custom Topic Guardrails
- Disable Prisma Access Agent with One-Time Password
- DNS Resolution for Mobile Users—Explicit Proxy Deployments
- Endpoint Insights for Prisma Access Agent
- Enhance Python Application Security with Prisma AIRS SDK
- Enhanced Visibility for Bootstrapping and Onboarding NGFWs in Strata Cloud Manager
- Extend Prisma Access User Group Policy Support with Short Form Format
- Granular File Transfer Controls in Remote Browser Isolation
- IPv6 Sinkholing for Prisma Access Agent
- LDAP Support for Prisma Access Agent
- Mexico Central Compute Region Support
- Pre-Logon for Prisma Access Agent
- Prevent Inaccuracies in LLM Outputs with Contextual Grounding
- Prisma Access Agent Captive Portal Support
- Prisma Access Agent Embedded Browser Support for SAML Authentication
- Configuration Management Support by Region
- Protect AI Agent Workflows on Low-Code or No-Code Platforms
- Region Support for Explicit Proxy
- Real User Monitoring Support for Consumer Browsers
- RFC6598, iOS, and Android Support for Static IP Address Allocation
- Remote Network Site-Based Licensing and Simplified Onboarding
- SASE Health Dashboard
- Simplified Onboarding Workflow
- Strata Cloud Manager: IPv4 Multicast Routing Support
- Transparent Proxy Support for Prisma Access Agent
- Strata Cloud Manager UI Enhancements
- Visibility for Enterprise Browser
- WildFire Hold Mode Support
-
- Behavior Threats Syslog Integration in SaaS Security
- Google Chat App in Data Security
- Advanced WildFire Support for EML Files
- Extend AI Security to Private Clouds
- Extended Availability of Strata Copilot in Strata Cloud Manager
- Mobile User and Remote Site Experience Monitoring for NGFWs
- Strata Copilot: New Region Support
- Streamline Upgrades for Prisma AIRS AI Runtime: Network Intercept
-
- Delete Assets in Slack Enterprise
- Advanced WildFire Dashboard Enhancements
- Detect Malicious Code in LLM Outputs
- Detect Toxic Content in LLM Requests and Responses
- Increased Maximum Security Policies and Zones for the PA-1400 and PA-3400 Series
- License Migration for AIOps for NGFW Premium, AI-Powered ADEM, and Strata Logging Service
- Migration of Existing Strata Logging Service license to New License
- Natural Language Queries for Access Analyzer
-
- Ability to Clone GlobalProtect App Settings and Tunnel Settings
- AI Access Security Report
- Allowed and Blocked User Counts for GenAI Apps
- Bootstrapping VM-Series in Virtual Metadata Collector Mode
- Bulk Import of Trusted IP Addresses
- Support for GCM Encryption
- Convert Local Configuration into Shared Snippets
- Centralized Management of AI Firewalls
- Device TACACS+
- Enhanced DC Routing Capabilities
- Exfiltration Shield
- Flow Details
- Move Flows
- Port Channel Interface
- Prisma SASE 5G
- Support for Prisma SD-WAN Copilot
- Proxy Chaining from Prisma Access Explicit Proxy to Third-party Proxy
- Native Prisma SASE Integration with Prisma SD-WAN
- Secure Fabric Tunnels for DC to DC
- Secure Group Tag (SGT) Propagation
- Simplified Security Policy Recommendations for SaaS Security Inline
- Advanced Control and Visibility Enhancements to Snippet Sharing
- Static IP Address Enhancements for Mobile Users
- Third-Party NDR Integration
- Visibility Into Prisma Access Configuration Push Status
- Web Access Policy Rule Replacement: Migrate to the New Internet Access Rule
- Enhanced RMA Workflow for Strata Cloud Manager
-
- SaaS Security Microapps in AI Access Security
- SaaS Security Licenses in AI Access Security
- Customize API Security with Centralized Management
- Tenant-Level User Inactivity Timeout
- LLM Powered User Risk Summary in Behavior Threats
- ION 3200H and ION 3200H-C5G-WW Hardware Devices
- Replace an ION Device in Strata Cloud Manager
- Visibility Support for New GenAI Apps in AI Access Security in January 2025
-
- Strata Copilot
- All Users for Prisma Access
- High-Performance Branch Sites Visibility
- Route Table Visibility at Branch Sites and Service Connections
- View Agent-Based Explicit Proxy
- View Prisma Access Agent in All Users
- View Static IP Address Allocation for Mobile Users
- Support for Prisma Access Browser and Cloud NGFW Data in the Strata Cloud Manager Command Center
- Domains Viewer in Activity Insights
- Slack Pro and Business App Scan
- Visibility Support for New GenAI Apps in AI Access Security in December 2024
- Prisma AIRS AI Runtime Support in Panorama
-
- Automate AI Application Security with Programmatic APIs
- End User Timeout Notifications
- Source IP Address Enforcement for Authentication Cookies
- Exclude URLs and Apps for Non-File Based Traffic
- Log Forwarding from Strata Logging Service China to AWS S3
- Named Configuration Snapshots for Strata Cloud Manager
- New Prisma Access Cloud Management Location
- NGFW Support for Strata Cloud Manager Configuration APIs
- Privileged Remote Access
- Role-Based Access Control for Managing and Overriding Security Checks
- Session Browser for Strata Cloud Managed NGFWs
- Specific SD-WAN Path Monitoring
- Support for Brotli Decompression
- Configure Split DNS for GlobalProtect App on iOS Endpoints
- EDM CLI App Version 3.5
- NG-CASB Standalone Web Interface Deprecation in November 2024
-
- Browser-Based Real User Monitoring (RUM)
- Configure Phishing Analysis
- Explicit Proxy for Colo-Connect
- Extend Prisma AIRS AI Network Security Across AWS and Azure
- Forward Syslogs for Enterprise DLP Incidents
- Google Drive Labeling
- Identity and Access Management Enhancements
- IKE Gateway with Dynamic IPv6 Address Assignment
- IPv6 Support on Cellular Interface for PA-415-5G Firewall
- Israel and Saudi Arabia Strata Logging Service Region Support
- Strata Logging Service License with One Year Log Retention and Unlimited Storage
- Multitenant Reports
- NPTv6 with Dynamically Assigned IPv6 Address Prefix
- Strata Logging Service in Device Associations
- Remote Network—High Performance Private App Access Support
- RFC6598 Mobile Users Address Pool for New Prisma Access (Managed by Strata Cloud Manager) Deployments
- Secure Integration of Third-Party Enterprise Browsers with Explicit Proxy
- Security Profile Visibility
- Simplified Application Test Configuration
- Static IP Address Enhancements for Mobile Users
- Streamlined Licensing for Strata Cloud Manager
- Support for Proxy ID in IPSec Transport Mode
- Test an Enterprise DLP Data Profile
- Wildcard FQDNs for Simplified ZTNA Connector Policy Management
- Scaling ZTNA Connector for High Application Counts
-
- Web Interface Changes to Support 25,000 Remote Networks and 50,000 IKE Gateways
- Auto VPN Link Bundling for Large Enterprises
- Private IP Address Visibility and Enforcement for Agent Based Proxy Traffic
- Bandwidth Consumption
- GlobalProtect Best Gateway Selection
- DoS and PBP Configurations Protect Firewalls from Internet-Based DoS Attacks
- Endpoint DLP
- Enhancements for Authentication Using Smart Cards
- Explicit Proxy Support in China
- Explicit Proxy Support for Advanced Services
- Extend AI Network Security to Google Cloud Platform
- IP Address Optimization for Explicit Proxy Users- Proxy Deployments
- Improvements for Multi Authentication CIE Experience
- Intelligent Internal Host Detection
- Multiple Virtual Routers on SD-WAN Branch
- Multitenant Application Monitoring Update
- New Check Box for Overriding Security Checks
- New Prisma Access Cloud Management Location
- PA-455-5G Next-Generation Firewall
- Panorama CloudConnector Plugin 2.1.0
- Prisma Access Browser Visibility
- Remote Browser Isolation in China
- Remote Networks—High Performance
- Route Summarization for Dynamic Privilege Access
- SC-NAT Support for Dynamic Privilege Access
- Strata Cloud Manager Centralized Report Management
- SD-WAN on 5G Cellular Interface
- Simplified Prisma Access Private App Connectivity
- Simplify Prisma Access SaaS Connectivity with IP Optimization for Mobile Users and Explicit Proxy Deployments
- Static IP Address Enhancements for Mobile Users
- TLS 1.3 and Pub/Sub Support for Traffic Replication
- Colo-Connect Monitoring
- View Prisma Access, Dataplane, and Application and Threats Content Releases in Strata Cloud Manager and Panorama
- Wildcard Support for Split Tunnel Settings Based on the Application
- ZTNA Connector Support for Commitless App Onboarding
- CLI Support to Connect to the GlobalProtect App with SAML Authentication
-
- Prisma AIRS
- Encrypt Outbound Email and Inspect Nested .EML Files
- Browser Support for Remote Browser Isolation
- Configure Management Settings
- Cross-Scope References Using Snippets
- Ability to Disable Default HIP Profiles
- Encrypted DNS for DNS Proxy and the Management Interface
- File Type Exclusion for Enterprise DLP
- Forward Email Alerts and SNMP Traps to External Servers
- Mobile Support for Remote Browser Isolation
- Panorama to Strata Cloud Manager Migration for Prisma Access
- Scan Support for ChatGPT Enterprise App
- Prisma SD-WAN Support for FedRAMP Moderate Environment
- Deleting Unused ZTNA Connector IP Blocks
-
- Auto VPN Support for HA Devices
- Policy Management for Your Cloud NGFW Resource Using Strata Cloud Manager
- Connect to GlobalProtect App with IPSec Only
- Dynamic Privilege Access
- Embedded Browser Framework Upgrade
- End User Coaching for Enterprise DLP
- Enhanced HIP Remediation Process Improvements
- Enhancements for Authentication Using Smart Cards-Authentication Fallback
- Enhancements for Authentication Using Smart Cards-Removal of Multiple PIN Prompts
- Global Find Using Config Search
- Intelligent Portal
- Local Configuration Management Support for Firewalls
- Manage and Share Common Configuration Using Snippet Sharing
- Native IPv6 Compatibility
- Overlapping IP Address Support
- PA-410R-5G Next-Generation Firewall
- Rule Order for Web Access Security Policy Rules
- Simplified License Activation and Default Tenant Creation
- Strata Logging Service in Strata Cloud Manager
- Third-Party CDR Integration for Remote Browser Isolation
- View and Monitor App Acceleration
- View and Monitor Native IPv6 Compatibility
- View and Monitor Third-Party Device-IDs
- ZTNA Connector Capabilities: Application Discovery, User-ID Across NAT, and Connector IP Block Deletion
-
- Advanced DNS Security
- Advanced Threat Prevention (ATP) Support on CN-Series Firewall
- Advanced Threat Prevention: Support for Zero-day Exploit Prevention
- App Acceleration Support for Additional Apps
- Authorized Support Center Support View
- Bulk Configuration
- Business Continuity During Mergers and Acquisitions
- Calgary and South Africa Central Compute Locations
- CIE (SAML) Authentication using Embedded Web-view
- Configuration File Compression
- Dynamic DNS Registration Support for GlobalProtect Mobile Users
- Explicit Proxy Forwarding Profiles with Multiple PAC File Support
- Explicit Proxy SAML Authentication Improvements
- Explicit Proxy Support for South Africa Central Location
- Fast-Session Delete
- FedRAMP Moderate
- FQDNs for Remote Network and Service Connection IPSec Tunnels
- GlobalProtect Portal and Gateway Support for TLSv1.3
- GlobalProtect Proxy Enhancements
- GlobalProtect Support for PAN-OS-11.2-DHCP-Based IP Address Assignments
- GTP Support for Intelligent Security
- Increased Maximum Number of Security Rules for PA-3400 Series Firewalls
- IPSec Serviceability
- Local Deep Learning for Advanced Threat Prevention
- SD-WAN Bandwidth Monitoring
- NGFW Clustering of PA-7500 Series Firewalls
- OOXML Support for WildFire Inline ML
- PA-410R Next-Generation Firewall
- PA-450R-5G Next-Generation Firewall
- PAN-OS 11.0, 11.1, and 11.2 Dataplane Support
- PAN-OS 11.2 Support for Panoramas That Manage Prisma Access
- Post Quantum Hybrid Key Exchange VPN
- Prisma Access Internal Gateway
- Remote Network Tunnel Automation API
- Static IP Address Allocation for Mobile Users
- Strata Cloud Manager Connectivity Using Port 443
- TLSv1.3 Support for HSM Integration with SSL Inbound Inspection
- User-ID for CN-Series
- User-ID Across NAT
- Virtual Systems Support on VM-Series Firewall
- Intelligent Traffic Offload - Layer 3 (Dynamic Routing) Support on VM-Series Firewall
- Intelligent Traffic Offload - NAT Support on VM-Series Firewall
- Zero Touch Provisioning (ZTP) Onboarding Enhancements
- View Preferred and Base Releases of PAN-OS Software
-
- Additional Private Link Types for SD-WAN
- Additional SD-WAN Hubs in VPN Cluster
- Aggregate Ethernet Interface Usability Enhancement
- App SLA Assurance Enhancements
- Branch Gateway
- Configuration Indicator
- Device Onboarding Rules
- External Gateway Integration for Prisma Access and On-Premises NGFWs
- Enhanced Incident Management
- Enterprise DLP Migrator
- Prisma SD-WAN OSPF
- SDDC — Megaport (VFF)
- Site Template JINJA Conditional Statements Support
- Software Cut-through based Offload on CN-Series Firewall
- Software Cut Through Support for PA-400 and PA-1400 Series Firewalls
- Subscription Usage Visibility for Prisma SD-WAN
- Support for Additional System Applications
- Support for Configurable Layer 3 Reachability Probes
- Standard VPN Enhancements for DC to DC
- Strata Cloud Manager: Activity Insights
- Strata Cloud Manager: Command Center
- Switch Virtual Interfaces Operational Enhancements
- Trusted IP List
- View Only Administrator Role Enhancement
- VRF- Support for Standard VPN, NTP, Syslog, and SNMP
- Web Proxy for Cloud-Managed Firewalls
-
- Authenticate LSVPN Satellite with Serial Number and IP Address Method
- Private Key Export in Certificate Management
- Clone a Snippet
- Security Checks
- Disable Tunnel Reoptimization
- DNS Reachability
- GlobalProtect Portal and Gateway
- IP Optimization for Mobile Users - GlobalProtect Deployments
- License Enforcement for Mobile Users (Enhancements)
- Multiple Virtual Routers Support on SD-WAN Hubs
- Native SASE Integration with Prisma SD-WAN
- New Prisma Access Cloud Management Location
- Normalized Username Formats
- PAN-OS Software Patch Deployment
- Policy Analyzer
- Saudi Arabia Compute Location
- Site Template Configuration for Large Scale Deployments
- TACACS+ Accounting
- Tenant Moves and Acquisitions
- Traceability and Control of Post-Quantum Cryptography in Decryption
- User Session Inactivity Timeout
-
- FedRAMP High "In Process" Requirements and Activation
- License Activation Changes
- Performance Policy with Forward Error Correction (FEC)
- View and Monitor ZTNA Connector Access Objects
- Software Cut-Through Support for PA-3400 and PA-5400 Series Firewalls
- Persistent NAT for DIPP
- ZTNA Connector Wildcard and FQDN Support for Applications and Additional Diagnostic Tools
-
- 5G Cellular Interface for IPv4
- Advanced WildFire Inline Cloud Analysis
- API Key Certificate
- App Acceleration in Prisma Access
- ARM Support on VM-Series Firewall
- Authentication Exemptions for Explicit Proxy
- BGP MRAI Configuration Support
- Cloud Managed Support for Prisma Access China
- Granular Configuration Audit Comparison
- Strata Logging Service with CN-Series Firewall
- Device-ID Visibility and Policy Rule Recommendations in PAN-OS
- Dynamic IPv6 Address Assignment on the Management Interface
- Dynamic Routing in CN-Series HSF
- Enhanced IoT Policy Recommendation Workflow for Strata Cloud Manager
- Enhanced SaaS Tenants Control
- Enterprise DLP Data Filtering Profile Configuration Sync
- Exclude All Explicit Proxy Traffic from Authentication
- GlobalProtect Portal and Gateway Support for TLSv1.3
- IKEv2 Certificate Authentication Support for Stronger Authentication
- Improved Throughput with Lockless QoS
- Incident Dampening
- Increased Device Management Capacity for the Panorama Virtual Appliance
- Inline Security Checks
- Integrate Prisma Access with Microsoft Defender for Cloud Apps
- Intelligent Security with PFCP for N6 and SGI Use Cases
- IoT Security: Device Visibility and Automatic Policy Rule Recommendations
- Device Security Support for CN-Series
- IP Protocol Scan Protection
- IPSec VPN Monitoring
- IPv6 for BGP Support
- Layer 2 Switching Capabilities in ION 3200
- Link Aggregation Support on VM-Series
- Maximum of 500 Remote Networks Per 1 Gbps IPSec Termination Node
- New Platform Support for Web Proxy
- New Template Variables
- PA-415-5G Next-Generation Firewall
- PA-450R Next-Generation Firewall
- PA-455 Next-Generation Firewall
- PA-5445 Next-Generation Firewall
- PA-7500 Next-Generation Firewall
- Policy Rulebase Management Using Tags
- Post Quantum IKE VPN Support
- PPPoE Client for IPv6
- Public Cloud SD-WAN High Availability
- Remote Browser Isolation
- Secure Copy Protocol (SCP) Support
- Security Checks
- Service Connection Identity Redistribution Management
- Service Provider Backbone Integration
- Session Resiliency for the VM-Series on Public Clouds
- SNMP-based Discovery for IoT Devices
- SNMP Network Discovery for Device Security
- Strata Cloud Manager: Application Name Updates
- Support for Strata Logging Service Switzerland Region
- TACACS+ Accounting
- Throughput Enhancements for Web Proxy
- TLSv1.3 Support for Administrative Access Using SSL/TLS Service Profiles
- Traceability and Control of Post-Quantum Cryptography in Decryption
- Traffic Replication Remote Network and Strata Cloud Manager Support
- Used-for-HA Capability on Layer 3 Interfaces
- VM-Series Device Management
- View and Monitor App Acceleration
- View and Monitor Remote Browser Isolation
- Virtual Routing Forwarding for WAN Segmentation
-
- Cloud IP-Tag Collection
- Config Version Snapshot
- Create a Custom Path Quality Profile
- Delete a Snippet
- Web Proxy for Cloud-Managed Firewalls
- High-Bandwidth Private App Access with Colo-Connect
- Integrate Prisma Access with Microsoft Defender for Cloud Apps
- Introducing ADEM APIs
- Log Viewer Usability Enhancements
- New Predefined BGP Redistribution Profile
- New Prisma Access Cloud Management Location
- Refresh Pre Shared Keys for Auto VPN
- Strata Logging Service Regional Support
- Troubleshoot NGFW Connectivity and Policy Enforcement Anomalies
-
- High-Bandwidth Private App Access with Colo-Connect
- Traffic Replication and PCAP Support
- Third-Party Device-ID in Prisma Access
- New and Remapped Prisma Access Locations and Compute Locations
- Transparent SafeSearch Support
- Private IP Visibility and Enforcement for Explicit Proxy Traffic Originating from Remote Networks
- Service Provider Backbone Integration
- Cloud Management of NGFWs
- Feature Adoption Dashboard
- Best Practices Dashboard
- Compliance Summary Dashboard
- Security Posture Insights Dashboard
- Advanced Threat Prevention Dashboard
- Custom Dashboard
- Device Health Dashboard
- Incidents and Alerts
- NGFW SDWAN Dashboard
- Capacity Analyzer
- Enhancements to CDSS Dashboard
-
- Conditional Connect Method for GlobalProtect
- Enhanced Split Tunnel Configuration
- Prisma Access Explicit Proxy Connectivity in GlobalProtect for Always-On Internet Security
- Host Information Profile (HIP) Exceptions for Patch Management
- Host Information Profile (HIP) Process Remediation
- License Activation
-
Enhanced Split Tunnel Configuration
Host a split tunnel configuration file on a local web server for expanded support for
domains, access routes and applications that you can update dynamically.
With Enhanced Split Tunnel you can manage the list
domains, access routes, and applications that you want to include or exclude from the
GlobalProtect tunnel using a split-tunnel configuration file that you host locally in
your environment. This allows you to modify your split-tunnel settings without having to
modify the configuration on the GlobalProtect gateway. In addition, this feature
increases the number of included and excluded split-tunnel access routes and domains
that you can define from 200 to 1,000. To use this capability, create the XML file and
host it on a web server that your GlobalProtect endpoints can reach. To secure the XML
file, you must sign it and then enable mutual TLS on the server hosting the split-tunnel
configuration file. You can push the public key certificate from the portal
configuration to the endpoint. The endpoint needs the certificate to authenticate to the
web server.
