What's New in the NetSec Platform
Explicit Proxy Connectivity in Prisma Access for GlobalProtect
Table of Contents
Explicit Proxy Connectivity in Prisma Access for GlobalProtect
Learn about using GlobalProtect for explicit proxy in Prisma Access
Organizations often struggle to maintain consistent internet and SaaS security when users
rely on third-party VPN agents for access to private applications. This disjointed
approach creates security gaps and deployment complexity.
Prisma® Access, with GlobalProtect® 6.2, addresses this challenge by supporting explicit
proxy connectivity. This feature protects users with always-on internet security while
providing on-demand access to private apps through a third-party VPN, GlobalProtect with Prisma Access, or an
on-premises Next-Generation Firewall (NGFW).
This capability enables you to:
- Easily replace third-party proxy solutions
- Coexist with third-party VPN agents
- Secure internet traffic using browser-based and non-browser-based apps
- Simplify proxy deployments and enforce User-ID-based policy against all traffic
In addition to Tunnel mode, GlobalProtect Explicit Proxy supports two connectivity methods:
- Proxy Mode
- Tunnel and Proxy Mode
This connection method
enables you to use a third-party VPN agent while still using Prisma
Access as a secure web gateway for consistent and
superior internet and SaaS security.
This mode
enables you to secure access to the internet and SaaS applications through proxy
mode and to secure access to private apps through tunnel mode. Whether or not theGlobalProtect tunnel for private app access is enabled,
access to the internet remains secure through the proxy.
Users can access
private apps through Prisma Access:
Or through an on-premises firewall:
If you don't require support for explicit proxy or third-party VPNs from the
GlobalProtect app, you can continue to deploy GlobalProtect in Tunnel Mode and use the split tunnel functionality to define what
traffic you want to secure with Prisma Access, and which
traffic can bypass the tunnel.