Prisma® Access Agent extends Lightweight Directory Access Protocol (LDAP) authentication support to Panorama® Managed Prisma Access and Next-Generation Firewall (NGFW) deployments, enabling you to leverage your existing GlobalProtect® Portal LDAP authentication infrastructure, eliminating the need to reconfigure authentication methods when migrating to Prisma Access Agent.

Similar to Strata Cloud Manager deployments, you can now configure the Prisma Access Agent in Panorama managed deployments to authenticate users against your existing directory services through the GlobalProtect Portal. This integration provides a seamless authentication experience for your users while maintaining your existing policies. The feature supports all standard LDAP configuration options, including Base Distinguished Name (DN), Bind DN, multiple LDAP servers, Secure Socket Layer/Transport Layer Security (SSL/TLS) secure connections, and server certificate verification for Secure Sockets Layer (SSL) sessions. You can also combine LDAP authentication with client certificate authentication using AND/OR logic to meet your specific security requirements.