Maintaining a strong security posture requires control over how users interact with security solutions. Prisma® Access Agent provides secure remote access to your organization's resources, but by default, users can modify the server name, also known as the Prisma Access Agent Manager FQDN, potentially bypassing the security controls that you've established.

With the agent configuration setting, administrators gain control over whether users can add or edit server connection information in the Prisma Access Agent. This enhances your ability to enforce always-on connectivity and prevent users from connecting to unauthorized servers. When you restrict FQDN editing, users cannot modify existing server information or add new servers.

You can configure this setting on a per-user, per-user-group, or per-project basis for granular control across your environment. The feature works seamlessly with both Dynamic Privilege Access and non-Dynamic Privilege Access environments and maintains compatibility when users switch between them.

This capability helps prevent unauthorized configuration changes that could bypass your security controls, ensuring all users maintain proper connections to your Prisma Access or Next-Generation Firewall (NGFW) infrastructure as defined by your policies. By restricting FQDN modifications, you strengthen your security posture while still enabling the flexibility of multiple pre-configured connection options when needed.