Prisma Access Agent
Set Up Lockdown Mode for Always On Connect Method on Android Endpoints Using Microsoft Intune
Table of Contents
Set Up Lockdown Mode for Always On Connect Method on Android Endpoints Using Microsoft Intune
Set Up Lockdown Mode for Always On Connect Method on Android Endpoints Using
Microsoft Intune
For devices configured with always on connect method, you must enable lockdown, which
forces the secure connection to always be on and connected in addition to disabling
network access when the app is not connected.
- On the Microsoft Intune admin center, navigate to .Click .
![]()
Set Platform to Android Enterprise and Profile type to Device restrictions and then click Create.![]()
On the Basics tab, enter a name and description and click Next.Expand Connectivity and enable Always-on VPN (work profile-level).- Set the VPN client to Palo Alto Networks Prisma Access Agent.Enable Lockdown mode if required.The Lockdown mode ensures that all network traffic from Android endpoints passes through the Prisma Access Agent app, thereby enforcing security policies and preventing unauthorized access. When enabled, it blocks all network traffic on the endpoint until a connection to the Prisma Access Agent is established.Click Next.Assign the policy to included user groups and click Next.Review the settings and click Create.
