Use the Prisma Access Agent App (Managed Devices)

1. Open the Prisma Access Agent app by tapping the PA Agent icon.
2. The agent will connect based on the connect method configured by your Prisma Access Agent administrator. The Prisma Access Agent supports the following connect methods:

   • Always-On
     In an Always-On configuration, Prisma Access Agent automatically connects as soon as end users log in. You can optionally enable Lockdown Mode to enforce all network traffic through the Prisma Access Agent and block traffic that does not go through the Prisma Access Agent.
   • On-Demand
     In an on-demand configuration, end users must manually connect Prisma Access Agent through the application. Traffic is routed through the Prisma Access Agent app only after the end users initiate and establish the connection.
   • Per-App
     In a per-app configuration, you can specify the managed apps that can route traffic through Prisma Access Agent when connected. If using an allowlist, only the specified apps will be routed through Prisma Access Agent. If using a blocklist, all traffic will be routed through Prisma Access Agent except for the specified apps.