Prisma Access Agent Overview
Learn about the features that are supported in the Prisma Access Agent.
| Where Can I Use This? | What Do I Need? |
|---|
|
|
- Minimum Prisma Access Agent version: 25.1.0.14
- macOS 14 and later or Windows 10 version 2024 and later desktop devices
- Internet access
|
The Palo Alto Networks Prisma Access Agent is a secure access agent that is
purpose-built for a remote-first workforce. It’s focused on making the entire user
experience better for end users, network admins, and IT help desk personnel without
compromising on security.
You can use the Prisma Access Agent to access your organization's network,
resources within the network, SaaS applications, or the internet securely from any
location so that you can be productive in a hybrid workforce. Prisma Access Agent
enables you to easily connect to corporate headquarters, data centers, branch offices,
or educational institutions where Prisma Access or Palo Alto Networks
Next-Generation Firewalls (NGFW) are deployed. When you’re connected to a location
(gateway) while working from anywhere, you benefit from the same security policies that
protect the sensitive resources in your organization's network.
In addition, the Prisma Access Agent can help secure you and your devices from
threats and malware through Advanced Threat Prevention, Advanced URL Filtering, DNS
Security, sandboxing, and more.
Prisma Access Agent Features
The following features provide for a simplified agent experience:
- Automatic Location Selection
The Prisma Access Agent is a
simplified app that enables you to access your organization's network,
resources, SaaS applications, or the internet using your organization's
security policies that are extended to your device. If your administrator
has configured the agent in Always On mode, you are
automatically connected to your network using the best available location
whenever you log on to your device. If your app is configured in
On Demand mode, you can connect to the best
location with the click of a button.
- ADEM Integration
- Notifications
To minimize disruptions when you re accessing your
organization’s network, resources within the network, SaaS applications, or
the internet, the Prisma Access Agent provides ample notifications so
that you’re always aware of the status of your connection.
Prisma Access Agent notifications are fully integrated with your
operating system, enabling you to customize how they behave like any other
application on
macOS or
Windows.
- Problem Resolution
You can save time by using the resources provided by
the
Prisma Access Agent to help resolve issues without having to
contact your IT help desk or administrator. If the Access Experience agent
is installed on your device, you can leverage
the insights provided by ADEM to
fix potential problems.
- Anti-tamper Feature
To safeguard
Prisma Access Agent, your
administrator can
enable the anti-tamper protection
feature, which prevents any user from tampering with the
Prisma Access Agent, such as unauthorized removal of the agent from
your device. The anti-tamper feature can protect the following
Prisma Access Agent resources on your device:
- Prisma Access Agent folders and files—Unauthorized users can’t
delete or rename any Prisma Access Agent-related files and
folders.
- Prisma Access Agent services and host information profile (HIP)
processes—Unauthorized users can’t stop any Prisma Access Agent-related services and HIP processes. The HIP processes collect
information about the host that the Prisma Access Agent running is
running on and submits the host information to Prisma Access for
inspection.
- Prisma Access Agent Registry keys (Windows-only)—Unauthorized
users can’t delete or update the Windows Registry keys for the Prisma Access Agent.
- The PACli command-line interface—Unauthorized users can’t disable the
Prisma Access Agent or the anti-tamper feature using the PACli
command-line interface. Administrators and authorized users who need to
perform certain actions for troubleshooting at the command line must
provide the anti-tamper unlock password when prompted.
