Location-based Policy
The location-based policy can be used to limit access to the Prisma Browser based
on location.
| Where Can I Use This? | What Do I Need? |
|---|
- Strata Cloud Manager
- Prisma Browser standalone
- Prisma Browser Mobile
- Prisma Browser Extension
|
- Prisma Access with Prisma Browser bundle license or
Prisma Browser standalone license
- Superuser or Prisma Browser
role
|
Linux/IGEL browser - No support
This feature requires Prisma Browser version 129.90.2910.2 and later.
You now have the ability to apply policies based on the device's location in addition to
the other Scope parameters that can be used for all policy rules.
The policy engine evaluates the location of the device every 60 minutes and reports the
location back to the server. For macOS and Windows devices, the policy engine will use
the OS Location Services, if enabled. Otherwise the engine will use Geo IP location.
Important Information for Admins
- End-users who use VPN services can change their public IP by selecting a
different location for their connection. For example, a user in Germany can
decide to connect to the company network from a location in the United States,
depending on the VPN provider.
- To reduce the risk of location bypass, you can use MDM (for managed
devices) and enable OS location services to the browser, as well as to
browsers that use the Prisma Browser Extension.
The location may not be accurate around
national borders for both OS Location Service and Geo IP.
- The Prisma Browser for Mobile currently uses only Geo IP.
- macOS Location Services are temporarily unavailable in Israel. See here for
more information. Why have Apple and Google disabled map
features in Israel and Gaza?
Older versions of the Prisma Browser can only use Geo
IP. If you want to use OS Location Service, you need to upgrade.
Prisma Browser for Mobile supports Geo IP only.
Linux/IGEL Browser - No Support
