Deploy Prisma Access Browser Using Intune
Focus
Focus
Prisma Access Browser

Deploy Prisma Access Browser using Intune

Table of Contents


Deploy Prisma Access Browser Using Intune

Learn how to deploy Prisma Access Secure Enterprise Browser (Prisma Access Browser) using Intune.
Microsoft Intune is a cloud-based endpoint management solution. It manages user access to organizational resources and simplifies app and device management across your many devices, including mobile devices, desktop computers, and virtual endpoints.
  1. Open the Microsoft Intune Admin Center.
  2. Select AppsAll apps.
  3. Click + Add.
  4. In the Select app type window, select Line-of-business app.
  5. Click Select.
  6. In the App information step, click Select app package file.
  7. In the App package file window, browse to the MSI installation file, named PrismaAccessBrowserSetup.msi.
  8. Click Ok.
  9. Enter all the needed properties.
    1. Enter a name for the app. This will be visible in the Intune list and in the Company Portal.
    2. Provide a brief description of the app and its benefits for users. This description will be available in the Company Portal, where you can use rich text formatting to enhance it.
    3. Enter the name of the app’s publisher, which appears in the Company Portal.
    4. App install context – Select the Device.
    5. Show this as a featured app in the Company Portal – we recommend that you select Yes so that it will be easier for your users to find.
    6. Select the appropriate Logo for the application. Contact support for the correct file.
  10. Click Next.
  11. Select the Assignments for this app.
    1. For Available for enrolled devices, select Add group, and select the required Entra groups assigned to the application.
    2. If you select Add all users, then the Entra assignment will include all Entra users in your organization.
  12. Click Next.
  13. Review all the settings and click Create to create the new app, or Previous to make changes.
    Creating the app might take a few additional minutes. The application will be available for use after this step.

Set Prisma Access Browser Mobile as the Default Browser for Intune-managed Apps

If you are using Intune to manage your deployment, you can set Prisma Access Browser Mobile as the default browser. Intune empowers you to set a default browser for organization-managed apps. This can be applied globally through App Protection Policies, or selectively for specific, critical applications. This is particularly relevant for mobile devices (iOS and Android), as they are often employee-owned. However, enforcing a company browser as the default for all apps might raise employee concerns.
Enforcing the Prisma Access Browser for your Intune-managed apps significantly enhances your organization's data security. This approach safeguards against phishing and identity theft by limiting how URLs are opened. Only the approved Prisma Access Browser can be used, minimizing the risk of exposure to malicious links.
Furthermore, Intune's clipboard control adds another layer of protection. It prevents users from copying and pasting links into unmanaged apps. This ensures that organizational data is always accessed through trusted and controlled applications.
In essence, designating the Prisma Access Browser for Intune apps mitigates the risks associated with phishing and other identity-based attacks.
This requires an Intune Plan 1 license.
  1. Browse to the Intune Admin Portal → App Protection Policies → Select the policy you want to modify or create.
  2. At the Data Protection step, select "Restrict web content transfer with other apps", and enter Unmanaged browser
  3. (Optional) For iOS devices: In the Unmanaged browser protocol field, enter pab://.
    This requires Prisma Access Browser iOS version 1.4046 or later.
  4. (Optional) For Android devices:
    1. In the Unmanaged Browser ID field, enter com.talonsec.talon.
    2. In the Unmanaged Browser Name field, enter PA Browser.
  5. More information on Intune's App Protection Policies.