Prisma Access
Add and Discover Applications
Table of Contents
Add and Discover Applications
Add the applications you want to protect using Private App Security.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
There are two ways to define the applications to be protected by Private App
Security:
- Define applications manually.
- Use the automatically discovered private domains observed in the Prisma Access traffic.
Add New Applications Manually
To add an application, it is necessary for you to confirm that at least one
active gateway or remote network has been active for a minimum of one hour.
This is essential, because the private key from the gateway or remote
network is required to generate the per-domain certificate.
- Log in to Strata Cloud Manager.Select .Select Add Application.The Add Application page appears. Complete General and Destination Details.
- Add an Application Name and an optional
Description. Select a
Type (for example, Web
Browsing), and search for an optional
Group.An application group is a collection of applications to which an admin wants to apply identical policies. Instead of applying similar policies to each individual application, the admin can create an application group, add all relevant applications, and assign a single policy to the entire group. This streamlines policy management, making it cleaner and more efficient.
- Under Destination Details, define the application's destinations. Each application might have multiple domains; enter all of them here. Enter each domain name accompanied by port number 443, and Save your changes.
![]()
Define Application Groups
An application group is a collection of applications, and one application can belong to multiple application groups. Application groups provide the ability to bundle multiple applications that need to be managed in a similar way. The application security policies can be than associated directly through these app groups, keeping the configuration leaner.- Go to .
- Select Add Group.
- Enter a name and an optional description.
- Save your changes.
From the Application Groups table, click on the name of a group to see the apps it includes.Define Applications from Automatically Discovered Domains
Admins often lack awareness of all private applications and domains accessed internally. Additionally, they may not be able to identify which applications are safeguarded by Private App Security policies to prevent application-specific attacks. On the Application Discovery page, we list all private domains being accessed that lack protection from Private App Security; for example, domains not included in an application definition and without associated Private App Security policies. To minimize the risk of application-specific attacks, these domains can be easily integrated into an application definition and subjected to best practice Private App Security policies. These private applications are vital to the business and may contain sensitive data.- Go to .
- Under Discovered Applications, view the list of
private domains that generate traffic but are not protected by Private App
Security. Select the domain or domains for which you want to apply Private
App Security policies. To select all domains, click
FQDN.
![]()
- Decide whether to add this domain to a New or already
Existing application.
![]()
- The selected domain is prepopulated in the next application definition screen, where the admin needs only to define a name for this application.
![]()
