Where Can I Use This? | What Do I Need? |
Prisma Access (Managed by Strata Cloud Manager)
|
Prisma Access 5.1 Innovation Prisma Access
license with the
Mobile User subscription macOS 12 or later desktop devices or Windows 10 version
2024 or later or Windows 11 desktop devices Role: Superuser
|
You can define which host attributes you're interested in monitoring
or using for policy enforcement by creating HIP objects and HIP Profiles on the Prisma Access gateway.
HIP objects consist of the matching criteria used to filter out the
host information that you are interested in using to enforce policy from the raw
data reported by the Prisma Access Agent. For example, while the raw host data
might include information about several antivirus packages that are installed on the
endpoint, you might only be interested in one particular application. In this case,
you would create a HIP object to match the specific application you are interested
in enforcing.
The best way to determine what HIP objects you need is to determine
how you will use the host information you collect to enforce the policy. Keep in
mind that the HIP objects themselves are merely building blocks that allow you to
create the HIP Profiles that are used in your security policies. Therefore, try to
keep your objects simple by matching on one item, such as the presence of a
particular type of required software, membership in a specific domain, or a specific
OS. By doing this, you will have the flexibility to create a granular HIP-augmented
policy.