Prisma Access
Create and Manage HIP Objects for the Dynamic Privilege Access Prisma Access Agent
Table of Contents
Create and Manage HIP Objects for the Dynamic Privilege Access Prisma Access Agent
Prisma Access Agent
Define which host attributes you want to monitor or use for policy enforcement by
creating HIP objects and HIP Profiles on the
Prisma Access
gateway.Where Can I Use This? | What Do I Need? |
|---|---|
|
|
You can define which host attributes you're interested in monitoring
or using for policy enforcement by creating HIP objects and HIP Profiles on the Prisma Access gateway.
HIP objects consist of the matching criteria used to filter out the
host information that you are interested in using to enforce policy from the raw
data reported by the Prisma Access Agent. For example, while the raw host data
might include information about several antivirus packages that are installed on the
endpoint, you might only be interested in one particular application. In this case,
you would create a HIP object to match the specific application you are interested
in enforcing.
The best way to determine what HIP objects you need is to determine
how you will use the host information you collect to enforce the policy. Keep in
mind that the HIP objects themselves are merely building blocks that allow you to
create the HIP Profiles that are used in your security policies. Therefore, try to
keep your objects simple by matching on one item, such as the presence of a
particular type of required software, membership in a specific domain, or a specific
OS. By doing this, you will have the flexibility to create a granular HIP-augmented
policy.
- From Strata Cloud Manager, select .
- EdittheGlobal Agent Settings.
![]()
- SelectHIP Notificationsand clickAdd.
![]()
- ClickCreate HIP Object.
![]()
- Enter aNameandDescriptionfor the object.
- Select the tab that corresponds to the category of host information you are interested in matching against, and then select the check box to enable the object to match against the category.For example, to create an object that looks for information about antivirus or antispyware software, select theAnti-Malwaretab, and then select theAnti-Malwarecheck box to enable the corresponding fields. Complete the fields to define the desired matching criteria.For example, the following image shows how to create a HIP object that matches if the endpoint has the AVAST Free Antivirus software application installed, hasReal Time Protectionenabled, and has malware definitions that have been updated within the last 5 days.
![]()
Repeat this step for each category you want to match against in this object. For more information, see Table: Data Collection Categories. - SaveandAddyour HIP object.
- To manage your HIP objects, you can select an existing object from the HIP notifications table or clickAddin the Edit Global Agent Settings page to open the HIP notifications window.From there, clickManage HIP Objectto view the list of HIP objects that you configured. You can select a HIP object andDelete,Clone, orMoveit.
