Set Up Explicit Proxy

Prisma Access

Set Up Explicit Proxy

Table of Contents

Set Up Explicit Proxy

Set up Prisma Access Explicit Proxy.
Where Can I Use This?
What Do I Need?
  • Prisma Access (Cloud Management)
  • Prisma Access (Panorama Managed)
If you'd like to enable Private Source IP based visibility and enforcement on Explicit Proxy in your Prisma Access environment, get in touch with your account team to learn more.
  • Prisma Access
Use Explicit Proxy to secure mobile users by redirecting browser traffic to Prisma Access.
Onboarding Guidelines
—Use the following guidelines when you license and onboard your Explicit Proxy deployment:
  • Explicit Proxy supports a subset of Prisma Access locations.
  • You cannot add locations that are denoted with two asterisks; these are Local Zones and are not supported with Prisma Access.
  • If you have a Local or Evaluation license for Prisma Access for Users and you have a Mobile Users—GlobalProtect deployment as well as a Mobile Users—Explicit Proxy deployment, you can deploy a maximum of five locations for each (five locations maximum for Mobile Users—GlobalProtect and five locations maximum for Mobile Users—Explicit Proxy). If you have a Worldwide license, there are no restrictions for the maximum number of locations.
  • Explicit Proxy supports multitenancy under the following conditions: if you have an existing Prisma Access non-multitenant deployment and convert it to a multitenant deployment, only the first tenant (the tenant you migrated) supports Explicit Proxy. Any subsequent tenants you create for the multitenant deployment after the first do not support Explicit Proxy.
  • When onboarding an Explicit Proxy deployment, Palo Alto Networks recommends that all the configuration be performed in a single browser. You can, however, add security policies from multiple browsers or browser sessions.
  • URL filtering actions of
    are not supported and do not work with Explicit Proxy.
Learn how to set up Explicit Proxy.

Recommended For You