How to Manage Prisma Access
Table of Contents
4.0 & Later
Expand all | Collapse all
-
- Remote Networks: IPSec Termination Nodes and Service IP Addresses
- Remote Networks: IP Address Changes Related To Bandwidth Allocation
- Remote Networks: Service IP Address and Egress IP Address Allocation
- API Examples for Retrieving Prisma Access IP Addresses
- Get Notifications When Prisma Access IP Addresses Change
- Prisma Access Zones
- High Availability for Prisma Access
-
- Enable Dynamic Privilege Access for Prisma Access Through Common Services
- Authorize User Group Mapping in Cloud Identity Engine for Dynamic Privilege Access
- Enable the Access Agent
- Set Up the Agent Infrastructure for Dynamic Privilege Access
- Create a Snippet
- Create a Project
- Traffic Steering for Dynamic Privilege Access
- Push the Prisma Access Agent Configuration
- Download the Dynamic Privilege Access Enabled Prisma Access Agent Package
-
- Log in to the Dynamic Privilege Access Enabled Prisma Access Agent
- Change Preferences for the Dynamic Privilege Access Enabled Prisma Access Agent
- Connect the Dynamic Privilege Access Enabled Prisma Access Agent to a Different Location
- Switch to a Different Project
- Connect the Dynamic Privilege Access Enabled Prisma Access Agent to a Different Server
- Disable the Dynamic Privilege Access Enabled Prisma Access Agent
- View and Monitor Dynamic Privilege Access Users
- View and Monitor Dynamic Privilege Access Projects
- Automatic Tunnel Restoration in Dynamic Privilege Access Prisma Access Agents
- Manage Prisma SASE 5G
-
-
- Explicit Proxy Configuration Guidelines
- How Explicit Proxy Identifies Users
- Explicit Proxy Forwarding Profiles
- Explicit Proxy Best Practices
- Block Settings for Explicit Proxy
- Use Special Objects to Restrict Explicit Proxy Internet Traffic to Specific IP Addresses
- Configure Proxy Chaining with Blue Coat Proxy
- IP Address Optimization for Explicit Proxy Users- Proxy Deployments
- View User to IP Address or User Groups Mappings
- Report Mobile User Site Access Issues
- Enable Mobile Users to Access Corporate Resources
-
- Planning Checklist for Remote Networks
- Connect a Remote Network Site to Prisma Access
- Enable Routing for Your Remote Network
- Onboard Multiple Remote Networks
- Configure Remote Network and Service Connection Connected with a WAN Link
- Integrate a Shared Desktop VDI with Prisma Access Using Terminal Server
-
- Multitenancy Configuration Overview
- Plan Your Multitenant Deployment
- Create an All-New Multitenant Deployment
- Enable Multitenancy and Migrate the First Tenant
- Add Tenants to Prisma Access
- Delete a Tenant
- Create a Tenant-Level Administrative User
- Sort Logs by Device Group ID in a Multitenant Deployment
-
- Add a New Compute Location for a Deployed Prisma Access Location
- How BGP Advertises Mobile User IP Address Pools for Service Connections and Remote Network Connections
- Proxy Support for Prisma Access and Strata Logging Service
- Block Incoming Connections from Specific Countries
- Prisma Access for No Default Route Networks
-
-
- Default Routes With Prisma Access Traffic Steering
- Traffic Steering in Prisma Access
- Traffic Steering Requirements
- Default Routes with Traffic Steering Example
- Default Routes with Traffic Steering Direct to Internet Example
- Default Routes with Traffic Steering and Dedicated Service Connection Example
- Prisma Access Traffic Steering Rule Guidelines
- Configure Zone Mapping and Security Policies for Traffic Steering Dedicated Connections
- BGP Filtering and Route Metric Support on Service Connections in Prisma Access
-
- Configure Privileged Remote Access Settings
- Set Up the Privileged Remote Access Portal
- Configure Applications for Privileged Remote Access
- Set Up Privileged Remote Access Profiles
- Define Permissions for Accessing Privileged Remote Access Apps
- Manage Privileged Remote Access Connections
- Use Privileged Remote Access
How to Manage Prisma Access
There are two ways to manage Prisma Access; use Panorama to manage Prisma Access or,
for cloud management, use Strata Cloud Manager.
Where Can I Use This? | What Do I Need? |
---|---|
|
|
There are two ways you can manage Prisma Access, but you can't switch between the
management interfaces after you activate your Prisma Access license (with the
exception of using the migration workflow to go from
a Prisma Access (Managed by Panorama) to a Prisma Access (Managed by Strata Cloud Manager) deployment). So, you must decide how
you want to manage Prisma Access before you get started:
- Prisma Access (Managed by Strata Cloud Manager)To manage Prisma Access from the cloud, use Strata Cloud Manager. With cloud management, you can quickly onboard branches and mobile users through task-driven workflows that allow you to set up and test your environment in minutes. Cloud management with Strata Cloud Manager simplifies the onboarding process by providing predefined internet access and decryption policy rules based on best practices. Quickly set up IPSec tunnels using defaults suitable for the most common IPSec-capable devices and turn on SSL decryption for recommended URL categories.Strata Cloud Manager Command CenterThe Strata Cloud Manager Command Center page appears when you launch your Strata Cloud Manager. This command center helps you in assessing the health of your network, better visibility, and an overview of your data. The command center has different dashboards to view different types of reports.
- Summary: In the summary dashboard, you can view
the different types of data sources, platform infrastructure, like NGFW
or Prisma Access, through which the data flows from various data sources
to different applications in your network.
- Threats: In your threats dashboard, you can view
the threats detected by your security applications. You can use this
dashboard to monitor the blocked and allowed threats on your network or
investigate areas of your network that might have a low percentage of
inspected traffic.
- Operational Health: Shows the health and user
experience on your network as it is monitored by ADEM. You can use this
view to monitor the user experience on your network and review the
severity of open incidents.
- Data Security: Shows the traffic within your
network that has been flagged as having sensitive data by DLP and SaaS
security subscriptions. You can use this view to monitor the data
flowing through your firewalls and connected SaaS applications and the
severity of any data risks on your network.
Click any of these categories in your dashboards to filter results accordingly. - Summary: In the summary dashboard, you can view
the different types of data sources, platform infrastructure, like NGFW
or Prisma Access, through which the data flows from various data sources
to different applications in your network.
- Prisma Access (Managed by Panorama)Use the Cloud Services plugin on Panorama to set up and manage Prisma Access. This is a good option if you're already using Panorama to manage next-generation firewalls and you have a common policy that you want to use for access to your corporate applications.Even if you're using Panorama to manage Prisma Access, you can still use Strata Cloud Manager for many Prisma Access visibility and monitoring features. Learn more.
After you decide which management option you want to use, get started by following
the licensing and activation workflow for you option you have selected:
- To get started with Prisma Access (Managed by Panorama), perform license activation from the customer support portal (CSP) and install the Cloud Services plugin on Panorama.
- To get started with Cloud Managed Prisma Access, perform license activation from the hub.
Feature Parity Between Panorama and Cloud
Management
There are some differences between what is supported on Prisma Access (Managed by Panorama)
Access and Prisma Access (Managed by Strata Cloud Manager). For a list of feature support in
Prisma Access (Managed by Panorama) and Prisma Access (Managed by Strata Cloud Manager), refer to the
compatibility matrix.