Focus

Prisma Access

Configure RDP Applications for Privileged Remote Access

Table of Contents

Filter

Expand All | Collapse All

Prisma Access Docs

Release Notes
Select a Document
- 6.0 Preferred and Innovation
- 5.2 Preferred and Innovation
- 5.1 Preferred and Innovation
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Activation & Onboarding
Administration
Select a Document
- 4.0 & Later
- Prisma Access China
Integrations
Incidents & Alerts

Configure RDP Applications for Privileged Remote Access

Add the RDP apps that your users will access remotely from the Privileged Remote Access portal.

To add the RDP apps that your users will remotely access from your PRA portal:

Navigate to the PRA Applications page.
- For Prisma Access (Managed by Strata Cloud Manager):
  1. Log in to Strata Cloud Manager as the administrator.
  2. Select WorkflowsPrivileged Remote AccessApplications.
- For Prisma Access (Managed by Panorama):
  1. Launch Privileged Remote Access from the Cloud Services plugin on Panorama by selecting PanoramaCloud ServicesPrivileged Remote Access.
  2. Click Get Started.
  3. Select WorkflowsPrivileged Remote AccessApplications.
Click ApplicationsAdd Application.
Configure general settings for the app.
1. Select App TypeRDP.
2. Enter a Name for the app.
3. (Optional) Select a Keyboard Layout to use for the remote RDP app.
4. (Optional) Enter a description for the app.
5. Enter the Destination FQDN or IP address of the app. The FQDN or IP address must be reachable using a Service Connection in your Prisma Access tenant.
6. Enter the Port to use for the app, if different from the default port.
  
  You can enter only one port between 1-65535. (Default: 3389)
Configure additional settings for the RDP.
1. (Optional) Enter the User Name and Password for the remote app, and confirm the password. The username and password are optional, but you must enter both settings or leave both blank.
2. Select the Security Mode for the app, which determines the authentication and encryption method for the RDP connection.
  NLA (Network Level Authentication)—(Recommended) This is the default and highest security option. With NLA, users must authenticate with valid credentials before establishing a full remote desktop session. This preauthentication process (CredSSP) helps protect server resources by validating user identity first, before consuming significant memory or processing power.
  
  Best for: Standard direct RDP connections where you need maximum security.
  
  TLS Encryption—This mode uses Transport Layer Security to encrypt the connection, but authentication happens after connection establishment at the Windows login screen rather than beforehand.
  
  Best for: Specialized network setups including RDP Gateway connections or load-balanced server farms where the initial connection might be redirected to different target servers.
3. (Optional) Enable Legacy Windows Mode if you experience display issues when connecting to older Windows systems.
  
  Some older Windows operating systems, such as Windows 7, might experience display problems due to incorrect color depth negotiation. These systems usually support 16-bit color but can fail when attempting to fall back to 8-bit color, which can result in corrupted display or connection failures. When enabled, this mode uses a color depth negotiation method designed for compatibility with these older systems.
Save your settings. The application is added to the Applications table. You can visit this page later to add, edit, or remove an app.

Prisma Access Docs

Configure RDP Applications for Privileged Remote Access

Prisma Access Docs

Configure RDP Applications for Privileged Remote Access

Activation & Onboarding

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

Best Practices

Experts Corner

Translated Documents