Prisma Access uses a shared ownership model. Palo Alto Networks
manages the underlying security infrastructure, ensuring it is secure,
resilient, up-to-date and available to you when you need it. Your
organization’s responsibility is to onboard locations and users,
push policies, update them, query logs, and generate reports.
Your organization manages the following components of the security
—You manage the onboarding of mobile users.
—You manage the authentication of those users.
Mobile device management (MDM)
—You can control your
organization's mobile devices that are protected with Prisma Access
using your own MDM software.
—You plan for and create
the policies in Panorama to use with Prisma Access.
Log analysis and forensics
—Prisma Access provides
the logs, you provide the analysis and reporting, using integrated
tools provided by us or by another vendor.
—You provide the on-premise security
between micro-segmentations of your on-premise network. In some deployments,
you can also direct all traffic to be secured with Prisma Access.
—You provide the network connectivity to Prisma
—You monitor the on-premise network’s status.
You provide the connectivity
to the Prisma Access gateway for mobile users (for example, provide
an ISP), and you also provide the on-premise devices used as the
termination points for the IPSec tunnels used by service connections
and remote network connections.
—You onboard the mobile users, HQ/Data center
sites, and branch sites.
Palo Alto Networks manages the following parts of the security