Decide How You Want to Manage Prisma Access

There are two ways to manage Prisma Access. Pick the management method that works best for your organization.
There are two ways you can manage Prisma Access, but you cannot switch between the management interfaces after you activate your Prisma Access license. Therefore, you must decide how you want to manage Prisma Access before begin setting up the product:
  • Panorama Managed Prisma Access
    —Use the Cloud Services plugin on Panorama to set up and manage Prisma Access. This is a good option if you are already using Panorama to manage next-generation firewalls and you have common policy that you want to leverage for access to your corporate applications.
  • Cloud Managed Prisma Access
    —Use the Prisma Access app on the Palo Alto Networks hub to quickly onboard branches and mobile users through task-driven workflows that allow you to set up and test your environment in minutes. Cloud Managed Prisma Access simplifies the onboarding process by providing predefined internet access and decryption policy rules based on best practices. Quickly set up IPSec tunnels using defaults suitable for the most common IPSec-capable devices and turn on SSL decryption for recommended URL categories.
There are some differences between what is supported on Panorama Managed Prisma Access and Cloud Managed Prisma Access. For a list of feature support in Panorama Managed Prisma Access and Cloud Managed Prisma Access, refer to the compatibility matrix.
After you decide which management option you want to use, get started by following the licensing and activation workflow for you option you have selected:

Related Documentation