License and Activate Prisma Access
After you purchase a Prisma Access license, you’ll receive an email with an activation link. The link launches a guided workflow that’ll get you up and running with Prisma Access.
Prisma Access provides a flexible licensing scheme so that you can purchase just what you need to secure your remote networks and mobile users. The instructions here are for activating Prisma Access licenses if you’re using the Prisma Access app as your management interface. If you are planning to use Panorama to manage Prisma Access, follow the instructions for licensing Panorama Managed Prisma Access.
Prisma Access Licenses
Prisma Access offers a licensing model that allows you to implement and use the capabilities of Prisma Access aligned to your business needs in a way that delivers the fastest return on investment. Whether your applications are migrating to the cloud, your users are working from anywhere, or if you are looking to gain operational efficiencies, Prisma Access offers the relevant type of license for your deployment.
You can choose from the following license editions:
- Business Premium
- Zero Trust Network Access (ZTNA) Secure Internet Gateway (SIG)
ZTNA SIG is available for Prisma Access for Mobile Users only; you can use all other editions with Mobile Users, Remote Networks, or both mobile users and remote networks.
All license editions are available for Local and Worldwide Prisma Access locations. When you purchase a license with Worldwide locations, you can deploy Prisma Access in all Prisma Access locations. When you purchase a license with Local locations, you can select up to 5 Prisma Access locations.
What’s Offered in the Licensing Editions?
Here’s what each Prisma Access license edition provides.
The following table provides a licensing edition overview showing the licenses types and security capabilities that are supported for each edition (Enterprise, ZTNA SIG, Business Premium, and Business).
Access to Private Apps via Service Connection
Number of Service Connections for Private App Access
2 (with Local Editions)
5 (with Worldwide Editions)
2 (with Local Editions)
5 (with Worldwide Editions)
Additional Service Connections for Private App Access
Net Interconnect for Site to Site and User to Site access
Others Licenses to Use With Prisma Access
Learn about the cloud services you can use with Prisma Access.
Cloud services that you want to integrate with Prisma Access must be deployed in the same region as Prisma Access. You can integrate these cloud services with Prisma Access when you first activate Cloud Managed Prisma Access, or anytime afterward.
- Cortex Data Lake—Prisma Access logs are stored in Cortex Data Lake, and so Prisma Access requires you to also have a Cortex Data Lake license.It’s a good idea to activate Cortex Data Lake before you begin activating Prisma Access. If you try to activate Prisma Access without first activating Cortex Data Lake, Prisma Access will guide you to activate Cortex Data Lake before allowing you to continue Prisma Access activation.Your Cortex Data Lake instance and Prisma Access instance must be deployed in the same region.(Required)
- Cloud Identity Engine (Directory Sync)—Cloud Identity Engine gives Prisma Access read-only access to your Active Directory information, so that you can easily set up and manage security and decryption policies for users and groups. Cloud Identity Engine is free and does not require a license to get started.
- Prisma SaaS—Integrate Prisma SaaS with Prisma Access for Clientless VPN and authentication support.
Activate Prisma Access
After you purchase your Prisma Access licenses, you’ll receive an activation email. The email includes a link that launches a guided activation.
The Prisma Access guided activation walks you through everything you need to launch Prisma Access, including:
- Creating a Customer Support Portal account.You’ll need to associate your Prisma Access environment with your support account.
- Activating Cortex Data Lake.If you don’t already have an instance of Cortex Data Like, you must purchase a license along with your Prisma Access licenses. This is because Prisma Access logs to the Cortex Data Lake. During the Prisma Access activation, you can activate a new Cortex Data Lake or associate Prisma Access with an existing Cortex Data Lake.
- Choosing your Prisma Access management interface.You can use Panorama to manage Prisma Access, or the Prisma Access app for cloud management. You cannot change your management interface after you’ve activated Prisma Access.
After purchasing your Prisma Access licenses, you’ll receive a Prisma Access activation email from Palo Alto Networks. Now you’re ready to get started.
- Select any of the links in your Prisma Access activation email toActivateyour products.
- Choose the products you want to activate andStart Activation.If you want to associate Prisma Access with a Cortex Data Lake that’s already activated, do not activateCortex Data Lake.
- Associate your new products with a support account.If you don’t yet have a support account, you can pause now to set one up and continue this workflow when you’re done.
- Choose the interface you’ll use to manage your Prisma Access deployment. For cloud management with the Prisma Access app, choose toCreate New Cloud-Based Management Console.If you’re already using the Prisma Access app and are activating a new feature license, you can instead choose the Prisma Access app instance to which you want to apply the license.
- Review your setup.Make sure that you are deploying Prisma Access and Cortex Data Lake in the same region. Product activation begins when youConfirm Selections. The hub will show you product activation progress and confirm with you when your products are ready to go.
- Double-check that your licenses are active.
- From the manage apps page, verify that you see the licenses associated with your Prisma Access app instance:
- Go back to the hub home page.Prisma Access now shows up on the hub as one of your apps.Click on the Prisma Access icon on the hub to launch the app.
- Verify that the Remote Networks and/or Mobile Users tiles on theDashboardshow the correct amount of bandwidth and/or number of users that you licensed.
- View and update Prisma Access role assignments.Go to the hub access management page(on the top right of the hub homepage, click the settings gear and selectAccess Management).The Access Management page lists all the users in your organization and the roles to which they’re assigned.Activating Prisma Access automatically adds you as a Prisma Access instance administrator (unless you are already an account administrator or a Prisma Access app administrator—in these cases, Prisma Access activation does not impact your role).As an instance administrator, you can give others within your support account access to the Prisma Access instance you’ve activated.
Prisma Access License Details
In Cloud Managed Prisma Access, go to the Licenses page to verify your license details (
Recommended For You
Recommended videos not found.