Web Security: Objects (Cloud Management)
Objectsis where you’ll find the objects that are supported for a web access policy in Prisma Access Cloud Management.
To go to Web Security
Group specific sources that require the same policy enforcement. Address objects can include IPv4 and IPv6 addresses (single IP, range, subnet), or FQDN. Alternatively, you may define a region by the latitude and longitude coordinates, or you can select a country and define an IP address or range. You can then group a collection of address objects to create an address group object.
Specify a checklist of device categories and other device criteria for endpoints to be evaluated against. This checklist is called a Device Posture Profile (also called Host Information Profile) and includes information about whether data is encrypted, if antivirus signatures are up to date, if the device is jailbroken, and more. You can use the device state information to enforce policy.
Define your organization's applications and associated risks. Additionally, you can group a collection of applications to create Application Groups or Application Categories that require the same policy enforcement and simplifies administration of your rulebase by allowing you to update only the affected application group, rather than multiple policies, when there is a change of applications you support. Create an Application Category to dynamically group applications based on application attributes that you define. This is useful when you want to safely enable access to applications that you do not explicitly sanction but want users to be able to access.
Custom Application Groups
Custom URL Categories
Create a custom URL category object to use in a Web Access policy to specify exceptions to URL category enforcement, and to create a custom URL category based on multiple URL categories.
Dynamic URL Lists
Define an imported list of URLs that you can use in policies to block or allow traffic.
Tag policies and objects to group related items and add colors to visually distinguish them from other configured policies and objects for easy scanning. You can tag all Web Access policies, as well as address objects, and address groups. You can apply one or more tags to any policy or object, with up to a maximum of 64 tags. Prisma Access supports up to 10,000 tags.
Centrally manage the certificates you use to secure communication across your network. In one place, set up your certificates, add certificate authorities (Prisma Access includes preloaded certificates for well-known CAs), add OCSP responders, and define certificate checks you want to require. The certificates and settings you set up here can be used throughout your Prisma Access deployment to secure features like decryption, your authentication portal, and the GlobalProtect app.
Define a schedule to limit a web security policy to specific times.
Preview the web pages that display to users when their traffic triggers a web access policy action.
Recommended For You
Recommended videos not found.