Web Security: Objects (Cloud Management)
Web Security
Objects
is where you’ll find the objects that are supported for a web access
policy in Prisma Access Cloud Management.To go to Web Security 
.
Objects
, select
.Object | Helps you: |
|---|---|
Addresses | Group specific sources that
require the same policy enforcement. Address objects can include
IPv4 and IPv6 addresses (single IP, range, subnet), or FQDN. Alternatively,
you may define a region by the latitude and longitude coordinates,
or you can select a country and define an IP address or range. You
can then group a collection of address objects to create an address
group object. |
Address Groups | |
Regions | |
Device Posture | Specify a checklist of device categories and
other device criteria for endpoints to be evaluated against. This
checklist is called a Device Posture Profile (also called Host Information
Profile) and includes information about whether data is encrypted,
if antivirus signatures are up to date, if the device is jailbroken,
and more. You can use the device state information to enforce policy. |
Application Categories | Define your organization's applications
and associated risks. Additionally, you can group a collection of
applications to create Application Groups or Application Categories
that require the same policy enforcement and simplifies administration
of your rulebase by allowing you to update only the affected application
group, rather than multiple policies, when there is a change of
applications you support. Create an Application Category to dynamically
group applications based on application attributes that you define.
This is useful when you want to safely enable access to applications
that you do not explicitly sanction but want users to be able to
access. |
Custom Application Groups | |
Custom URL Categories | Create a custom URL category object to use
in a Web Access policy to specify exceptions to URL category enforcement,
and to create a custom URL category based on multiple URL categories. |
Dynamic URL Lists | Define an imported list of URLs that you can
use in policies to block or allow traffic. |
Tags | Tag policies and objects to group related items
and add colors to visually distinguish them from other configured
policies and objects for easy scanning. You can tag all Web Access
policies, as well as address objects, and address groups. You can
apply one or more tags to any policy or object, with up to a maximum
of 64 tags. Prisma Access supports up to 10,000 tags. |
Certificate Management | Centrally manage the certificates you use to
secure communication across your network. In one place, set up your
certificates, add certificate authorities (Prisma Access includes
preloaded certificates for well-known CAs), add OCSP responders,
and define certificate checks you want to require. The certificates
and settings you set up here can be used throughout your Prisma
Access deployment to secure features like decryption, your authentication
portal, and the GlobalProtect app. |
Schedules | Define a schedule to limit a web security policy
to specific times. |
Response Pages | Preview the web pages that display to users
when their traffic triggers a web access policy action. |
