Manage Explicit Proxy Mobile Users
Table of Contents
Manage Explicit Proxy Mobile Users
For users to connect to Prisma Access using Explicit
Proxy, you no longer need to divide your mobile users license between
the users you want to secure with GlobalProtect and the users you
want to secure with an Explicit Proxy. Explicit Proxy uses your
existing Mobile User license.
When you purchase a Mobile User license, by default
you can enable Explicit Proxy in addition to or instead of GlobalProtect.
To enable Explicit Proxy, refer to the following sections:
View the Health of Your Explicit Proxy Mobile Users
The
Monitoring Summary
tab gives
you an overview of the health status of all the Mobile Users logged
into Prisma Access. Connected Users
Connected Users
shows the number
of users connected to Prisma Access in the Time Range
selected.
Hover over a point in the chart to see the number of users at a
specific time.
License Consumption
Consumption Status
shows the
number of users who have logged in to Prisma Access at least once
in the past 90 days using Explicit Proxy. The usage is expressed
against the total procured mobile user licenses as opposed to separating
a pool of Explicit Proxy licenses from the total mobile user licenses.
Top 5 Open Alerts by Severity
By default, only the nodes with the top five most severe
alerts during the
Time Range
selected appear.
The vertical lines represent the severity of the alerts. Drilling
down into an alert gives you more context of the underlying issue.
These alerts cannot be cleared manually. They can be cleared only by
resolving the underlying issue. View All Mobile User Alerts
link
takes you to the Alerts
page, where you can
filter the data displayed by Status
and Use Case
.When you drill down into an alert, the
Alert Details
page opens.
This page displays the status and description of the alert along
with other information, such as the Alert Generation Timestamp,
alert status as to whether the alert is open, the alert type, Prisma
Access location from where the alert was generated, and the name
of the tenant that was affected. Select the name of the tenant to
open the Prisma Access Location page for the tenant, which shows
you the detailed tenant status.Top 5 Most Active Prisma Access Locations for Mobile Users
Use this bar graph to view the most active Prisma Access
locations based on the number of connected users at that time. It
shows you the top five sites based on users connected to a particular
Prisma Access location. Hover over a bar to see the details of the
number of Mobile Users that were logged in by region in the specified
Time
Range
. 
Map View of Mobile Users Connected to Prisma Access
The tab shows all the
Mobile Users gateway locations and their status on a map. The inverted
triangles on the map are color-coded to indicate Prisma Access location
status:
- Green: If any one instance is up, the MU location is connected, or up.
- Red: If all instances are down, the MU connection is disconnected, or down
- Gray: If instance states are a mixture of disconnected and unknown, the MU location is unknown.
The
Login Timeline
is based on the Time Range
that
you have selected and shows intervals within that time range. The
user data that you see on the map (inverted triangle markers) is
the data for the selected time slice within the Login
Timeline
. A time slice varies depending upon what you
select in the Time Range
filter. For example,
if you selected Last 7 Days
your time slice could
be one day or if you select the Last 15 minutes
,
your time slice will be one minute. By default, the user data is
set to show the last time slice on the Login Timeline
.
So, by default all the markers on the map will reflect the data
for the selected time slice. To see the data for a different day, click one of the vertical
lines in the
Login Timeline
. The color of
the markers on the map represents the current status of the location.
Use the legend in the widget to decipher the status based on the
color. Hover on a location to see the name of the location and the
number of unique user connections for the location. Selecting a
location icon shows the flight path from where the mobile user is
connecting to the gateway. The flight path also shows where your
users are connected from, if they are connecting from long range
or short range. Long-range connections are connections that are
connecting from 500 miles or more from the Prisma Access Locations.Monitor Connected Mobile Users
The
Mobile Users List
tab provides
data on your users connected during the Time Range
selected. Unique Mobile Users
This widget displays the number of new unique Mobile
Users who have logged in at least once during the
Time
Range
out of the aggregate of all the users logged in.
Unique Mobile Users Connected Over Time
The trend line in this widget shows how many unique
users logged in during the specified
Time Range
.
Number of Unique Mobile User Connections
This table displays all the unique connections within
the specified time range and can also be filtered based on the data
point that you select on the unique login. The table is filtered
based on a data point that you select in
Unique User
Logins Over Time
. When you select a user ID in the table,
you get the details on the user’s connection.The
Connect Method
column shows you whether
the user is connected to Prisma Access using GlobalProtect or explicit
proxy. The columns displayed in the table will vary based on which Connect Method
you
have selected. For instance, if you selected GlobalProtect
,
you see the OS Family/Version
and the GP
Client Version
columns but if you select Explicit
Proxy
, then these columns do not show. Instead, you
see the Browser
column that is applicable
to explicit proxy. If you select both, then you see only columns
that are applicable to both.
You can search for a specific Mobile User by entering the username
in the
Search All Mobile Users
column. This
opens the Mobile User details page for the user. Both GlobalProtect
and Explicit
Proxy
will be selected in the Connect Method
by
default to ensure that all users are searched.Mobile User Details
If you select a specific
Mobile
User ID
in the (Number of) Unique Mobile
Users Connections
table, the data on this page will
be filtered by default based on the Connect Method
option
that you had selected in the Mobile Users List
tab.
You’ll see the Browser
column that applies to Explicit
Proxy
.