Remote Browser Isolation (RBI) protects your managed users through isolation, by ensuring that
websites load in a protected air-gapped environment and that no malicious code executes
on the browser on their managed devices.
You can safeguard your users' browsing experience by taking the following steps during
Remote Browser Isolation onboarding:
Create
isolation profiles that determine what browser actions a user can
take during an isolated browsing session, such as preventing the user from
copying, downloading, and printing anything from an isolated website. This way,
you can minimize potential data loss when users try to copy, download, or print
sensitive data from isolated websites.
Create or update a URL access management profile and attach the isolation profile
to it. In the URL access management profile, you can set up access control for
specific URL website categories that undergo isolation during browsing, and
associate an isolation profile that defines the permitted browser actions for
websites in those categories.
Set up additional Cloud-Delivered Security Services, such as Advanced Threat
Prevention, Advanced WildFire, Advanced URL Filtering, DNS Security, and SaaS
Security, and apply them to traffic from isolated browsing sessions.
RBI is available in the
following Prisma Accesslocations:
When users on managed devices connect to the Prisma Access infrastructure using
the Mobile Users or Remote Networks connection method, they can browse a website in
isolation if the website belongs to a URL category that you have designated for
isolation.
Your managed users on the supported
desktop and mobile devices can use the following 64-bit web browsers for isolated
browsing. A — indicates that the operating system and browser combination is not
supported.
Operating System
Mozilla Firefox
Google Chrome
Microsoft Edge
Safari
Android
√
√
√
—
iOS
√
√
√
√
iPadOS
√
√
√
√
macOS
√
√
√
√
Windows
√
√
√
—
URLs shown on the remote browser will look the same as the original URLs, with no
prefixes added to the addresses. When a user tries to perform browser actions that
you prohibited, RBI notifies them with pop-up
notifications.
If the user accesses a link on a nonisolated website, the URL of the link is matched
against isolation security policies for the connection method (GlobalProtect,
Explicit Proxy, or Remote Networks). When there is a policy match, the browser
session gets isolated.
When users encounter issues during isolated browsing, they can report the problem
from the isolated browser.
You can apply any security profiles on Prisma Access to the traffic from RBI to the destination websites.
