SaaS Security Inline protects against cloud‑based threats by blocking traffic for
unsanctioned SaaS apps and risky user activity using Security policy. Use the
following workflow if you want to use all the features of
SaaS Security Inline, including
App-ID Cloud Engine (ACE), SaaS policy
rule
recommendations, and SaaS visibility.
Step
1: Activation
Learn about
SaaS Security Inline. (All administrators)
Learn about the
Hub roles that enable
administrators to collaborate on
SaaS Security. (All
administrators)
Learn about
ACE. (Web Security
administrator)
With a
SaaS Security Inline
license, ACE is enabled by default
on
Prisma Access (Managed by Strata Cloud Manager).
Activate
SaaS Security Inline on the Hub. (SaaS administrator)
Step 2: SaaS Security Configuration
- Enable Web Security. (Web
Security administrator)
Integrate with Azure
Active Directory so that
SaaS Security Inline can identify your AD
groups. (SaaS administrator)
Add administrators to manage
SaaS Security. (Security administrator)
Step 3: Policy Rule Recommendation Enforcement
Review the guidelines for
effective collaboration and rulebase management. (All administrators)
Author and submit SaaS policy rule
recommendations to your
Prisma Access administrator, after adhering to prerequisites. (SaaS
administrator and Data Security administrator)
Import and push new SaaS rule
recommendations. (Web Security administrator)
Push new SaaS rule
recommendations. (Security administrator)
Step 4: Policy Rule Recommendation Management
