Manage: Configuration Scope

Table of Contents

Manage: Configuration Scope

With Strata Cloud Manager, you can apply configuration settings and enforce policy globally across your entire environment, or target settings and policy to certain parts of your organization.

Where Can I Use This?	What Do I Need?
Prisma Access (with Strata Cloud Manager or Panorama configuration management) NGFWs (with Strata Cloud Manager or Panorama configuration management)	At least one of these licenses is needed to manage your configuration with `Strata Cloud Manager`; for unified management of NGFWs and Prisma Access, you'll need both: `Prisma Access` license AIOps for NGFW Premium license (use the Strata Cloud Manager app) Software NGFW Credits (for VM-Series software NGFWs) → The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are using.

Where Can I Use This?

What Do I Need?

Prisma Access

(with Strata Cloud Manager or Panorama configuration management)
NGFWs

(with Strata Cloud Manager or Panorama configuration management)

At least one of these licenses is needed to manage your configuration with Strata Cloud Manager; for unified management of NGFWs and Prisma Access, you'll need both:
- Prisma Access license
- AIOps for NGFW Premium license (use the Strata Cloud Manager app)
Software NGFW Credits

(for VM-Series software NGFWs)

→ The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are using.

With Strata Cloud Manager, you can apply configuration settings and enforce policy globally across your entire environment, or target settings and policy to certain parts of your organization. When working in your Strata Cloud Manager configuration management, the current Configuration Scope is always visible to you, and you can toggle your view to manage a broader or more granular configuration.

You can get clarity on the configuration elements that are applicable for a particular Configuration Scope and whether they are inherited from a common Configuration Scope or generated by the system. The color-coded configuration indicators help you understand where the configurations are inherited from, and also visually distinguish the object types for easy scanning.

Grey dot indicates inherited configuration
Purple dot indicates a predefined configuration
Blue dot indicates that the object is present in the current configuration scope

Global configuration settings help you to easily manage and enforce policy requirements that apply across all your network traffic. Alternatively, you can target policy and configuration settings to the types of deployments where they make sense.

Prisma Access
- Mobile Users Container– Settings apply across all mobile user connection types: GlobalProtect and Explicit Proxy, or individually to each connection type.
- Remote Networks– Settings apply to remote network sites (branch offices, retail locations, etc.).
- Service Connections– Settings apply to service connection sites (HQ and data centers).
All Firewalls– Settings apply across all your NGFWs, or to specific folders that group together NGFWs that require shared or specific configuration settings or policy enforcement.

Learn more about:

Workflows: Folder Management
Use folders to logically group your devices and deployment types for simplified configuration management.
Manage: Snippets
Use snippets to group configurations that you can quickly push to your firewalls or deployments.
Manage: Variables
Use variables your configurations to accommodate device or deployment-specific configuration objects.

Manage: NGFW and Prisma Access

Manage: Snippets

Strata Cloud Manager Docs

Manage: Configuration Scope

Strata Cloud Manager Docs

Manage: Configuration Scope

Next-Generation Firewalls

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

Best Practices

Experts Corner