Prisma Access Agent Stale Configuration Management on Panorama Managed Deployments
Focus
Focus
What's New in the NetSec Platform

Prisma Access Agent Stale Configuration Management on Panorama Managed Deployments

Table of Contents

Prisma Access Agent Stale Configuration Management on Panorama Managed Deployments

You can receive notifications of outdated Prisma Access Agent configuration settings for Panorama managed deployments.
Prisma Access Agent extends configuration validation and notification capabilities to Panorama managed deployments, providing you with real-time alerts about outdated or invalid configurations that could impact service availability. When you initially set up the agent using the Prisma Access Agent configuration interface (EPM), the agent inherits objects managed in Panorama like gateway settings and certificates. After the initial setup, any changes in Panorama are not reflected in the EPM, causing the agent configurations in the EPM to become outdated. The Prisma Access Agent configuration interface now displays notification banners when dependent objects such as gateways or certificates become stale. For example, you will receive notifications when gateways deleted on Panorama remain in use in EPM configurations, or when expired or deleted authentication override certificates on Panorama remain in use in the EPM configuration interface. You will also receive a notification when certificate profiles in the HIP section of the Prisma Access Agent Settings page become outdated. These notifications appear as banners that can’t be dismissed across all configuration pages until you resolve the underlying issues, ensuring that critical configuration problems are not overlooked or ignored.