Prisma Access Agent extends
configuration validation and notification
capabilities to Panorama managed deployments, providing you with
real-time alerts about outdated or invalid configurations that could impact service
availability. When you initially set up the agent using the Prisma Access Agent
configuration interface (EPM), the agent inherits objects managed in Panorama like
gateway settings and certificates. After the initial setup, any changes in Panorama
are not reflected in the EPM, causing the agent configurations in the EPM to become
outdated. The Prisma Access Agent configuration interface now displays notification
banners when dependent objects such as gateways or certificates become stale. For
example, you will receive notifications when gateways deleted on Panorama remain in
use in EPM configurations, or when expired or deleted authentication override
certificates on Panorama remain in use in the EPM configuration interface. You will
also receive a notification when certificate profiles in the HIP section of the
Prisma Access Agent Settings page become outdated. These notifications appear as
banners that can’t be dismissed across all configuration pages until you resolve the
underlying issues, ensuring that critical configuration problems are not overlooked
or ignored.