Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
About Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.

Discussions

Welcome to the Prisma Access Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 2711 Views
  • 0 replies
  • 1 Likes

Post Command getting denied in Postman for Creating Object

Hi All, Im using postman to work on my Firewalls and Im having the following issue: My Goal: to create bulk objects and object groups. Work Done: Connected Postman with Prisma Access using Bearer token. User: Service Account with superadmin role. Success: Can read Object, Object groups, Rule base using GET command in Postman. I get proper ...

HIP distribution into Remote Networks

We have: * Mobile Users * Remote Networks * Internal Gateways We get Mobile Users userid and hip data by redistributing into the on-prem environment from all three Service Connections. However, we setup distribution into Remote Networks from the Internal Gateway and TAC said it's not a supported configuration to distribute into Remote Netw...

Internal DNS Issue via Prisma Access

Hi Team, Recently we have done Prisma SASE deployment, below is the infra details:- 1. Private Application hosted on AWS. 2. Tunnel created between Prisma & AWS via ZTNA Connector. 3. Users connect private application via Global Protect or Prisma Browser. 4. Application host in AWS via Internal load balancer. 5. DNS Server deployed in AWS ...

Prisma Browser for Mobile

hello expert, Already set up the Remote Connection, private apps and Connector set up, however, it RDP and Private apps did not show in Mobile PB agent, https://www.paloaltonetworks.com/resources/datasheets/prisma-access-mobile-solutions-aag is there anything missing? Prisma Browser

SeanDeHarris_0-1780481532571.png

Does Prisma Browser support device-based Conditional Access (device ID / compliance)?

Hi all, I’m currently investigating an issue with Prisma Access Browser (Android) in combination with Microsoft Entra Conditional Access and wanted to check if anyone has faced something similar. Setup: - Prisma Browser deployed via Intune (Android Enterprise, fully managed/BYOD) - Company Portal installed and device properly enrolled - Micr...

SeriThal by L0 Member
  • 854 Views
  • 3 replies
  • 0 Likes

Resolved! Prisma Access and Prisma SD-WAN different GUI?

Hello , Recently I watched the workshops for Prisma Access and SD-WAN (Virtual Ultimate Test Drive - Palo Alto Networks) to refresh my SCM knowledge and the SCM GUI was a little different. Is there a reason for that ? I thought everything will be in one GUI as to be unified.

PAC File for Prisma Access China

Hi, Currently deploying Prisma Access China. No service connection license, hence, PANW on-prem FW is added as External Gateway. I have enabled and configured PAC file. I'm expecting that internet traffic will pass through Prisma Access but upon checking, it passes through on-prem firewall (checked by using ipchicken.com). I have attached the ...

IBalaro by L1 Bithead
  • 472 Views
  • 2 replies
  • 0 Likes

Palo-hosted EDL empty when using certificate profile

Hi Guys, I can’t use my SaaS EDLs in Prisma. It works fine on-prem, but in Prisma the list contains 0.0.0.0/0 entry. When I remove certificate profile, it work well. I configured decryption exclusion for Prisma Infra subnet as I had decryption errors for Palo SaaS URL. i did not configure any security policy from infra subnet to internet (bu...

Prisma Access (SWG):- Need to give access of Github's specific repositories to specific prisma access users

I have a specific use case requiring granular access control for GitHub repositories through Prisma Access. We need to restrict specific users to a defined subset of repositories (e.g., ://github.com*) while ensuring all other GitHub resources remain inaccessible. This is to ensure we are following the Principle of Least Privilege for our extern...

PRISMA Access Intrazone Default - As a firewall engineer this rule gives me the creeps

Quick on for all you PRISMA SASE heads out there. Finally getting stability on macOS (god bless GP version 6.2.3) . Now it's time to harden up a little bit - easy to do with a firewall I manage but not sure of the ramification on PRISMA. So,, Intrazone-Default is allowed by default and it get some farily nasty attacks on the untrust to unstr...

Cross border connectivity option(Prisma Access China)

Attention: JAPAC TPM teamHello Team, When integrating Prisma Access China with Prisma Access Global,my understanding is that one of the following options is required:-Cross Border Line (CBL)-Premium Internet (PI) We are considering Cross Border Line (CBL), but does the availability of a whitelist service determine whether international inter...

y.saitou by L3 Networker
  • 7302 Views
  • 3 replies
  • 0 Likes

Prisma Browser with E-DLP configure OCR

Hello Team, I'm currently testing with Prisma Browser Standalone with an Eval license. I want to enable OCR settings in E-DLP and test them, but I don't see the OCR setting in the Detection method. Is this because my account was issued through Eval? I confirmed in the documentation that OCR is available in PB. Referred to Link : https://docs...

Prisma Access Service Connection to Palo Alto FW in HA-AA

Hi, We were able to make the tunnels up under 1 Service Connection (with 2 tunnels, primary and secondary) in Prisma Access and 2 tunnels in Palo Alto FW with Active-Active HA setup. If both tunnels are up, loopback IP in FW1 is accessible from GP user. But when the primary went down and secondary tunnel is still up, GP user in unable to reach...

IBalaro by L1 Bithead
  • 766 Views
  • 1 replies
  • 0 Likes

Prisma Access Explicit Proxy — Anti‑Spyware behavior when DNS bypasses Prisma (logging subtype + test methodology)

Attention: JAPAC TPM TeamHello Team, I have a question about the Anti-Spyware profile behavior in a Prisma Access (Explicit Proxy) environment. Scenario- Clients use Explicit Proxy to reach Prisma Access for web traffic.- DNS resolution does not traverse Prisma Access (it is resolved by a local resolver / another path).- An Anti-Spyware prof...

Imas4to by L2 Linker
  • 712 Views
  • 0 replies
  • 0 Likes

China mainland Mobile users questions

Hi expert, If we do not have Prisma Access China license, but still want to connect China mainland mobile users to closed MU-SPN overseas, say Japan pop. If this will be blocked by Greate FW, and if it is, if any workaround. Also, can connect to the overseas SC and then send traffic to Prisma Access Cloud ? If can do that, how to achieve it. ...

  • 392 Posts
  • 79 Subscriptions
Top Solution Authors