Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
About Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.

Discussions

Welcome to the Prisma Access Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 2719 Views
  • 0 replies
  • 1 Likes

GlobalProtect MFA on iOS

Hi, Has anyone configured 2FA on iOS? We are looking at the possibility of authenticating iOS users to Prisma Access via GlobalProtect. We understand that we can use client certs on the devices, but is it possible to use 2FA on the iOS devices, and what are the ramifications of using 2FA for the end user, for example will push email stop worki...

Web Security vs URL access management profiles

Hello, I'm curious about the distinctions between Web Security (SWG) and URL access management profiles (Web filtering). when is it appropriate to use each one? Additionally, I'm interested in knowing if they can be implemented simultaneously and what the best practices and use cases would be for such a scenario.

Resolved! How to exclude a specific file name from a file blocking rule

I need to allow files of a specific name of a specific type to be exempted from a security profile file type blocking rule . Eg i want to allow a specific Chrome extension file (crx) from their webstore but no others . The file blocking security profile definition can block CRX, but i cant find away to allow a file of a specific name (the chrom...

Fileupload Api scanning

Hi Team, Can anyone suggest which Prisma cloud module suitable for antimalware scan while end user uploads file with Fileupload API to the server (please refer the link for file upload vulnerabilities : https://malware.expert/modsecurity/php-file-upload-vulnerabilities/) TIA

Resolved! Mass object creation

Hi y'all, Any advice on how to perform mass object creation on the strata cloud cloud manager ? I have a lot of objects to create and I would like to ease the process. Thought of using API but maybe there is a easier way of doing it. Thank you. Regards, Missakid

Configuration Policy for Online Meetings only allow Port UDP

We created a Security policy to allow Online meeting only UDP ports that enter Prisma Access. There are 4 applications namely Webex, Google meet, Teams, and Zoom. 3 applications other than Zoom are running properly according to the rules made, but the Zoom application is still not working.All the parameters needed have been entered into the Poli...

Using Cloud IDentity Engine to enforce group-based policies in Azure AD

Hi All, Question on retrieving user-group mappings only, using Cloud Identity Engine to enforce group-based policies. So i have this setup at the moment:Panorama managed FWs in Azure with Global protect (works)The FWs use SAML currently for authenticating GP users against Azure AD (works) Additionally, what I want to achieve is the following.T...

PA_nts by L4 Transporter
  • 3092 Views
  • 3 replies
  • 0 Likes

Resolved! Applying different HIP Checks to different Global Protect App Groups

Hello, We're trying to figure out if there's a way to have different HIP Profiles attached to different Global Protect App groups. At the highest level, we have two Global Protect App Settings / Groups defined. One is default and one is for Contractors. Contractors who connect to Global Protect get assigned slightly different settings for a nu...

How to block command & control traffic on IP address

Targeted Command & control processes or nefarious data extractions primarily go outbound using a IP address rather than a FQDN for the URI. In PRISMA how can i create a rule to block all all outbound traffic directed at IP addresses (not preknown) , unless address is in an exception group ? Aware that IP directed requests like https://1.2.3....

Prisma aggregate bandwidth migration

Hello all, we are using remote network tunnel managed through panorama . but when i tried to migrate bandwidth allocation to Aggregate bandwidth it not working giving below attached error as 'Migration Error' 'There was an error while trying to migrate: TypeError: resp.result.result.err_msg.replace is not a function' anyone knows what is solut...

Vinayak1 by L1 Bithead
  • 4442 Views
  • 5 replies
  • 0 Likes

Monitoring Data Redistribution Agent

Hi All, We have configured 2 Data Redistribution Agent servers in Prisma managed via Panorama. Is there any Monitoring report that i can configure if there is any issue with the servers? I see no options in Strata Cloud Manager and also did not find any reports or monitoring related to this. Please suggest is there is any such options at all? Re...

Resolved! Understanding number of locations for Local type

Hi All, I have a question related to Prisma Access License.As you know, there are two types of licenses; local and worldwide.When I select "LOCAL" type, there is limitation on number of locations which is up to 5 locations. My understanding is that I can select 5 locations for MU and another 5 locations for RN,and these limitations (max. of 5)...

emr_1 by L6 Presenter
  • 2785 Views
  • 2 replies
  • 0 Likes
  • 393 Posts
  • 79 Subscriptions