Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
About Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.

Discussions

Welcome to the Prisma Access Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 2719 Views
  • 0 replies
  • 1 Likes

Mobile Users Explicit proxy configuration is not showing under panorama managed Prisma Access

We are using below PANOS and Cloud service plugin version for Panorama managed Prisma Access. PANOS version of Panorama - 10.0.6Cloud Service Plugin - 2.1 Preferred But I am not able to see Mobile users explicit proxy tab under onborading confiuration of cloud services on Panorama. After checking I have found 2.0 and 2.1 innovation are supported...

Prisma Access GlobalProtect Pre-Logon

Anyone have any luck with getting GlobalProtect Pre-Logon going wih Prisma Access? Currently testing with an internal CA with bor=th the Root and Intermediate installed in the Mobile User Templete. Client tries to connect and immediately receive an error "Client cert not present". We have tried a self-signed cert and get the same error message.

Can you use prisma access as a Prisma SaaS inline CASB control point for cloud applications?

Does this mean "For visibility and control of unmanaged devices, add a clientless VPN portal that you host or that resides in your Prisma Access infrastructure." that the Prisma Access can be used like the on premise firewalls as Inline CASB proxy and you don't need on premise firewalls for inline CASB? https://docs.paloaltonetworks.com/saas-se...

Understand Flow Decision Bitmap of Prisma SD-WAN

Can someone please help me to understand this flow (refer the attach image of Bitmap , Advance Info Tab, Paths in Policy and Circuits) I got below question on 1st image of Bitmap1. what each line in bitmap means ?I got below question on 2nt image of Advanced Tab1. How CG determines Available WAN network? We have 3 circuits but it is only showing...

CG Bitmap - Community.jpg
Rupesh_A by L0 Member
  • 3428 Views
  • 1 replies
  • 0 Likes

New Prisma SASE!!

Just incase you missed it, I have written a blog talking all about the new Prisma SASE solution.. Palo Alto Networks Unveils Prisma SASE: Cybersecurity's Most Complete SASE Solution Please take a minute and check it out.

jdelio by L7 Applicator
  • 6376 Views
  • 1 replies
  • 4 Likes

Directory Sync and Prisma access

I'm considering using Directory Sync for my Panorama-managed Prisma access tenant and would like to clarify certain aspects of using Directory Sync.- Is there a recommended number of Cloud Identity agent hosts to be deployed?- Palo Alto's documentation says the certificates generated using the Cloud Identity Engine apps expires 3 months from iss...

MartinE by L2 Linker
  • 3511 Views
  • 0 replies
  • 0 Likes

Prisma Access

AllAnyone is currently using prisma access ? Any feedback. I know the cost is user based plus bandwidth. we have multiple location with PANFWs connecting to Data Center via VPN like SD WAN. If we use Prisma, Data Center FW will still need threat license to protect NAT IP/services. Will administration of Prisma be easy ? Any feed back is helpful ...

Resolved! Sending alerts from Panorama via email

Hello, we have configured panorama 10.0.5 to send filtered system logs to email and it works but only for logs generated on panorama. Log filter shows also logs from managed firewalls but thoose logs are not sended and i don't know why. Did anybody had succed sending system logs collected on panorama via email eg. admin login events ? regards,Tomek

Tunnel monitor Prisma Access

Hi All, I build a service connection with Prisma Access (Panorama Managed) and on-prem PA firewall.As I would like to setup a tunnel monitor, but it is required a IP address for tunnel interface and destination. What IP should I input for destination? "Tunnel Monitor IP Address" show in "Service Infrastructure"?And what IP should I assign for op...

JoeKwok by L2 Linker
  • 13621 Views
  • 5 replies
  • 0 Likes

Log out SASE without any alert

My company has just introduced prisma access (SASE) in this year.According to increasing telecommuing and business trip, the concept of SASE is greate and fit to our requirement that everyone can use and external netwrok like an internal network always. By the way, there is a very weird contraint on global protect agent which should ensure netwo...

Very strange limitation of log-in lifetime seletable oprions.

My company has just introduced prisma access (SASE) in this year.According to increasing telecommuing and business trip, the concept of SASE is greate and fit to our requirement that everyone can use and external netwrok like an internal network always. By the way, there is a very weird contraint on global protect agent which should ensure netwo...

Some Palo Alto firewalls in our network can't register to Cortex Data Lake.

Hello!We have about 10 offices, each of them has a firewall, all of them are under Panorama control. Some of these firewalls cannot register in the Cortex Data Lake, if I try to add them manually there, I see the Certificate Status "Needs certificate".Licenses aren't expired. I tried steps from that doc:https://live.paloaltonetworks.com/t5/prism...

Use HIP to deny logon to PA with exception

Has anyone effectively used HIP to deny login to Prisma Access? One of the biggest challenges we had with AnyConnect (and a large reason we are moving away) is that there were no native methods for controlling which device a user was connecting with. I have built a Security Pre-Rule that references the Domain-joined HIP Policy, and I can see the...

Thrace by L0 Member
  • 4128 Views
  • 2 replies
  • 0 Likes

Cloudgenix Prisma SD-WAN network logs

cloudgenix Prisma SDWAN: Who does know the command line on cloudgenix to retrieve actual network log changes ? I am not looking for bgp automated syslog update but an actual network change like adding static route or shutting down an interface

  • 393 Posts
  • 79 Subscriptions
Top Solution Authors