>
    Prisma Access Browser Prerequisites
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma Access Browser
    3. Prisma Access Browser Prerequisites
    Download PDF
    Prisma Access Browser

    Prisma Access Browser Prerequisites

    Table of Contents

    Prisma Access Browser Prerequisites

    Learn about the prerequisites for Prisma Access Secure Enterprise Browser (Prisma Access Browser), including: system requirements, domains to allow, and IdP proxy requirements,.
    Where Can I Use This?What Do I Need?
    • Strata Cloud Manager
    • Standalone Prisma Access Browser
    • Prisma Access with Prisma Access Browser bundle license or Prisma Access Browser standalone license
    • Superuser or Prisma Access Browser role

    System Requirements

    Windows
    • Windows 10 64-bit
    • Windows 11 64-bit
    • No admin privileges are required
    macOS
    • macOS Big Sur 11.0 or later.
    • Intel x86 or Apple M1 and above
    • No admin privileges are required
    Android
    • Android 11 and above
    iOS
    • iOS 17 and above

    Domains to Allow

    The Prisma Access Browser communicates with the following domain:
    • *.talon-sec.com/* See below
    Replacing *.talon-sec.com/*
    If your organization is not able to use an all-encompassing URL, enter the following URLs:
    Palo Alto Networks highly recommends that the https://*.talon-sec.com entry be used as a network requirement.
    There is no guarantee that this list will not change. URLs may be modified and additional services may be added in the future.
    Domains to Allow
    Service NameURLDescription
    Devicehttps://gateway.eu.talon-sec.comDevice posture and Policies
    Event Ingestionhttps;//gateway.eu.talon-sec.comSending web activity events to Strata Cloud Manager for monitoring
    Loginhttps;//login.eu.talon-sec.comLogin Service
    Configurationhttps;//gateway.eu.talon-sec.comPolicy configurations
    Login Proxyhttps;//ext-proxy.eu.talon-sec.comUser management and Authentication service
    URL Categorieshttps;//classifier-auf.talon-sec.comURL categories and classification service
    Synchttps;//gateway.eu.talon-sec.comSecure profile sync between services
    Vaulthttps;//gateway.eu.talon-sec.comSecurity protocols
    Static Assetshttps;//assets.eu.talon-sec.comYour logo and browser background image
    Onboardinghttps;//auth.eu.talon-sec.comThe onboarding flow for new users
    User Requestshttps;//gateway.eu.talon-sec.comAdmin approvals
    Malware Protectionhttps;//classifier-auf.talon-sec.comScanning for malware on new file upload/download
    Updatehttps;//gateway.eu.talon-sec.compushing browser updates
    Crash Reportinghttps;//sentry.prod-eks.talon-sec.comSending crash data
    Identity Servicehttps;//gateway.eu.talon-sec.comIdentity service providing tokens to access operational APIs
    Sessionshttps;//gateway.eu.talon-sec.comSession management
    IDP Proxyhttps;//idp-proxy.talon-sec.comIDP Proxy
    This FQDN resolves to the following IP addresses:
    13.248.159.237
    76.223.24.47

    IdP Proxy Requirements

    The IdP Proxy prevents applications from using the Prisma Access Browser. To enable the proxy to function, your firewall/proxy must allow access to the following IP addresses.
    Ingress IP addresses - traffic will flow into the proxy through:
    https://idp-proxy.talon-sec.com
    This FQDN resolves to the following IP addresses:
    13.248.159.237
    76.223.24.47
    Egress IP addresses- Traffic will flow out of the proxy through:
    If your Prisma Access Browser tenant is located in the US:If your Prisma Access Browser tenant is located in the EU:
    3.88.246.246
    3.231.124.107
    18.159.163.147
    3.73.9.244
    3.73.9.169
    3.123.106.233
    3.68.54.94
    35.85.101.56
    54.214.168.174
    44.238.8.92
    54.184.95.247
    52.207.65.93
    50.19.8.101
    3.222.196.200
    54.71.84.74
    18.198.253.83
    3.65.70.29
    3.78.96.210
    18.198.253.83
    3.65.70.29
    3.78.96.210

    © 2024 Palo Alto Networks, Inc. All rights reserved.