Prisma Access
View and Monitor ZTNA Connector Access Objects
Table of Contents
View and Monitor ZTNA Connector Access Objects
View and monitor ZTNA Connector access objects in your applications.
| Where can I use this? | What do I need? |
|---|---|
|
|
Get visibility into your private apps that were added through ZTNA Connector access
objects by viewing data such as the number of apps added by FQDNs, IP subnets, and
wildcards, each access object's connectivity status, and the Connector Groups and Connectors associated with each access object.
By viewing this information, you can get an overall picture of the health and
connectivity of your deployment.
The private apps in the data centers connect to Prisma Access through
your Connector virtual machines (VMs). You can add apps based on these access
objects—FQDNs, FQDN wildcards, or IP subnets.
- FQDNs—Prisma Access resolves the FQDNs of the applications you onboard to ZTNA Connector to the IP addresses in the Application IP address block.
- Wildcards—For wildcard-based apps, create an FQDN-based connector group, then specify the wildcard to use (for example, *.example.com) for the app target. When users access sites that match the wildcard, those apps are automatically onboarded for access from ZTNA Connector for your mobile users and remote network users.
- IP Subnets—Create an IP subnet-based Connector group, and then enter the IP subnet to use for the app target.
In Strata Cloud Manager, go to to get visibility into your ZTNA Connector access objects.
All Access Objects
View Total ZTNA Access Objects to view information about all
of your ZTNA Connector access objects—FQDNs, wildcards, and IP subnets—in real time.
The number in Total ZTNA Access Objects and ZTNA Access Objects table
should match, representing the number of FQDN apps, subnet apps, and discovered
wildcard apps.
- View a graph of the Total ZTNA Access Objects in your environment by
Status, which means the automated secure tunnels for the access object are Up,
Partially Up, Down, or Disabled. If the status is down, the connector
associated with this access object can't reach your application.
- Up—All tunnels are up.
- Partially Up—Some tunnels are up and others are down or disabled.
- Down—All tunnels are down.
- Disabled—All tunnels are disabled.
Select a status color square in the Total ZTNA Access Objects widget to sort access objects by Status in the ZTNA Access Objects table.![]()
- Total Wildcards and Total IP Subnets summarizes how many
IP Subnets and Wildcard rules you've onboarded. This is the number of wildcard rules that you
created, which is a different total than the number of apps
discovered as a result of creating these rules.
![]()
- ZTNA Access Objects provides information about all of your access objects.
- Access Object—Select a specific access object to view its details.
- Status—The automated secure tunnel for the access object is Up, Partially Up, Down, or Disabled.
- FQDN/IP Subnet—The FQDN or IP subnet used to add this access object.
- Fabric IP (If Applicable)—The fabric IP associated with this access object.
- Connector Groups—Connector Groups are logical groupings of connectors and applications. View the Connector Groups associated with an access object.
- Connectors—Connectors represent the VMs running in your data centers that connect to Prisma Access. View the Connectors associated with an access object.
![]()
Select any Access Object to view its details.
- Connector Groups—See how many Connector Groups are associated with this access object. Select a Connector Group to view information about its Service Connections.
- Connector Group Status (Current)—Up, Partially Up, Down, or Disabled.
- Connectors—Number of Connectors in this Connector Group.
- Application Targets—Number of Application Targets in this Connector Group.
- Bandwidth—Select the Bandwidth button to view bandwidth information for this access object.
Select any of an access object's Connectors to view its
details.
- PA (Prisma Access) Location—The Prisma Access Location associated with each Connector.
- Config status—The Connector's configuration status is OK or Error. If the status is Error, the ZTNA Connector hasn't finished onboarding.
- Fabric CIDR—The Fabric CIDR associated with this Connector.
- Tunnel Status (Current)—The automated secure tunnel status for this Connector.
- Controller Connectivity—Up, Partially Up, Down, or Disabled.
Wildcards
Select Wildcards to see your wildcard access objects. View
Total Wildcards by status and the number of
Total Wildcards and Total IP
Subnets.
Select the arrow next to a wildcard or select View Details for
information about the access objects that make up this wildcard.
- Access Object—Select a specific access object to view its details.
- Status—The automated secure tunnel for the access object is Up, Partially Up, Down, or Disabled.
- FQDN/IP Subnet—The FQDN or IP subnet used to add this access object.
- Fabric IP (If Applicable)—The fabric IP associated with this access object.
- Connector Groups—Connector Groups are logical groupings of connectors and applications. View the Connector Groups associated with an access object.
- Connectors—Connectors represent the VMs running in your data centers that connect to Prisma Access. View the Connectors associated with an access object.
Select any Access Object to view its details.
- Connector Groups—See how many Connector Groups are associated with this access object. Select a Connector Group to view information about its Service Connections.
- Connector Group Status (Current)—Up, Partially Up, Down, or Disabled.
- Connectors—Number of Connectors in this Connector Group.
- Application Targets—Number of Application Targets in this Connector Group.
- Bandwidth—Select the Bandwidth button to view bandwidth information for this access object.
Select Connector Groups or Connectors
to see the unique connector groups or connectors associated with the access objects
in the wildcard.
IP Subnets
Select IP Subnets to see your total of IP subnet access
objects. One IP subnet access object consists of a grouping of several different
apps.
View Total IP Subnets in your environment by Status (Up, Partially Up, Down,
or Disabled).
IP Subnet ZTNA Access Objects provides information about all
of your access objects.
- Access Object—Select a specific access object to view its details.
- Status—Up, Partially Up, Down, or Disabled.
- IP Subnet—The IP subnet used to add this access object.
- Connector Groups—Connector Groups are logical groupings of connectors and applications. View the connector groups associated with an access object.
- Connectors—Connectors represent the VMs running in your data centers that connect to Prisma Access. View the connectors associated with an access object.
Select any Access Object to view its details.
- Connector Groups—See how many Connector Groups are associated with this access object. Select a Connector Group to view information about its Service Connections.
- Connector Group Status (Current)—Up, Partially Up, Down, or Disabled.
- Connectors—Number of Connectors in this Connector Group.
- Application Targets—Number of Application Targets in this Connector Group.
- Bandwidth—Select the Bandwidth button to view bandwidth information for this access object.
Select Connector Groups or Connectors
to see the unique connector groups or connectors associated with the access objects
in the IP Subnet.