Prisma Access Mobile User Deployments
Learn about the different mobile user deployment types
in Prisma Access.
If you determine that your deployment would benefit by having
some users connect using GlobalProtect and some users connect using
an Explicit Proxy, Prisma Access allows you to distribute the users in
your GlobalProtect for Users license between Mobile Users—GlobalProtect
and Mobile Users—Explicit Proxy. However, users cannot connect using
GlobalProtect and an explicit proxy from the same endpoint.
Secure Mobile Users with GlobalProtect—If your
goal is to secure mobile users’ access to all applications, ports,
and protocols, and to get consistent security whether the user is
inside or outside your network, use Mobile Users—GlobalProtect.
The GlobalProtect infrastructure is deployed for you and scales
based on the number of active users and their locations. After you
complete the configuration, users then connect to the closest Prisma
Access gateway (location) you have onboarded for policy enforcement.
This enables you to enforce consistent security for your users even
in locations where you do not have a network infrastructure and
IT presence.
The GlobalProtect app installed on the users'
endpoint secures users traffic to internet, SaaS applications, your
internal and public cloud resources.
Secure Mobile Users with an Explicit Proxy—If your
organization has designed its network around an explicit proxy design,
the explicit proxy connect method will help you quickly replace
the existing method and move to the Prisma Access Secure Access
Service Edge (SASE) solution. You can then send internet and external
SaaS application traffic to the Prisma Access infrastructure and
enforce security in the cloud.
With an explicit proxy, you
configure a proxy URL and a Proxy Auto-Configuration (PAC) file. The
GlobalProtect app is not required to be installed on the users’ endpoints.