Prisma Access
Access Your Data Center Using Explicit Proxy
Table of Contents
Expand All
|
Collapse All
Prisma Access Docs
-
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
-
-
-
- 5.2 Preferred and Innovation
- 5.1 Preferred and Innovation
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Access Your Data Center Using Explicit Proxy
This is how you use Explicit Proxy to access resources in your data
center.
Where Can I Use This? | What Do I Need? |
---|---|
|
|
You can use service connections to access resources in
your data center, such as external dynamic lists or private and
partner apps, while still benefiting from an Explicit Proxy connection.
Make sure the private apps are not set as DIRECT in the PAC file.
Access Your Data Center Using Explicit Proxy (Strata Cloud Manager)
This is how you access your data center using Prisma Access Explicit Proxy in Strata Cloud Manager.
- Configure a service connection in Prisma Access.Configure DNS settings.Ensure that the DESTINATION Zones for internet-bound traffic is set to untrust instead of any.Failure to perform this step could result in unintended access to your data center.
- Select ManageConfigurationNGFW and Prisma AccessConfiguration ScopeFoldersPrisma AccessMobile Users ContainerExplicit ProxySecurity ServicesSecurity Policy.Open a rule for internet-bound traffic.Ensure Zones under DESTINATION is set to untrust.Repeat for all of your internet-bound traffic rules.Enable private application access.
- Select WorkflowsPrisma Access SetupExplicit Proxy Infrastructure SettingsCreate security policy rules for the data center resources you want to access.
- Select ManageConfigurationNGFW and Prisma AccessConfiguration ScopeFoldersPrisma AccessMobile Users ContainerExplicit ProxySecurity ServicesSecurity Policy.Create security policy rules.In rules for data center access, ensure Zones under DESTINATION is set to trust.
Access Your Data Center Using Explicit Proxy (Panorama)
Access resources hosted in your data center using Prisma Access Explicit Proxy.- Configure a service connection in Prisma Access.Configure DNS settings.Configure zone mappings.
- Select PanoramaCloud ServicesConfigurationMobile Users - Explicit ProxyZone MappingAdd the zones that you will use to access your data center resources to Trusted Zones.Ensure that the Destination ZONE in policy rules for internet-bound traffic is set to an untrust zone instead of any.Failure to perform this step could result in unintended access to your data center.
- Select Policies.Set the Device Group to Explicit_Proxy_Device_Group.Change the Destination ZONE from any to one of the untrust zones you configured in an earlier step.Enable private application access.
- Select PanoramaCloud ServicesConfigurationMobile Users - Explicit ProxySettingsCreate security policy rules for the data center resources you want to access.
- Select Policies.Set the Device Group to Explicit_Proxy_Device_Group.Create security policy rules.In rules for data center access, ensure that you use the Trusted zones you configured in an earlier step.