Tiêu đề EDU-318-v3.2-M09-Cloud SWG-Express.pdf ✅

EDU-318 Version 3.2 CLOUD SECURE WEB GATEWAY CLOUD SWG ● Overview ● Proxy Auto Configuration (PAC) File ● DNS Behavior ● Explicit proxy Client Configuration ● Configure Proxy Device Groups and Templates ● Security and Decryption Policies ● Explicit proxy Onboarding for Prisma SASE ● Utilizing Logs ● Known Functionality
• Cloud SWG Overview • Proxy Auto Configuration (PAC) File • DNS Behavior • Configure Explicit Proxy Client • Explicit Proxy Device Group and Template Configuration • Security and Decryption Policy Configuration • Configure Explicit Proxy Onboarding for Prisma SASE • Utilize the Logs • Known Functionality
Prisma Access Cloud Secure Web Gateway (Cloud SWG) Use Case for Cloud SWG Customers are interested in migrating from legacy proxy-based solutions to Prisma Access for SASE and web security. However, they are required to make changes to their network architecture to connect to Prisma Access via a Remote Network or GlobalProtect client. These changes can create complications in the cloud transformation journey and slow down the adoption and onboarding of Prisma Access. Feature Description: Enables an additional connectivity option for Prisma Access, using PAC files while still providing best-in- class security. ○ Easier migration path for customers migrating from a legacy on-prem SWG that uses PAC files without any network- or client-level changes ○ Simplifies onboarding of Prisma Access users with an additional connection methodology and supports phased migration to native SASE services 3 | | © 2018-2022 Palo Alto Networks, Inc.
SaaS Internet HQ Branch Public Cloud Mobile Users PAC PAC PAC Proxy Gateway Existing connection methods: RN, MU with GP agent RN-SPN Cloud Data Center Prisma Access Proxy Solution – Mobile Users and Business Sites Solution Overview 4 | | © 2018-2022 Palo Alto Networks, Inc. Prisma Access Capabilities in Prisma Access 3.2 Management Panorama & Prisma Access Cloud-based Management Authentication supported SAML and Kerberos Endpoint Connection Method PAC file based or explicit proxy settings Traffic Profile Protocols and supported connectivity Internet Traffic and SaaS Applications HTTP & HTTPS only Connectivity to other Prisma Access-connected devices is not supported Decryption Policies HTTPS/TLS 1.2 Identity-based policies Requires SSL decryption to maintain authenticated state Directory Sync needed for group-based policies Security Subscriptions URL Filtering, WildFire, Threat Prevention, DNS Security License Uses Mobile User License