- 05 Nov 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Palo Alto Networks Prisma Access
- Updated on 05 Nov 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Prisma Access SASE from Palo Alto Networks converges network security, SD-WAN, and autonomous digital experience management in the cloud to provide a secure access service edge.
This adapter is not supported if your Palo Alto Networks Prisma Access product is being hosted/managed by the Palo Alto Panorama service.
Types of Assets Fetched
This adapter fetches the following types of assets:
- Devices
- Users
Parameters
Host Name or IP Address (required, default: https://api.sase.paloaltonetworks.com) - The hostname or IP address of the Palo Alto Networks Prisma Access server.
Client ID and Client Secret (required) - Refer to Service Accounts for information of how to create a Service Account.
Tenant Service Group ID (required) - Refer to Tenant Service Groups for information of how to obtain the Service Group ID.
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.
HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.
- Folder List (required, default: true) - The folder from which you want to fetch Users and Devices. Can be one or more of the following: Shared, Mobile Users, Remote Networks, Service Connections, Mobile Users Container, Mobile Users Explicit Proxy.
- Fetch Global Protect Users - Select this option to fetch Global Protect connected users.
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
APIs
Axonius uses the following APIs:
Required Ports
Axonius must be able to communicate with the value supplied in Host Name or IP Address via the following ports:
- TCP port 443
Required Permissions
Service Account should be assigned at least the “auditor” role in order to fetch assets.
Supported From Version
Supported from Axonius version 4.8