Home / cybersecurity / Mobile users / MU / Paloalto / Prisma Access / SASE / secuirty / Prisma SSE- How to enable Global Protect ?

Prisma SSE- How to enable Global Protect ?

September 24, 2025 , , , , , ,

Prisma SSE- How to enable Global Protect ?

GlobalProtect functions as the VPN component within Prisma Access, Palo Alto Networks' cloud-based Secure Access Service Edge (SASE) solution. Through the GlobalProtect client, Prisma Access provides remote users with a secure, encrypted connection, ensuring protected access to applications and data regardless of their location.

Prisma Access : What is Remote Networks (RN) ?
Prisma Access : What is Service Connections (SC) ?
Prisma Access : What is Mobile User (MU) ?

Prisma SSE- How to enable Global Protect ?

Enable GlobalProtect

Step 1: Login to Strata Cloud Manager (SCM)https://stratacloudmanager.paloaltonetworks.com/

Step 2: Click Workflows > Prisma Access Setup > Mobile Users

GlobalProtect

Step 3: In the GlobalProtect Connection box, click Enable and now Click GlobalProtect Setup

Step 4: Choose Minimum GlobalProtect Version section, read the description and then Enable Prisma Access IP Optimization. Click Set.

Step 5: In the Infrastructure Settings section, click Set Up Infrastructure Settings

Step 6: In the Portal Name section, select the Default Domain radio button. Enter a unique Portal Hostname NDNA.gpservices.com

Step 7: Under Client DNS, in the Region column click Worldwide. Check the box for Resolve Internal Domains

Step 8 : Click Add in the Internal Domain Resolve Rules section
a. Name: internal-domain
b. Primary DNS: Prisma Access Default
c. Secondary DNS: Prisma Access Default
d. Domain Lists: NDNA_INFRA_LABS


Global Protect : Domain Lists: NDNA_INFRA_LABS


Client DNS
Client DNS

Step 9 : Click Save at the bottom of the window, to return to the GlobalProtect Setup page.

Step 10 : In the Prisma Access Locations section, click Add Locations. On the map, click on North America. Add US Central and save. 

Step 11 : Click the GlobalProtect App tab. On the App Settings section, click Add App Settings

Step 12: In the Name box, type Tunnel. In the App Configuration section, locate Enable Autonomous DEM and GlobalProtect App Log Collection for Troubleshooting and check the box.

Step 13: Click Show Advanced Options. Expand the User Behavior section. Select Install and User cannot Enable or Disable DEM in the dropdown box for Digital Experience Management (DEM) for Prisma Access (Windows and Mac only).

Step 14 : Select Install the Agent in the dropdown box for Digital Experience Management (DEM) for Prisma Access for GP Version 6.3 and above (Windows and Mac only).

Step 15 : In the App Settings section, select Tunnel

Prisma SSE Tunnel

Now you are completed with the basic setup of Global protect App on the SCM portal. We will come up with the next article on Security policies for mobile uses.