Prisma Access ZTNA Connector 2-Arm

The Prisma Access ZTNA Connector is a virtual appliance deployed within an organization’s data center or VPC, integrating with Prisma Access to provide secure access to both cloud-native and traditional applications. It enables access to applications in overlapping networks without requiring NAT configuration. Key features include automatic connection to the nearest Prisma Access location, fully automated secure tunnel management and routing, automated discovery of private applications with policy recommendations, use of the Prisma Access DNS resolver for address resolution, and no exposure of private IPs. The connector supports physical data centers and public or private clouds and is managed via the unified Prisma Access cloud platform.

Limitations include support only for client-initiated traffic (e.g., web apps, RDP, SSH, databases), no support for server-initiated traffic or port-hopping applications (e.g., VoIP, FTP active mode), and network services requiring unique client IPs (e.g., on-prem AD, SMB). Windows integrated authentication (NTLM, Kerberos) is not supported, though SAML, OAuth, and LDAP are supported for application authentication.