This document presents a secure design architecture for Prisma Access Browser, an agentless solution that enables secure internet and SaaS access on unmanaged or BYOD endpoints. It provides a Zero Trust-based approach to isolate users from threats while enabling granular policy enforcement directly in the browser. Core components include authentication via Microsoft Entra ID, integration with Cloud Identity Engine, and application of browser policies (e.g., clipboard, screen capture, file uploads). The design enables selective access to sanctioned apps, contextual DLP, and advanced telemetry, while reducing overhead associated with full client VPN deployments.

Join for free to read