I'm new to Prisma Access and can't seem to figure out how to block IPs, EDLs, etc from even attempting to authenticate to Prisma Access. If it were on a firewall, the security policy that allows or blocks traffic to the portal/gateway could block it, but it seems that none of the security policy should apply until after authentication. There must be a way of preventing the brute force attempts.
What am I missing?
Thank you!
AFAIK the only option you have is to set up an embargo rule, but this, as you mention in your own reply, will only block certain countries:
https://docs.paloaltonetworks.com/prisma-access/administration/prisma-access-advanced-deployments/block-incoming-connections-from-specific-countries
I did find this for Geoblocking, which is a start:
Block Incoming Connections from Specific Countries (paloaltonetworks.com)