Focus

Prisma Access

Cloud Management

Table of Contents

Filter

Expand All | Collapse All

Prisma Access Docs

Administration
Version
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Integrations
Incidents & Alerts
Release Notes
Version
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred

Cloud Management

Configure QoS to prioritize business-critical traffic or traffic that requires low latency.

Use QoS to prioritize the critical traffic in your remote networks, and to set maximum and guaranteed bandwidths for remote network sites in a compute location.

Mark traffic that you want to receive QoS treatment.

Select

Manage

Configuration

Security Services

Security Policy

If you're using

Strata Cloud Manager

, go to

Manage

Configuration

NGFW and Prisma Access

Security Services

Security Policy

Ensure that you are creating the policy for remote networks.

Add Rule

Mark the incoming traffic by assigning a DSCP value in

Advanced Settings

and save the policy.

Add one or more QoS policy rules.

You use QoS policies to bind DSCP marking to one of eight available classes. You'll define the treatment a QoS class receives in the next steps. The QoS class determines the priority and bandwidth for traffic matching the QoS Policy rule.

Select

Manage

Configuration

Network Services

QoS

If you're using

Strata Cloud Manager

, select

Monitor

Network Services

QoS

Add Rule

Enter values and save the policy.

Enable QoS for your remote network locations.

Select

Manage

Service Setup

Remote Networks

Bandwidth Management

Determine the Prisma Access locations where you want to deploy QoS; then find the compute location that corresponds to each Prisma Access location.

Each Prisma Access location is allocated bandwidth from its compute location, and you must know the name of the compute location for the locations where you want to allocate QoS.

Enable QoS at a compute location level in the

QoS

column.

Whatever settings you enter apply to all locations that correspond to this compute location.

Edit

the QoS settings for the compute location.

Select the guaranteed bandwidth ratio, which is a ratio based on the entire allocated bandwidth for the compute location.

For example, if you have allocated bandwidth of 1001 Mbps for the US Southwest compute location, and you enter a

Guaranteed Bandwidth Ratio

of 82%, the guaranteed bandwidth for that compute location is 820.82 Mbps.

By default, each remote network is given a percentage that is equal to the number of connections. For example, given 4 connections in a compute location and a total guaranteed bandwidth of 820.82 Mbps, each location receives 25% of that bandwidth, which is 205.2 Mbps.

If the AIOps-Powered ADEM license is enabled, then the license is auto-enabled for all the compute locations.

Create New

QoS profile or

Manage

an existing QoS profile.

You use QoS profiles to shape the traffic at egress point.

(Optional) Customize QoS settings for remote network sites in a compute location. If you have multiple remote networks per compute location and want to change either the bandwidth ratio or QoS profile for each remote network, select

Customize

and change the bandwidth allocation ratio, QoS profile, or both.

If you select

Customize

and then onboard additional remote networks in the same IPSec termination node, the newly-onboarded sites receive an allocation ratio of 0, and you must manually rebalance the allocation ratio between existing sites and the newly-onboarded site.

Save

the changes.

Push

the configurations.

Prisma Access Docs

Cloud Management

Prisma Access Docs

Cloud Management

Recommended For You

Activation & Onboarding

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

Best Practices

Experts Corner