QoS for Remote Networks (Strata Cloud Manager)

Table of Contents

Filter

Expand All | Collapse All

Prisma Access Docs

Activation & Onboarding
Administration
Version
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Integrations
Incidents & Alerts
Release Notes
Version
- 5.2 Preferred and Innovation
- 5.1 Preferred and Innovation
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred

QoS for Remote Networks (Strata Cloud Manager)

Configure QoS to prioritize business-critical traffic or traffic that requires low latency.

Use QoS to prioritize the critical traffic in your remote networks, and to set maximum and guaranteed bandwidths for remote network sites in a compute location.

Mark traffic that you want to receive QoS treatment.
1. Select ManageConfigurationNGFW and Prisma AccessSecurity ServicesSecurity Policy.
  
  Ensure that you are creating the policy for remote networks.
2. Add Rule.
3. Mark the incoming traffic by assigning a DSCP value in Advanced Settings and save the policy.
Add one or more QoS policy rules.

You use QoS policies to bind DSCP marking to one of eight available classes. You'll define the treatment a QoS class receives in the next steps. The QoS class determines the priority and bandwidth for traffic matching the QoS Policy rule.
1. Select MonitorNetwork ServicesQoS.
2. Add Rule.
3. Enter values and save the policy.
Enable QoS for your remote network locations.
1. Select ManageService SetupRemote NetworksBandwidth Management.
2. Determine the Prisma Access locations where you want to deploy QoS; then find the compute location that corresponds to each Prisma Access location.
  
  Each Prisma Access location is allocated bandwidth from its compute location, and you must know the name of the compute location for the locations where you want to allocate QoS.
3. Enable QoS at a compute location level in the QoS column.
  
  Whatever settings you enter apply to all locations that correspond to this compute location.
Edit the QoS settings for the compute location.
1. Select the guaranteed bandwidth ratio, which is a ratio based on the entire allocated bandwidth for the compute location.
  
  For example, if you have allocated bandwidth of 1001 Mbps for the US Southwest compute location, and you enter a Guaranteed Bandwidth Ratio of 82%, the guaranteed bandwidth for that compute location is 820.82 Mbps.
  
  By default, each remote network is given a percentage that is equal to the number of connections. For example, given 4 connections in a compute location and a total guaranteed bandwidth of 820.82 Mbps, each location receives 25% of that bandwidth, which is 205.2 Mbps.
  
  If the AIOps-Powered ADEM license is enabled, then the license is auto-enabled for all the compute locations.
2. Create New QoS profile or Manage an existing QoS profile.
  
  You use QoS profiles to shape the traffic at egress point.
3. (Optional) Customize QoS settings for remote network sites in a compute location. If you have multiple remote networks per compute location and want to change either the bandwidth ratio or QoS profile for each remote network, select Customize and change the bandwidth allocation ratio, QoS profile, or both.
  
  If you select Customize and then onboard additional remote networks in the same IPSec termination node, the newly-onboarded sites receive an allocation ratio of 0, and you must manually rebalance the allocation ratio between existing sites and the newly-onboarded site.
Save the changes.
Push the configurations.