Prisma Access
Cloud Management
Table of Contents
Expand All
|
Collapse All
Prisma Access Docs
-
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
-
-
-
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Cloud Management
Cloud Management
Configure QoS to prioritize business-critical traffic or traffic that requires low
latency.
Use QoS to prioritize the critical traffic in your remote networks, and to set
maximum and guaranteed bandwidths for remote network sites in a compute location.
- Mark traffic that you want to receive QoS treatment.
- Select.ManageConfigurationSecurity ServicesSecurity PolicyIf you're usingStrata Cloud Manager, go to.ManageConfigurationNGFW andPrisma AccessSecurity ServicesSecurity PolicyEnsure that you are creating the policy for remote networks.
- Add Rule.
- Mark the incoming traffic by assigning a DSCP value inAdvanced Settingsand save the policy.
- Add one or more QoS policy rules.You use QoS policies to bind DSCP marking to one of eight available classes. You'll define the treatment a QoS class receives in the next steps. The QoS class determines the priority and bandwidth for traffic matching the QoS Policy rule.
- Select.ManageConfigurationNetwork ServicesQoSIf you're usingStrata Cloud Manager, select.MonitorNetwork ServicesQoS
- Add Rule.
- Enter values and save the policy.
- Enable QoS for your remote network locations.
- Select.ManageService SetupRemote NetworksBandwidth Management
- Determine thePrisma Accesslocations where you want to deploy QoS; then find the compute location that corresponds to eachPrisma Accesslocation.EachPrisma Accesslocation is allocated bandwidth from its compute location, and you must know the name of the compute location for the locations where you want to allocate QoS.
- Enable QoS at a compute location level in theQoScolumn.Whatever settings you enter apply to all locations that correspond to this compute location.
- Editthe QoS settings for the compute location.
- Select the guaranteed bandwidth ratio, which is a ratio based on the entire allocated bandwidth for the compute location.For example, if you have allocated bandwidth of 1001 Mbps for the US Southwest compute location, and you enter aGuaranteed Bandwidth Ratioof 82%, the guaranteed bandwidth for that compute location is 820.82 Mbps.By default, each remote network is given a percentage that is equal to the number of connections. For example, given 4 connections in a compute location and a total guaranteed bandwidth of 820.82 Mbps, each location receives 25% of that bandwidth, which is 205.2 Mbps.If the AIOps-Powered ADEM license is enabled, then the license is auto-enabled for all the compute locations.
- Create NewQoS profile orManagean existing QoS profile.You use QoS profiles to shape the traffic at egress point.
- (Optional) Customize QoS settings for remote network sites in a compute location. If you have multiple remote networks per compute location and want to change either the bandwidth ratio or QoS profile for each remote network, selectCustomizeand change the bandwidth allocation ratio, QoS profile, or both.If you selectCustomizeand then onboard additional remote networks in the same IPSec termination node, the newly-onboarded sites receive an allocation ratio of 0, and you must manually rebalance the allocation ratio between existing sites and the newly-onboarded site.
- Savethe changes.
- Pushthe configurations.