Where Can I Use This?	What Do I Need?
Prisma SD-WAN	Prisma SD-WAN license

Prisma SD-WAN simplifies Direct Internet Access (DIA) for VRF-based branch segments by enabling secure, segmented internet breakout with minimal configuration. Administrators simply define path policy rules, and Prisma SD-WAN automatically enables internet access while maintaining VRF isolation. Traffic sent directly to the internet leverages stateful NAT, with full awareness of both VRF and session context. This ensures return traffic is correctly routed back to the originating client and associated VRF segment, maintaining session integrity and proper segmentation. Compared to traditional routing-based VRF solutions, this approach greatly reduces complexity and operational overhead.