Edit Application Network Policy Rules
Expand all | Collapse all
Edit Application Network Policy Rules
Lets see how to edit application network policy rules
for Zscaler CloudBlade.
Once the CloudBlade configures the appropriate
Standard VPN objects within Prisma SD-WAN and Zscaler, the administrator
can reference the path (Standard VPN) and service group (Zscaler)
within application network policies. The ION devices will make intelligent
per-app path selections using the network policies to chain multiple
path options together in Active-Active and Active-Backup modes.
Application A: Take
Standard VPN
direct
to Zscaler.
Application B: Take
Standard VPN
direct
to Zscaler; Backup to
Direct Internet
.
Application C: Go to Internet via
Prisma SD-WAN
Data Center
; Backup to Standard VPN direct to Zscaler.
Application D: Use only
Direct Internet
.
The Prisma SD-WAN Secure Application Fabric (AppFabric) enables
granular controls for virtually unlimited number of policy permutations
down to the sub-application level. Here are some of the most common
examples of how traffic policy can be configured per application:
Send all internet-bound traffic from a set of branches
to a Zscaler datacenter. (Blanket Greylist)
Send all internet-bound traffic from a set of branches to
a Zscaler datacenter with the exception of specific known applications.
(Greylist-Whitelist)
Send all internet traffic direct to the internet except for
certain applications needing additional inspection or security. (Whitelist-Greylist)