New Features - Strata Cloud Manager - September 2024

It is a complex and often difficult process to add new sites and secure connectivity across all sites in distributed enterprises that have firewalls at the edge of their network. Additionally, securing these networks requires manual configuration that is time-consuming and prone to misconfiguration.

using Prisma® Access as a hub. With bundles that include more than one physical link, you maximize application quality when a physical link deteriorates. Create a link bundle by assigning the same link tag (using an SD-WAN Interface profile) to multiple links that have similar access and SD-WAN policy rules. For example, you can create a link tag named Low Cost Broadband and then use it to tag your cable modem and fiber optic broadband services.

In addition to improving the Auto VPN configuration settings, we extended Auto VPN connectivity to 500 sites per tenant.

To help you understand and manage your license consumption, Prisma Access provides two distinct bandwidth allocation models for calculating peak consumption: Aggregated Bandwidth Allocation and Per-Site Bandwidth Allocation . These models provide clarity on how your branch site usage impacts your license requirements, which you can monitor in View Subscription Usage .

• Aggregated Bandwidth Allocation Model — Prisma Access calculates the peak bandwidth consumption for each compute region daily.
• Per-Site Bandwidth Allocation Model — Prisma Access calculates every site’s peak bandwidth consumption daily.

View Subscription Usage shows your current license consumption. The Per-Site Bandwidth Allocation Model allows for granular monitoring and clear cost accountability by measuring the sustained peak usage of each individual branch site, and the Aggregated Bandwidth Allocation Model focuses on optimizing regional licensing costs by calculating the combined, sustained usage across all sites in a given compute region.

Managing network visibility often requires switching across multiple dashboards to analyze data. Centralized Report Management in Strata Cloud Manager eliminates this need by offering a unified system to enhance visibility of network activity within your organization and help analyze historical and track real-time data based on your needs. You can download reports using data from the dashboards and Activity Insights Summary for Prisma® Access and your Palo Alto Networks Next-Generation Firewalls (NGFWs). Strata Cloud Manager enables you to share and schedule reports at your preferred intervals.

Strata Cloud Manager generates reports using either the last 24 hours of data or the data from the past 30 days depending on the default time period settings on the dashboard. However, you can customize the time period for gathering data in a report when you schedule it. You can also manage scheduled and downloaded reports from the past 30 days to help you monitor and troubleshoot network activity effectively when needed.

The Strata Multitenant Cloud Manager enables managed security service providers (MSSP) or distributed enterprise customers of to get a holistic view of the application landscape for all tenants. Depending on your license, you can monitor application activity to get visibility into the Prisma Access applications along with information on data usage, incidents, and user experience of the applications.

If you have an Autonomous Digital Experience Management (ADEM) license, now you have access to features such as experience scores, plus the single tenant view for monitored applications in Strata Cloud Manager. AI-Powered ADEM is a service that provides native end-to-end visibility and performance metrics for application traffic in your environment. However, usage data is displayed for applications whether an ADEM license is enabled or not. This means that you can still access essential information about your applications, even without the advanced features provided by ADEM.

The application monitoring display is enhanced with the introduction of a new chart view and an updated table view, making it easier for you to analyze and interpret the information presented for parent and child tenants. It's not an aggregated view of the total usage from the perspective of the parent tenant. Access the Strata Multitenant Cloud Manager and select MonitorApplications.

In security environments, strict validation checks are critical for maintaining a robust security posture, but this rigidity can sometimes be an obstacle. When pushing a configuration, a failed security check with a "block" action can halt the entire deployment process. This creates unnecessary friction in time-sensitive situations, forcing you to delay or manually reconfigure to bypass the strict rule.

Strata Cloud Manager now addresses this pain point by introducing a feature in the Push Config dialog box that allows you to override specific security check failures that would normally block a push operation. This enhancement gives you the power and flexibility to continue the deployment when you have a valid reason to proceed, ensuring you are not stalled by strict checks. This capability allows you to balance security enforcement with operational efficiency while still ensuring that all validation errors are visible for your review and necessary investigation.

Prisma Access Cloud Management can now be deployed in the Qatar region.

Auto VPN allows you to configure secure connectivity between Strata Cloud Manager and your managed firewalls using SD-WAN. Peers in the VPN cluster use a pre-shared key to mutually authenticate each other. Strata Cloud Manager now allows you to refresh the pre shared keys used for authenticating VPN tunnels for existing VPN clusters ( ManageConfigurationNGFW and Prisma AccessGlobal SettingsAuto VPN ).