To be notified of public IP address changes
for remote networks and loopback IP address changes for service
connections, remote network connections, and mobile users, you can
specify a URL at which you can be alerted of a change. Prisma
Access uses an HTTP POST request to send the notification. This
POST request includes the following notification data in JSON format:
When you receive a notification, you must follow a two-step process. First, you must manually or
program to retrieve the IP or loopback addresses. Then, you
must update the IP addresses in your organization’s appropriate allow list to ensure
that users don’t experience any disruption in service.
Prisma Access sends this notification
a few seconds before the new IP address becomes active. We recommend
that you use automation scripts to both retrieve and add the new
IP addresses to an allow list in your network.
To add an IP address notification URL, complete the following task.
For Prisma Access (Managed by Strata Cloud Manager) deployments, go to WorkflowsPrisma Access SetupPrisma AccessInfrastructure Settings, click the gear to edit the settings, add an Egress IP
Notification URL where you can be notified of IP address changes
in your Prisma Access infrastructure, and Save your
changes.
For Prisma Access (Managed by Panorama) deployments, go to PanoramaCloud ServicesConfigurationService Setup and add an IP Change Event Notification
URL where you can be notified of IP address changes in your Prisma Access infrastructure, and click OK.
You can specify an IP address or an FQDN to an HTTP or HTTPS web service that’s
listening for change notifications. Prisma Access sends these notifications from
the internet using a public IP address.
You don’t need to commit your changes for the notification URL to take effect.