Learn about the preconfiguration steps required for the GCP-NCC CloudBlade
integration.
Where Can I Use This?
What Do I Need?
Strata Cloud Manager
Prisma SD-WAN license
GCP-NCC CloudBlade
The GCP-NCC CloudBlade provides the automatic creation, management, and
maintenance of an HA pair of Prisma SD-WAN Data Center virtual ION
devices across multiple locations/regions in GCP. It establishes BGP peering to a
GCP Cloud Router from the Prisma SD-WAN Data Center vIONs and the GPC
Transit VPC to advertise branch prefixes and provide connectivity to compute
resources within the GCP regions.
The CloudBlade automates the following configuration steps required to establish
end-to-end connectivity from the Prisma SD-WAN sites to the VPCs in
GCP.
Creates an NCC Hub.
An NCC Hub is a global resource; however, once a virtual ION is attached to
an NCC hub as a spoke, the NCC will be part of that particular virtual ION
device’s VPC. All the virtual ION devices are connected to the same NCC hub
as spokes.
Creates three VPCs in GCP (Controller, Internet, and Transit) using
Deployment Manager.
Controller and Internet VPC Subnets is configured in 255.255.x.0/24
format.
Transit VPC (Greenfield) Subnet is configured in 10.255.x.0/24
format.
Deploys two Prisma SD-WAN virtual ION 7K data center devices and
the subnet CIDR range for the specific region in the VPC created.
Creates cloud routers with interfaces for specific regions.
A cloud router is part of a region and is attached to the hub (Virtual ION)
through BGP peering. In multi-region deployments, multiple virtual ION and
cloud routers are deployed across the same VPC in multiple regions
(Controller VPC, Internet VPC, and Transit VPC).
Configures and establishes BGP peering session between the cloud router and the
virtual ION 7K.
Attaches the virtual ION 7k as a spoke to the NCC hub along with the cloud
router.
Configures routing on each VPC.
Creates a data center site in the Prisma SD-WAN controller and
configures the devices (Dual Virtual ION 7Ks) with the site.
Updates the Interfaces configuration for port 1 and port
2 for each device on the cloud controller.