Features Introduced in Prisma Access 1.4.0
The following table describes the new features introduced
in Prisma Access with Cloud Services plugin version 1.4.0.
Feature | Description |
---|---|
Increased Location Support for Mobile
Users, Remote Networks, and Service Connections | To better accommodate worldwide deployments and
provide best-of-breed local coverage, you can now choose from more
than 100 locations in 76 countries when you onboard your mobile
users, remote network connections, and service connections. Be
aware of the following changes and requirements as a result of the
added locations:
|
Custom Local IP Address for BGP | For service connections or remote network connections
that use BGP, you can specify a custom local IP address that Prisma
Access uses as its local IP address for BGP. This custom address
is useful when the device on the other side of the connection (such
as an Amazon Web Service (AWS) Virtual Private Gateway) requires
a specific local IP address for BGP peering. |
Automatic Creation of Template Stack,
Templates, and Device Groups for Multi-Tenant Deployments | To speed up the process of configuring additional tenants
in a multi-tenant deployment, Prisma Access automatically creates
templates, template stacks, and device groups for each tenant you
create after the first one, instead of requiring you to manually
create these components for each tenant. When you enable multi-tenancy,
existing templates, template stacks, and device groups still migrate
over to the first tenant. For each subsequent tenant you add, Prisma
Access creates the templates, template stacks, and device groups
and adds them to the access domain you create. |
Administratively Logout Mobile Users
from Panorama | To immediately remove mobile users from
access to your organizations’ resources, you can log out active mobile
users from the Cloud Services plugin in Panorama. |
HTTP/HTTPS Traffic Forwarding to Service Connections | Prisma Access can redirect HTTP or HTTPS
internet traffic from mobile users and remote networks, and forward
and route that traffic over a service connection. With this
capability, you can for example, steer traffic through a third-party
security stack (service chain) before egressing to the internet.
Another use case is to redirect certain websites’ traffic to be
routed through the organization’s on-premise network. |
Clean Pipe Service for Multi-Tenant Deployments | To allow organizations that manage the IT infrastructure
of other organizations, such as service providers or telecommunications
providers (Telcos), to quickly and easily protect outbound internet
traffic for their tenants, Palo Alto Networks introduces the Clean Pipe
service with this release. A service provider or Telco will be able
to route their customers (configured as tenants) to the Clean Pipe
service using a Partner Interconnect. After the traffic crosses
the Partner Interconnect, it will be sent to a tenant-dedicated instance
of Clean Pipe for security, and then routed to the internet. An
API that allows you to quickly and easily onboard tenants is also
available. To use the Clean Pipe service, you must purchase
a Clean Pipe license and deploy Prisma Access in multi-tenant mode.
After you purchase and activate this license, a new Clean Pipe tab
is activated in the Cloud Services plugin. |
Recommended For You
Recommended Videos
Recommended videos not found.