Dynamic Routing Support
For a multi-site environment, support for the dynamic routing protocol—BGP— makes it easier for you to onboard your remote network locations and service connections without manually configuring static routes. When you configure your on-premises BGP routers to broadcast information on subnets in remote networks or at headquarters, Prisma Access learns these routes and enables communication between the headquarters and the remote network locations or between remote network locations.
Redundancy Across Service Connection and Remote Networks
For a better user experience, the Prisma Access now supports redundant routes directing traffic from your mobile users and remote network locations to your headquarters or data center over a service connection. This enhancement is available for BGP and static route configurations. If, for example, you have set up three service connections and a service connection tunnel is down, mobile user and remote network traffic is automatically routed over the other two operational service connections or remote network tunnels.
Smaller Bandwidth Allocation
Support for 2 Mbps and 5 Mbps of bandwidth is now available for your remote network locations with lower bandwidth requirements. From the total bandwidth pool you purchase, you can divide the available bandwidth across each remote network location that you onboard in increments of 2 Mbps, 5Mbps, 10 Mbps, 25 Mbps, 50 Mbps, 100 Mbps, or 300 Mbps.
Egress IP Address List for Prisma Access Infrastructure
If you have configured IP address allow lists to manage access to SaaS applications such as O365 or to applications that you host on the public cloud, changes to the IP addresses in your Prisma Access infrastructure can pose a challenge. As Prisma Access dynamically deploys firewalls to meet the requirements of your network and mobile users, you can now subscribe to a notification URL to learn about IP address changes in your Prisma Access infrastructure. You then can use a script or manually retrieve the list of IP addresses for all firewalls in your Prisma Access infrastructure, or just GlobalProtect gateways, GlobalProtect portals, or remote network firewalls and adjust your policies with IP-based restrictions to safely enable access for all SaaS or cloud applications.