Use Event Policies to manage system-generated alerts and alarms in your network for improved network visibility and quicker troubleshooting. You can leverage event policy rules to suppress or escalate alarms that arise during a scheduled time period.

You can also change the default priority of system-generated alarms to a priority level that is more aligned with your operational requirements.

You can apply event policy rules to different network resources such as sites, devices, interfaces, circuits, and BGP peers and take action on specific event codes.

For network and application visibility, you can configure branch ION devices to export link quality, system metadata, and flow information to an external collector using standards-based IPFIX with custom templates.

For accurate circuit metering and site capacity planning, you can now use circuit-level statistics to identify the bandwidth usage for circuits on ActivityNetwork Quick FiltersCircuits.

To gain visibility of LAN traffic and identify potential errors or dropped packets on an interface, use ActivitySystem Quick FiltersInterfaces.

If you have configured static routes on the ION device, you can now enable the next-hop reachability probe to verify that the destination IP address or prefix is reachable using ICMP probes. When enabled, if the next hop is unreachable, the ION device forwards traffic to the destination prefix using alternate paths.

You can now configure secondary IP addresses on Layer 3 LAN interfaces to provide multiple logical subnets for an interface.

You can now specify a static ARP entry on a LAN interface which enables you to create a static MAC address to IP address mapping.

The Prisma SD-WAN controller generates two new alarms for site connectivity issues.

The SITE_CONNECTIVITY_DOWN alarm is generated when the site loses connectivity with the controller and all the remote branches or data centers.

The controller clears this alarm if either the connectivity is re-established or if at least one of the VPNs is up.

SITE_CONNECTIVITY_DEGRADED alarm is generated when any one of the following conditions exist:

The controller clears this alarm when all the WAN paths are up.

The DEVICEHW_INTERFACE_DOWN alarm is enhanced for logical interface level issues.

When a physical interface goes down, all alarms are suppressed for the logical interfaces associated with that physical interface. The controller clears the alarm only when the parent interface is up but does not suppress the interface down alarm if any one of the child interfaces is down.

The secure fabric link alarms, NETWORK_SECUREFABRICLINK_DEGRADED and NETWORK_SECUREFABRICLINK_DOWN are enhanced to suppress the related VPN alarms.

To detect connectivity issues over a WAN circuit and prevent middle mile failures, you can now track the Layer 3 reachability of WAN circuits. In the event of a middle mile failure, when tracking WAN availability, the ION device will reduce the HA priority of the active device.

MSP tenants can now take stock and move devices they own between child tenants that they manage using the Device Manager web interface.

The following new system application definitions are available on Prisma SD-WAN.