Features Introduced in Prisma SD-WAN Release 5.6.1
Focus
Focus

Features Introduced in Prisma SD-WAN Release 5.6.1

Table of Contents

Features Introduced in Prisma SD-WAN Release 5.6.1

Learn the new features and enhancements for Prisma SD-WAN Release 5.6.1.
Learn about the new features and enhancements for Prisma SD-WAN Release 5.6.1.
New Feature/EnhancementDescription
Integration with ADEM
The Autonomous Digital Experience Monitoring (ADEM) for Remote Networks agent is delivered natively from the Prisma SD-WAN 5.6.1 device. The ADEM for RN agent provides visibility into cloud infrastructure performance, application performance and user traffic monitoring. Analytics are viewed from the Prisma Access ADEM portal.
Device Software Version Required: 5.6.1-b13 and later
New ION 1200 Series
Prisma SD-WAN introduces the next generation ION 1200 series with integrated 5G and 4G cellular interfaces. The base platform includes 4 LAN/WAN ethernet interfaces. For more information, visit the Prisma SD-WAN.
Site Summary Dashboard
Prisma SD-WAN introduces a new site summary dashboard which provides an information-rich display of branch related metrics. These include new metrics such as network health as well as existing network device and application metrics. Use the following new widgets to view branch related metrics:
  • Site Health Overview
  • Devices
  • Top Events by Priority
  • Circuit Connectivity and Health
  • Application Utilization
  • Recent Site Audit Logs
  • TCP Connection Stats
  • Top Media Audio Performance
Event Engine
Prisma SD-WAN supports a new event correlation alarm for standard VPNs. The ION devices raise the DEVICEHW_INTERFACE_DOWN alarm for service endpoint level issues which occur when a service link to a single endpoint goes down.
Starting with Release 5.6.1, when the ION device raises the DEVICEHW_INTERFACE_DOWN alarm for at least two standard VPN interfaces to the same service endpoint IP address, the controller raises the NETWORK_STANDARD_VPN_ENDPOINT_DOWN summary alarm while suppressing the contributing alarms.
Enhanced Path Selection
Prisma SD-WAN supports Link Quality Monitoring (LQM) based path selection for all path types. The ION device aggregates the overlay LQM values between branches and data centers to compute the final LQM value for the internet underlay circuit or other required paths.
Configure the internet underlay link quality aggregation for link quality monitoring of one or more data centers.
Device Software Version Required: 5.6.1 and later
Stacked Security Policies
Prisma SD-WAN supports stacked security policies to translate business security requirements into configurable security policy rules that determine connectivity and secure access. In addition to existing match criteria supported in Original Security Policies, stacked security policies will also include in-rule port and protocol match without the need to create an application definition.
To enhance the visibility of rule effectiveness both global and site level time series hit counters are available per-rule. To facilitate seamless migration from Original Security Policies, a clone function is available which will also include the prefix filters if applicable.
Device Software Version Required: 5.6.1 and later
Syslog Enhancements
  • Syslog over TLS
  • Syslog Profiles
Prisma SD-WAN supports exporting of data via syslog over TLS. You can use the same syslog profile configuration across multiple ION devices. Create a syslog profile from the Prisma SD-WAN web interface to forward the collector logs as syslog messages to a syslog server.
Device Software Version Required: 5.6.1 and later
Enhanced Device to Controller Connection Visibility
Prisma SD-WAN provides enhanced device to controller connection visibility via the following:
  • Claimed Devices > Configure the device
  • Sites > Site Summary Dashboard
  • Sites > Configurations
Device Software Version Required: 5.6.1 and later
Multicast Routing
Prisma SD-WAN branch ION devices support multicast routing for LAN interfaces. A branch ION device supports multicast on a maximum of 31 PIM interfaces, including VLAN sub-interfaces.
Configure multicast routing from Select the deviceRoutingMulticast.
Device Software Version Required: 5.6.1 and later
Cellular Telemetry
Prisma SD-WAN supports telemetry and statistics for cellular ION devices. The Activity screen now includes the Cellular tab which displays statistical information on signal strength and statistics, traffic volume, technology and bandwidth usage, packet information, GPS location, and cellular tower switch information for cellular devices.
View the cellular module telemetry on the Prisma SD-WAN web interface to understand the cellular signal strength.
You will need an ION device 1200 along with device software version 5.6.1.
ION Device FIPS Mode Enablement
FIPS certification is in review.
Starting with Prisma SD-WAN Release 5.6.1, you can toggle between non-FIPS to FIPS mode for the supported ION devices from the Prisma SD-WAN web interface (controller). When you enable FIPS mode, all cryptographic security parameters (CSPs), including the CIC certificate, are cleared and the device is rebooted. After reboot, the device comes up in FIPS approved mode of operation with a new CIC provisioned by the controller and FIPS functionality enabled on the device.
Enable the FIPS mode on the Prisma SD-WAN web interface as shown in the image.
Supported devices in Release 5.6.1 are ION 1200, ION 1200-C-NA/ROW, and ION 1200-C5G-WW.
FIPS is not supported on other models, irrespective of the software version installed on the device.