: Features Introduced in Prisma SD-WAN Release 5.6.1
Focus
Focus

Features Introduced in Prisma SD-WAN Release 5.6.1

Table of Contents

Features Introduced in
Prisma SD-WAN
Release 5.6.1

Learn the new features and enhancements for
Prisma SD-WAN
Release 5.6.1.
Learn about the new features and enhancements for
Prisma SD-WAN
Release 5.6.1.
New Feature/Enhancement
Description
Integration with ADEM
The Autonomous Digital Experience Monitoring (ADEM) for Remote Networks agent is delivered natively from the
Prisma SD-WAN
5.6.1 device. The ADEM for RN agent provides visibility into cloud infrastructure performance, application performance and user traffic monitoring. Analytics are viewed from the Prisma Access ADEM portal.
Device Software Version Required: 5.6.1-b13 and later
New ION 1200 Series
Prisma SD-WAN
introduces the next generation ION 1200 series with integrated 5G and 4G cellular interfaces. The base platform includes 4 LAN/WAN ethernet interfaces. For more information, visit the
Prisma SD-WAN
.
Site Summary Dashboard
Prisma SD-WAN
introduces a new site summary dashboard which provides an information-rich display of branch related metrics. These include new metrics such as network health as well as existing network device and application metrics. Use the following new widgets to view branch related metrics:
  • Site Health Overview
  • Devices
  • Top Events by Priority
  • Circuit Connectivity and Health
  • Application Utilization
  • Recent Site Audit Logs
  • TCP Connection Stats
  • Top Media Audio Performance
Event Engine
Prisma SD-WAN
supports a new event correlation alarm for standard VPNs. The ION devices raise the
DEVICEHW_INTERFACE_DOWN
alarm for service endpoint level issues which occur when a service link to a single endpoint goes down.
Starting with Release 5.6.1, when the ION device raises the
DEVICEHW_INTERFACE_DOWN
alarm for at least two standard VPN interfaces to the same service endpoint IP address, the controller raises the
NETWORK_STANDARD_VPN_ENDPOINT_DOWN
summary alarm while suppressing the contributing alarms.
Enhanced Path Selection
Prisma SD-WAN
supports Link Quality Monitoring (LQM) based path selection for all path types. The ION device aggregates the overlay LQM values between branches and data centers to compute the final LQM value for the internet underlay circuit or other required paths.
Configure the internet underlay link quality aggregation for link quality monitoring of one or more data centers.
Device Software Version Required: 5.6.1 and later
Stacked Security Policies
Prisma SD-WAN
supports stacked security policies to translate business security requirements into configurable security policy rules that determine connectivity and secure access. In addition to existing match criteria supported in Original Security Policies, stacked security policies will also include in-rule port and protocol match without the need to create an application definition.
To enhance the visibility of rule effectiveness both global and site level time series hit counters are available per-rule. To facilitate seamless migration from Original Security Policies, a clone function is available which will also include the prefix filters if applicable.
Device Software Version Required: 5.6.1 and later
Syslog Enhancements
  • Syslog over TLS
  • Syslog Profiles
Prisma SD-WAN
supports exporting of data via syslog over TLS. You can use the same syslog profile configuration across multiple ION devices. Create a syslog profile from the
Prisma SD-WAN
web interface to forward the collector logs as syslog messages to a syslog server.
Device Software Version Required: 5.6.1 and later
Enhanced Device to Controller Connection Visibility
Prisma SD-WAN
provides enhanced device to controller connection visibility via the following:
  • Claimed Devices > Configure the device
  • Sites > Site Summary Dashboard
  • Sites > Configurations
Device Software Version Required: 5.6.1 and later
Multicast Routing
Prisma SD-WAN
branch ION devices support multicast routing for LAN interfaces. A branch ION device supports multicast on a maximum of 31 PIM interfaces, including VLAN sub-interfaces.
Configure multicast routing from
Select the device
Routing
Multicast
.
Device Software Version Required: 5.6.1 and later
Cellular Telemetry
Prisma SD-WAN
supports telemetry and statistics for cellular ION devices. The
Activity
screen now includes the Cellular tab which displays statistical information on signal strength and statistics, traffic volume, technology and bandwidth usage, packet information, GPS location, and cellular tower switch information for cellular devices.
View the cellular module telemetry on the
Prisma SD-WAN
web interface to understand the cellular signal strength.
You will need an ION device 1200 along with device software version 5.6.1.
ION 1200 FIPS Certification
FIPS certification is in review.
Starting with
Prisma SD-WAN
Release 5.6.1, you can toggle between non-FIPS to FIPS mode for the supported ION 1200 devices from the
Prisma SD-WAN
web interface (controller). When you enable FIPS mode, all cryptographic security parameters (CSPs), including the CIC certificate, are cleared and the device is rebooted. After reboot, the device comes up in FIPS approved mode of operation with a new CIC provisioned by the controller and FIPS functionality enabled on the device.
Enable the FIPS mode on the
Prisma SD-WAN
web interface as shown in the image.
Supported devices are
ION 1200
,
ION 1200-C-NA/ROW
, and
ION 1200-C5G-WW
.
FIPS is not supported on other models, irrespective of the software version installed on the device.

Recommended For You