Features Introduced in Prisma SD-WAN ION Release 6.4
Table of Contents
Expand All
|
Collapse All
Prisma SD-WAN Docs
-
-
-
-
- AWS Transit Gateway
- Azure vWAN
- Azure vWAN with vION
- ChatBot for MS Teams
- ChatBot for Slack
- CloudBlades Integration with Prisma Access
- GCP NCC
- Service Now
- Zoom QSS
- Zscaler Internet Access
-
-
- ION 5.2
- ION 5.3
- ION 5.4
- ION 5.5
- ION 5.6
- ION 6.0
- ION 6.1
- ION 6.2
- ION 6.3
- ION 6.4
- New Features Guide
- On-Premises Controller
- Prisma Access CloudBlade Cloud Managed
- Prisma Access CloudBlade Panorama Managed
- Prisma SD-WAN CloudBlades
Features Introduced in Prisma SD-WAN ION Release 6.4
Learn about the features introduced in Prisma SD-WAN ION Release
6.4.
Where Can I Use This? | What Do I Need? |
---|---|
|
|
Learn about the features introduced in Prisma SD-WAN ION Release 6.4.
- Features Introduced in Prisma SD-WAN Release 6.4.2
- Features Introduced in Prisma SD-WAN Release 6.4.1
Features Introduced in Prisma SD-WAN Release 6.4.2
Learn about the features introduced in Prisma SD-WAN ION Release
6.4.2
SASE Easy Onboarding Enhancements
With easy onboarding, effortlessly connect
your Prisma SD-WAN sites to Prisma Access using the
streamlined onboarding process. As part of the enhancements to easy onboarding,
Prisma SD-WAN now provides:
- Support for Easy Onboarding using site templates
- Support for automated BGP configuration with different deployment modes
- Support for Prisma Access region redundancy
- Support for IPSec profile changes
App Assurance Enhancements: Best Path Selection
Application SLAs enable Prisma SD-WAN to select paths
that meet the network and application performance requirements of applications.
With Best Path selection the absolute lowest path, based upon Link Quality
Monitoring or Probe Metrics, can be selected using path policy, providing the
best user experience for applications that are extra sensitive to Latency, Loss,
or Jitter.
You will need a device software version 6.4.2 or higher to use this
feature.
Expanded System Applications
With the introduction of over 4,000 system applications, any custom application
with an identical name to the system application will have '-custom' or '-cm'
appended to it.
Enhancements to Subscription Usage
Enhanced consumption visibility with the Top Application
Usage During Peak Utilization chart, offering insights into the
top 10 application usage during the peak consumption period for each branch on a
monthly basis.
IPv6 Enhancements for NAT and ULA
Prisma SD-WAN now supports a unique local address (ULA), IPv6
address in the address range fd00::/7 for LAN interfaces. Prisma SD-WANsupports this only for Direct on Any Public or
Private or Prisma SD-WAN on Any Public or Private paths in the
active paths in the default path policy.
Prisma SD-WAN supports IPv6 NAT (NAT66 and NAT64) for
Direct Internet Access (DIA) traffic.
You will need a device software version 6.4.2 or higher to use this
feature.
Filtering for All Incidents and Alerts
Prisma SD-WAN introduces a significant update—the
ability to select All Incidents and All Alerts on the policy
rules. This feature enhances your control and management capabilities.
Features Introduced in Prisma SD-WAN Release 6.4.1
Learn about the features introduced in Prisma SD-WAN ION Release
6.4.1
App SLA Assurance Enhancements
Measuring application performance and delivering App
SLAs is a core component of Prisma SD-WAN. Performance
Policy builds upon the existing App SLA configuration to deliver a policy
framework for the measurement, enforcement, and alerts for application SLAs.
With this release, the performance policy feature includes the following
enhancements:
- Packet DuplicationIn addition to Forward Error Correction, Prisma SD-WAN now supports replication of an application session across up to three VPN paths simultaneously, ensuring consistent and optimized application experiences for end users. Packet Duplication assures the delivery of packets for critical applications, even when all underlay paths are degraded beyond application SLA. Packet Duplication is configured in the performance policy, where it is an additional action within the policy, selectable on a per-app and/or per-path basis. Leveraging this capability requires explicit selection of all paths onto which packets will be duplicated (secondary/alternate paths) and duplicated by the (primary path).
- Service Health ProbesPrisma SD-WAN now supports always-on probing to measure key metrics such as round trip latency, packet loss, and jitter to any ICMP/DNS/HTTP/HTTPS service across any transport (Direct, Fabric, Standard VPN). The results are available to the user and they can also be used to make path selection decisions with precise control using performance policy. Additionally, the same application health probes can be used by the system to determine the L3 Reachability.
- Incidents for System & Site Health MetricsIn addition to Incidents for link and application health metrics, Prisma SD-WAN now supports the ability to generate incidents for critical system metrics such as CPU Utilization, Memory Utilization, Disk Utilization, and Concurrent Flow table usage as well as Circuit Utilization.
Branch Gateway
Prisma SD-WAN offers two types of site configurations —
branch sites and data center sites. There may be situations where the services
provided by a given location do not fit cleanly into either of these
configurations. To maximize the flexibility of the system, Prisma SD-WAN offers a new hybrid site type — Branch Gateway. The Branch Gateway
provides the policy transit and LQM server capabilities of a data center site
along with the visibility and path selection of a branch site. You can enable
the branch gateway functionality on an existing branch site in the control mode
using a site level configuration setting. Upon enabling the Branch Gateway mode,
VPN tunnels will automatically form to each branch site in the domain.
Support for OSPF
Prisma SD-WAN supports Open Shortest Path First (OSPF), an
interior gateway protocol (IGP) most often used to perform prefix distribution
in large enterprise networks dynamically. OSPF determines routes dynamically by
obtaining information from other routers and advertising routes to other routers
through Link State Advertisements (LSA). Prisma SD-WAN supports
the OSPF routing protocols with the L3 switches towards the branch sites and
switches and routers in the 'Aggregation Layer' at the campus and data center
sites.
SDDC — Megaport (VFF)
The latest update of Prisma SD-WAN brings an exciting
new feature: SR-IOV support for the Intel XL710 Ethernet Network Adapter. This
support is available for all hypervisors on vION (Virtual ION) and offers users
a range of benefits.
Simply put, SR-IOV is a hardware specification and technology that
enables a single device, such as a Peripheral Component Interconnect Express
(PCIe) NIC, to be shared among multiple virtual machines (VMs). This
significantly reduces the overhead associated with I/O virtualization, leading
to improved performance, reduced CPU utilization, enhanced security, and
efficient resource utilization.
Prisma SD-WAN's SR-IOV support allows users to enjoy
faster and more efficient data processing, leading to better overall
performance. Additionally, users can benefit from enhanced security, as multiple
VMs can share a single device without compromising the integrity of the data.
Moreover, reducing CPU utilization leads to more efficient resource utilization
and significant business cost savings.
Site Template Enhancements
Prisma SD-WAN
Site Templates now supports JINJA
conditional statements, offering users enhanced flexibility in their
deployments. Users can execute different actions based on site data,
streamlining the deployment process.
Standard VPN Enhancements for DC to DC
Prisma SD-WAN now supports a standard VPN tunnel
configuration option that controls IKE initiator & responder behavior. This
is useful in many scenarios including establishing DC to DC ION tunnels when one or both
sides are behind a NAT device.
Improved Incident Management
Prisma SD-WAN now supports clickable impacted objects to
help navigate to the appropriate impacted incident name, enhancing the
incident's debuggability. You can now select more than one incident for bulk
acknowledgement or unacknowledgement.
Subscription Usage Visibility Enhancements
The enhancements to Prisma SD-WAN Subscription Usage
provide administrators access to comprehensive visibility on both site and
tenant bandwidth consumption. This capability allows administrators to
effectively monitor their bandwidth usage, facilitate the tracking and trending
of monthly bandwidth utilization across all branch sites to ensure compliance
with licensing agreements.
VRF- Support for Standard VPN, NTP, Syslog, and SNMP
Prisma SD-WAN now offers Standard VPN support to the
existing VRF functionality. You can quickly put a standard VPN in any VRF (for
example, Guest), and you can redirect the traffic part of this VRF to the
standard VPN with simple path policies.
If all the user traffic from the different VRFs needs to go over the
Standard VPN, a route leak can be configured for basic L3 reachability. Then,
you can use path policies for traffic engineering.
Support for Additional App IDs
Prisma SD-WAN now supports over 4,000 system defined
application IDs.
Support for Configurable L3 Reachability Probes
Prisma SD-WAN supports Layer 3 reachability probing
across different circuits to verify the reachability of internet services using
a predefined set of probes. The new configurable service health probes used to
verify application and link performance can now be optionally used to determine
the L3 service status of a circuit.
SVI—Operational Enhancements
Prisma SD-WAN introduces a configuration feature named
SVI Autostate. With this feature, the behavior of the SVI (Switched
Virtual Interface) state (up/down) can be configured to remain up when all VLAN
member ports are down or to be brought down if all member ports are down.
Support for Auto-APN
Auto APN supports all major carriers in countries such as USA, Canada, Qatar,
Australia, and JAPAC region.