IPSec Termination Node Logic (Panorama Managed)

With the Prisma Access for Networks Aggregate Bandwidth model, bandwidth is assigned to a compute region within Panorama. This allows for deterministic placement of nodes and also the compute for the nodes behind a region.
Within the Remote Networks Bandwidth Allocation in Panorama, regions are configured for bandwidth that is to be allocated for that region:
If looking at 2 locations, namely US East (purple box), and Europe Central (orange box), you can see the respective bandwidth allocated for each region as shown below.
With Prisma Access for Networks utilizing the Aggregate Bandwidth model, for every 500 Mbps of bandwidth allocation, a compute instance will be added to support the throughput requirements.
The compute instances behind a region are called the IPSec Termination Nodes, and appear when configuring a Remote Network onboarding in Panorama.
Given the above example, the number of nodes allocated would be as follows:
  • US East: 2 nodes
  • Europe Central: 1 node

Recommended For You