IP Optimization for Mobile Users - GlobalProtect Deployments
IP Optimization provides a simpler, deterministic public IP address allow-listing
experience, improved resiliency, and faster onboarding of Prisma Access tenants.
IP Optimization is a set of architectural enhancements that reduce the overall number
of IP addresses in your deployment, simplifying your allow-listing workflows while
improving resiliency and enabling faster onboarding of Prisma Access tenants.
- Simpler Public IP Address allow-listing–Adding a Prisma Access location
or experiencing a scaling event at an existing Prisma
Access location could lead to new IP addresses being allocated to the mobile
user security processing node (MU-SPN). It's a best practice to retrieve the new egress and gateway IP
addresses that Prisma Access assigns and add them to an allow list in your
network to avoid SaaS application or corporate firewall disruption. This can
result in a situation where you're managing a large number of IP addresses. IP
Optimization reduces the number of IP addresses you have to manage.
- Faster Onboarding of Prisma Access Tenants–Without IP Optimization, you’d
need to assign unique private IP addresses to each device across Prisma Access
and your private networks, requiring you to allocate large IP blocks from your
limited corporate routable IP address space. IP Optimization lets Prisma Access
allocate addresses from shared address space by default and NAT private application traffic.
