On-premises network recorders have been a powerful tool for organizations to perform forensic and breach analysis. It's common in on-premises topologies to implement a parallel infrastructure of tap ports, span ports, or packet brokers that would deliver a copy of the traffic to be used for such out-of-band analysis. However, along with the accelerated adoption of hybrid work and cloud, organizations are migrating to SASE architectures to address these challenges. Adhering to SASE cloud security solutions created blind spots for these forensic analysis tools, where a copy of the traffic from a remote user to a SaaS application is no longer available.

Prisma® Access traffic replication adds full visibility into forensic and post-mortem analysis involving SASE architectures by making available a copy of the traffic that is traversing Prisma Access.

In addition to providing a copy of the traffic generated by mobile users, traffic replication support for Remote Networks provides a similar function for the traffic generated by the branches. This support allows you to have complete visibility for all use cases, along with consistency in the way the traffic is being captured. This extension ensures comprehensive visibility across all branch traffic, providing the necessary consistency and flexibility to apply forensic analysis across both mobile user and remote network use cases seamlessly.

Prisma Access (Managed by Strata Cloud Manager) deployments now support Traffic Replication.