Prisma Access expands on the IP Optimization functionality by offering it for Explicit Proxy as well as Mobile Users—GlobalProtect.

For Mobile Users—GlobalProtect deployments, when a large number of users access a GlobalProtect gateway from a location, Prisma Access autoscales the location and adds another GlobalProtect gateway. IP Optimization uses a NAT layer so that the autoscaled gateway uses the same IP address as the previously allocated IP address, thus eliminating the need to add extra IP addresses to your organization's allow lists.

Prisma Access expands the NAT layer to Explicit Proxy Security Processing Nodes (SPNs) as well as Mobile User SPNs, reducing the need to allow list IP addresses for Explicit Proxy deployments. This Explicit Proxy NAT layer is beneficial if you're setting up a Mobile Users and Explicit Proxy deployment in Proxy Mode or Tunnel and Proxy Mode.