Learn how to enable cloud NAT support with Explicit Proxy.
| Where Can I Use This? | What Do I Need? |
|---|
|
If you'd like to use this feature in your Prisma Access
environment, get in touch with your account team to learn
more.
|
|
IP address optimization is a set of architectural enhancements that reduce the
overall number of IP addresses in your deployment, simplifying your allow listing
workflows while improving resiliency and enabling faster onboarding of Prisma Access tenants.
IP Address StickinessWith IP address stickiness, you can secure
the SaaS apps and websites that require user sessions to maintain the same
egress IP address of Prisma Access throughout the user
session.
Simplify SaaS Applications OnboardingAdding a
Prisma Access
location or experiencing a
scaling event at an existing
Prisma Access location could lead to new IP addresses being allocated to
your Explicit Proxy deployments. It's a best practice to
retrieve the new egress and gateway IP
addresses and add them to an allow list of the SaaS applications. IP
address optimization reduces the number of IP addresses that you have to manage
in large deployments.
Troubleshooting
If you want to target specific applications for IP address optimization, you can
add them to the URL category or external dynamic list (EDL). After you configure
the special objects, only the domains included in these objects will get the IP
address optimization.
Panorama- Configure the URL category as PANW EP IP Affinity URL
List or EDL as PANW EP IP Affinity List. Avoid wildcard entries,
example .* or top level domains such as .com.
Strata Cloud Manager- Supports the URL list PANW EP IP Affinity URL
List.
