Configure QoS in Prisma Access
Table of Contents
Configure QoS in Prisma Access
Use these steps to configure QoS in Prisma Access
Use the following workflow to configure QoS
in Prisma Access. See Configure Quality of Service for Mobile Users and Remote Networks for the detailed
steps.
- Mark the ingress traffic using a security policy
or using marking from an on-premises device.You can create PAN-OS security policies to mark traffic destined to Prisma Access for mobile users and for remote network connections. For service connections, Prisma Access will honor traffic marking from your organization’s on-premises devices. Optionally, you can also use on-premises devices to mark traffic for remote networks.To ensure predictable results, we recommend marking traffic using either security policies in Prisma Access or your on-premises device, but not both. If there are differences between the security policies in Prisma Access and the on-premises device, the security policy in Prisma Access overrides the policy in the on-premises device.
- Map the traffic to classes using a QoS policy rule.
- Shape the traffic using a QoS profile.You can create QoS profiles to shape QoS traffic for service connections and for remote network connections and apply those profiles to traffic that you marked with PAN-OS security policies, traffic that you marked with an on-premises device, or both PAN-OS-marked and on-premise-marked traffic.
- Enable QoS on the service connection or remote network
connection and bind the QoS profile to the connection.The following figure shows the available QoS deployments in Prisma Access.
![]()
