Create a High-Bandwidth Network Using Multiple Service Connections
Table of Contents
Create a High-Bandwidth Network Using Multiple Service Connections
Create a high-bandwidth network for a headquarters or
data center location using multiple service connection.
If you have a headquarters or data center location that
requires additional service connection bandwidth, you can configure
multiple service connections to that location.
Each Prisma Access service connection is not bandwidth capped,
but Palo Alto Networks expects that each service connection can
provide approximately 1 Gbps of throughput. While this bandwidth
is usually sufficient to access internal resources in a headquarters
or data center location, you might have a deployment that requires
additional bandwidth; for example, if you are hosting an internal
or private SaaS application in a data center.
To create a high-bandwidth service connection to a headquarters
or data center site, you onboard the site using multiple service
connections to the same Prisma Access location. The following diagram
shows a Prisma Access remote network deployment with a headquarters
or data center site that has two service connections from the same
Prisma Access location, effectively providing 2 Gbps of bandwidth
between the site and the Prisma Access location.
In addition to the service connections being deployed for high-bandwidth
access, the diagram shows another set of service connections. These
service connections provide normal routing functions for Prisma
Access (in this diagram, they provide internal routing access between
the remote network connections and the high-bandwidth service connections).
Palo Alto Networks recommends that, when you deploy a high-bandwidth
connection, you reserve service connections to provide access to
the resource in the headquarters or data center location only, and
deploy additional service connections to use for internal routing
between remote networks, mobile users, and the resources in the
data center.
Each service connection is active and has its own Service
IP Address; you use that address to terminate the IPSec
tunnel for each service connection. Prisma Access does not limit
the maximum number of service connections you can onboard to a single
headquarters or data center remote network location.
While each service
connection provides approximately 1 Gbps of throughput, the actual
throughput is dependent on several factors, including:
- Traffic mix (for example, frame size)
- Latency and packet loss between the service connection and the headquarters location or data center
- Service provider performance limits
- Customer termination device performance limits
- Other customer data center traffic