Default Routes with Traffic Steering and Dedicated Service Connection Example
Focus
Focus

Default Routes with Traffic Steering and Dedicated Service Connection Example

Table of Contents

Default Routes with Traffic Steering and Dedicated Service Connection Example

Use traffic steering with default routes and a dedicated service connection.
In this example, in addition to the previous configuration, you have a third-party internet security service, and you want to send traffic from box.com to be processed by the security service before egressing to the internet. You do not want to send any other internet-bound traffic to the security service; for this reason, you create a dedicated service connection for the box.com traffic. After your configuration is complete, Prisma Access sends *.box.com destination traffic to the stack.
To enable this deployment, you perform the following actions in the Traffic Steering tab:
  • Create a Target Service Connection group that assigns one or more service connections to the target and select Dedicated for Traffic Steering Only, which makes the target service connection or connections dedicated.
    If you create a target with more than one service connection, Prisma Access chooses the best service connection to forward the internet-bound traffic.
  • Create a traffic steering rule that forwards traffic to the URL. The following screenshot shows the traffic destination being assigned a custom URL category that contains the URL *.box.com.
  • Create an Action in the traffic steering rule of Forward to the target and specify the target group name you created (dedicated in this case).