Default Routes with Traffic Steering and Dedicated Service
Connection Example
Use traffic steering with default routes and a dedicated
service connection.
In this example, in addition to the previous configuration,
you have a third-party internet security service, and you want to
send traffic from box.com to be processed by the security service
before egressing to the internet. You do not want to send any other
internet-bound traffic to the security service; for this reason,
you create a dedicated service connection for the box.com traffic.
After your configuration is complete, Prisma Access sends *.box.com
destination traffic to the stack.
To enable this deployment, you perform the following actions
in the Traffic Steering tab:
Create a Target Service Connection group that assigns
one or more service connections to the target and select Dedicated
for Traffic Steering Only, which makes the target service
connection or connections dedicated.
If you create a
target with more than one service connection, Prisma Access chooses
the best service connection to forward the internet-bound traffic.
Create a traffic steering rule that forwards traffic to the
URL. The following screenshot shows the traffic destination being
assigned a custom URL category that contains the URL *.box.com.
Create an Action in the traffic steering
rule of Forward to the target and specify
the target group name you created (dedicated in
this case).