Prisma Access requires a service infrastructure that uses an infrastructure subnet you specify. Prisma Access uses the IP addresses within this subnet to establish the network backbone that connects your remote sites, mobile users, headquarters and data center (if applicable).

To Enable the Service Infrastructure in the cloud for your remote network locations and mobile users, you must provide a subnet that Prisma Access uses to establish a network infrastructure between your remote network locations, mobile users, and service connections to your headquarters/data center (if applicable). The IP addresses in this subnet also enable Prisma Access to determine the service routes for services such as LDAP, DNS, or SCEP, as well as enable other inter-service communication. Because a large number of IP addresses will be required to set up the infrastructure, you must use a /24 subnet (for example, 172.16.55.0/24) at a minimum. This subnetwork will be an extension to your existing network or with the IP address pools you assign for Prisma Access for users. If you have a large number of mobile users, branch offices, or both, provide a larger infrastructure subnet.