Create an All-New Multitenant Deployment
How to create a multitenant and don’t have an existing
Prisma Access configuration, follow these rules.
If you want to create a multitenant deployment
and don’t have an existing Prisma Access configuration, you can Enable Multitenancy and
add your tenants; then, then configure the tenants after you create
them. When you create the first tenant with no existing configuration,
make sure of the following differences and guidelines to follow:
Since there is no configuration to move over, Prisma
Access creates templates, template stacks, and device groups for
each tenant and associates them to the access domain you create
during tenant creation. See
Multitenancy Configuration Overview for the naming convention
that Prisma Access uses.
Optionally, after you create the tenant-level access domain,
you could
create an administrative
user that allows administration for a single tenant by associating
an administrator with the access domain.
If you have any existing templates or device groups (for
example, templates from an on-premises device that is managed by
Panorama that should also be used by Prisma Access), be sure to
add those device groups and templates domains to the Access
Domain when you create and configure it. If you do not
add device groups and templates to the access domain, you cannot
view or select them when you configure the Prisma Access components
in the Cloud Services plugin.
