Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
Clear
Updated on
Nov 13, 2024
Focus
Home
Prisma
Prisma SD-WAN
Prisma SD-WAN Administrator’s Guide
Download PDF
Prisma SD-WAN Administrator’s Guide
Table of Contents
Filter
Expand all
|
Collapse all
Get Started with Prisma SD-WAN
Prisma SD-WAN Key Elements
Activate and Launch Prisma SD-WAN
Allocate ION Devices for an Existing TSG-enabled User
Prisma SD-WAN Summary
Prisma SD-WAN Application Insights
Device Activity Charts
Site Summary Dashboard
Prisma SD-WAN Predictive Analytics Dashboard
Prisma SD-WAN Link Quality Dashboard
Prisma SD-WAN Subscription Usage
Prisma SD-WAN Sites and Devices
Set Up Sites
Add a Branch
Add a Data Center
Add a Branch Gateway
Configure Circuits
Configure Internet Circuit Underlay Link Aggregation
Configure Private WAN Underlay Link Quality Aggregation
Configure Circuit Categories
Configure Device Initiated Connections for Circuits
Add Public IP LAN Address to Enterprise Prefixes
Site Configuration Template
Create a Site Template
Deploy Site with Template
Device Pre-Staging
Associate a Device with the Shell
Manage Data Center Clusters
Configure a Site Prefix
Configure a DHCP Server
Configure NTP for Prisma SD-WAN
Enable IoT Device Visibility in Prisma SD-WAN
Create an IoT Discovery Profile in Prisma SD-WAN
Attach an IoT Discovery Profile to a Site
Configure IoT SNMP Start Nodes
Set a Source Interface for IoT SNMP Discovery
View Flows Tab
Flow Detail
Flow Decision Bitmap
Flow Decision Data
Set Up Devices
Connect the ION Device
Claim the ION Device
Assign the ION Device
Configure Device Access One-Time Password
Configure the ION Device at a Branch Site
Configure the ION Device at a Data Center
Switch a Site to Control Mode
Allow IP Addresses in Firewall Configuration
Configure Layer 2 Switch Ports
Add a VLAN or Switch Virtual Interface (SVI)
Configure VLAN on Switch Ports
Edit Switch Configurations
Monitor Switch Activity and Statistics
Switch Layer 2/Layer 3 Change Mode
Prisma SD-WAN Ports and Interfaces
Configure a Controller Port
Configure Internet Ports
Configure WAN/LAN Ports
Configure Cellular Interfaces
View Cellular Statistics
Create a Customized APN Profile
Modify Cellular SIM Settings
Manage SIM Operations
Customize Cellular Firmware
Cellular Tab
View Cellular Tab
Cellular Charts
Configure a Sub-Interface
Configure a Loopback Interface
Virtual Interface
Add and Configure a Virtual Interface
Prisma SD-WAN Standard VPN
Configure Data Center (DC-DC) Interconnectivity
Bypass Pair
Configure a Bypass Pair
Configure a Cellular Software Bypass Pair
Configure LAN State Propagation
Configure a PoE Port
Configure and Monitor LLDP Activity and Status
Configure a PPPoE Interface
Configure a Layer 3 LAN Interface
Configure Application Reachability Probes
Configure a Secondary IP Address
Configure a Static ARP
Configure a DHCP Relay
Configure IP Directed Broadcast
VPN Keep-Alives
Use External Services for Monitoring
Configure Prisma SD-WAN IPFIX
Configure IPFIX Profiles and Templates
Configure and Attach a Collector Context to a Device Interface in IPFIX
Configure and Attach a Filter Context to a Device Interface in IPFIX
Configure Global and Local IPFIX Prefixes
Flow Information Elements
Options Information Elements
Configure the DNS Service on the Prisma SD-WAN Interface
Prisma SD-WAN DNS Use Cases
Configure System for DNS Survivability
Syslog Server Support in Prisma SD-WAN
Syslog Flow Export
Configure Syslog Server Support
Configure SNMP
Returned Merchandise Authorization (RMA)
RMA Wizard
Replace a Prisma SD-WAN ION Device
Return the ION Device to Prisma SD-WAN
Upgrade ION Device Software
Schedule Software Upgrade
View Device Software Upgrade Status
Bulk Upgrade ION Device Image Software
Prisma SD-WAN Administrator Authorization and Authentication
Role Based Access Control
System Roles
Add a New User on Prisma SD-WAN
Custom Roles
Create Custom Roles
Assign System or Custom Role
Single Sign On Access using SAML
Request SAML Access
Configure SAML Users and Groups
Map Roles and Permissions
Enable SAML Access to End Users
Client Authentication using 802.1x/MAC
Add the RADIUS Server
Supported RADIUS Attribute Value Pairs (AVPs)
Audit Logs
Work with Audit Logs
Prisma SD-WAN Branch and Data Center Routing
Prisma SD-WAN Branch Routing
Prisma SD-WAN Data Center Routing
Configure a Static Route
Configure NextHop Reachability Probe
Configure Dynamic Routing
Configure an OSPF in Prisma SD-WAN
Enable BGP for Private WAN and LAN
Configure BGP Global Parameters
Global or Local Scope for BGP Peers
Configure a BGP Peer
Configure a Route Map
Configure a Prefix List
Configure an AS Path List
Configure an IP Community List
View Routing Status and Statistics
Prisma SD-WAN Multicast Routing
Configure Multicast
Create a WAN Multicast Configuration Profile
Assign WAN Multicast Configuration Profiles to Branch Sites
Configure a Multicast Source at a Branch Site
Configure Global Multicast Parameters
Configure a Multicast Static Rendezvous Point (RP)
Learn Rendezvous Points (RPs) Dynamically
View LAN Statistics for Multicast
View WAN Statistics for Multicast
View IGMP Membership
View the Multicast Route Table
View Multicast Flow Statistics
View Routing Statistics
Prisma SD-WAN VRF
Configure a VRF Profile in Prisma SD-WAN
Prisma SD-WAN Stacked Policies
Migrate Original Policy Sets to Stacked Policy Sets
Simple Path and QoS Stacks
Add Simple Path or QoS Stacks
Advanced Path and QoS Stacks
Add Advanced Path or QoS Stacks
Add QoS Policy Sets
Add QoS Policy Rules
Add a Path Policy Set
Add a Path Policy Rule
Configure User-ID based Policy Rules
L3 Failure Paths
Minimize Metered LTE Usage
Configure Default Path Policy Rule for IPv6
Bind Path or QoS Stacks to Sites
Custom Applications and System Application Overrides
Configure Custom Applications
Configure System Application Overrides
Service and Data Center Groups
Add a Standard VPN Endpoint
Add Groups
Add Domains
Bind Domain to Sites
Use Prisma SD-WAN Data Center Endpoints
Use Service Endpoint Groups in Policies
Configure Network Contexts
Attach Network Contexts to LANs
Configure Circuit Capacities
Configure DSCP
Prefixes
Configure Global Prefixes
Configure Local Prefixes
Configure Syslog Profiles
Prisma SD-WAN Stacked Security Policies
Add a Security Policy Stack
Add Stacked Security Policy Sets
Add a Stacked Security Policy Rule
Add a Security Policy Set to a Security Stack
Bind Security Stacks to Sites
Add Security Zones for Stacked Security Policies
Bind Security Zones to Sites and Devices
Bind Security Zones to Sites
Bind Security Zones to Interfaces
Configure Security Prefixes
Attach Local Security Prefixes to Sites
Monitor Security Policy Rules
Security Policy Migration
Prisma SD-WAN Performance Policy
Performance Policy Default Behavior
Add Performance Policy Stack
Add Performance Policy Set
Add Performance Policy Rules
Add Performance Policy SLA
Configure Probes
Monitor Probes
Best Practices and Recommendations
Performance Policy Use Cases
Use Case 1 - Protect a Business Critical SaaS Application
Use Case 2 - Protect a Business Critical Enterprise Application
Use Case 3 - Protect Physical Security on LEO Satellite and 5G
Use Case 4 - Protect An Enterprise Voice Application
Prisma SD-WAN Security Policies
Prisma SD-WAN Security Architecture
Prisma SD-WAN ZBFW
ZBFW Contructs
ZBFW Application
ZBFW Prefix Filters
ZBFW Zones
Security Policy Sets
Security Policy Rules
Actions
Configure Security Policies
Create Zones
Bind Zones to Sites and Devices
Bind Zones to Sites
Bind Zones to Devices
Create Prefix Filters
Create a Security Policy Set
Create Security Policy Rules
Bind a Security Policy Set to a Site
Modify and Delete Policy Rules and Sets
Change Security Rule Order
Manage Existing Security Policy Rules
Edit a Security Policy Set
Clone a Security Policy Set
Delete a Security Policy Set
Prisma SD-WAN NAT Policies
Add a NAT Stack
Add NAT Policy Sets
Add a NAT Policy Rule
Add a NAT Policy Set to a NAT Stack
Bind NAT Stacks to Sites
Configure NAT Zones
Bind NAT Zones to Interfaces
Configure NAT Pools
Bind NAT Pools to Interfaces
Configure NAT Prefixes
Use Cases
Default Source NAT
Destination NAT
Static NAT
ALG Disable
Prisma SD-WAN Incident Policies
Prisma SD-WAN Branch High Availability
Prisma SD-WAN Branch HA Key Concepts
Configure Branch HA
Configure HA Groups
Configure a High Availability (HA) Interface for HA Deployment
Configure a Switch Virtual Interface (SVI) for HA Connectivity
Configure a Sub-interface for HA Connectivity
Configure a Main Interface for HA Connectivity
Add ION Devices to HA Groups
View Device Configuration of HA Groups
Edit HA Groups and Group Membership
Branch HA Topologies
Configure Branch HA with Gen-1 Platforms (2000, 3000, 7000, and 9000)
Configure Branch HA with Gen-2 Platforms (3200, 5200, and 9200)
Configure Branch HA with Gen-2 Embedded Switch Platforms (1200-S or 3200-L2)
Configure Branch HA for Devices with Software Cellular Bypass (1200-S-C-5G)
Configure Branch HA for Platforms without Bypass Pairs
Configure Branch HA in a Hybrid Topology with Gen-1 (3000) and Gen-2 (3200) Platforms
Prisma SD-WAN Clarity Reports
WAN Clarity Branch Reports
WAN Clarity Data Center Reports
WAN Clarity Aggregate On-Demand Bandwidth Reports
Prisma SD-WAN SASE Easy Onboarding
Configure SASE Connectivity
Connect a Single Prisma SD-WAN Site to Prisma Access
Connect Multiple Prisma SD-WAN Sites to Prisma Access
Edit Application Policy Network Rules
Understand Service and Data Center Groups
Verify Standard VPN Endpoints
Configure Standard Groups
Assign Domains to Sites
Prisma SD-WAN Incidents and Alerts
Prisma SD-WAN Device and Tenant Management
Multi-Tenancy
Prisma SD-WAN MSP Dashboard
Monitor Tenant Devices
Monitor Tenant Branches
Monitor Tenant Alarms
Access Child Tenants
Device Lifecycle
Tenant Types
MSP Account Roles and Permissions
Add a User Role in the Child Tenant
Manage Devices for Client Tenants
Manage System Administration in the MSP Portal
Welcome to the Prisma SD-WAN Administrator's Guide!
Get Started
Get Started with Prisma SD-WAN
Read Now
Prisma SD-WAN Sites and Devices
Read Now
Prisma SD-WAN Administrator Authorization and Authentication
Read Now
Prisma SD-WAN Device and Tenant Management
Read Now
Policies
Prisma SD-WAN Branch and Data Center Routing
Read Now
Prisma SD-WAN NAT Policies
Read Now
Prisma SD-WAN Stacked Policies
Read Now
Prisma SD-WAN Incident Policies
Read Now
Prisma SD-WAN Security Policies
Read Now
Prisma SD-WAN Branch High Availability
Read Now
Monitoring and Reporting
Prisma SD-WAN Incidents and Alerts
Read Now
Prisma SD-WAN WAN Clarity Reports
Read Now
Prisma SD-WAN Incidents and Alerts Event Codes
Read Now