Get Notifications When Prisma Access IP Addresses Change
Focus
Focus
Prisma Access

Get Notifications When Prisma Access IP Addresses Change

Table of Contents

Get Notifications When Prisma Access IP Addresses Change

Set up a notification to be informed of when Prisma Access IP addresses change.
Where Can I Use This?What Do I Need?
  • Prisma Access (Managed by Panorama)
To be notified of public IP address changes for remote networks and loopback IP address changes for service connections, remote network connections, and mobile users, you can specify a URL at which you can be alerted of a change. Prisma Access uses an HTTP POST request to send the notification. This POST request includes the following notification data in JSON format:
  {"addrType": "public_ip", "addrChangeType": "add", "utc_timestamp": "2019-01-31 23:08:19.383894", "text": "Address List Change Notification"}
  {"addrType": "public_ip", "addrChangeType": "delete", "utc_timestamp": "2019-01-31 23:13:35.882151", "text": "Address List Change Notification"}
  {"addrType": "loopback_ip", "addrChangeType": "update", "utc_timestamp": "2019-01-31 23:29:27.100329", "text": "2018-05-11 23:29:27.100329"}
When you receive a notification, you must follow a two-step process. First, you must manually or program to retrieve the IP or loopback addresses. Then, you must update the IP addresses in your organization’s appropriate allow list to ensure that users do not experience any disruption in service.
Prisma Access sends this notification a few seconds before the new IP address becomes active. We recommend that you use automation scripts to both retrieve and add the new IP addresses to an allow list in your network.
To add an IP notification URL, complete the following task.
  1. Select PanoramaCloud ServicesConfigurationService Setup.
  2. Add an IP Change Event Notification URL where you can be notified of IP address changes in your Prisma Access infrastructure.
    You can specify an IP address or an FQDN to an HTTP or HTTPS web service that is listening for change notifications. Prisma Access sends these notifications from the internet using a public IP address.
    You do not need to commit your changes for the notification URL to take effect.