Create an All-New Multitenant Deployment
Focus
Focus

Create an All-New Multitenant Deployment

Table of Contents

Create an All-New Multitenant Deployment

How to create a multitenant and don’t have an existing Prisma Access configuration, follow these rules.
If you want to create a multitenant deployment and don’t have an existing Prisma Access configuration, you can Enable Multitenancy and add your tenants; then configure the tenants after you create them.
If you have an existing single-tenant deployment and want to migrate to a multitenant deployment, use the workflow to enable multitenancy and migrate the first tenant.
When you create the first tenant with no existing configuration, make sure of the following differences and guidelines to follow:
  • Since there is no configuration to move over, Prisma Access creates templates, template stacks, and device groups for each tenant and associates them to the access domain you create during tenant creation. See Multitenancy Configuration Overview for the naming convention that Prisma Access uses.
  • Optionally, after you create the tenant-level access domain, you could create an administrative user that allows administration for a single tenant by associating an administrator with the access domain.
  • If you have any existing templates or device groups (for example, templates from an on-premises device that is managed by Panorama that should also be used by Prisma Access), be sure to add those device groups and templates domains to the Access Domain when you create and configure it. If you do not add device groups and templates to the access domain, you cannot view or select them when you configure the Prisma Access components in the Cloud Services plugin.