Link Search Menu Expand Document
calendar_month 28-Sep-24

Communication between Central and Prisma Access

For the orchestration to take place, the first step is to enable communication between Central and Palo Alto Strata Cloud Management through APIs. That will allow Central to query for the closest Prisma Access Locations, define Remote Networks, etc.

Preparing Prisma Access

In Palo Alto Strata Cloud Manager we only need to create a Service Account that can be used for the API and ensure there’s Bandwidth allocated to the corresponding Compute Locations.

Service Account

From your Palo Alto account hub create a Service Account for Central to use. You can do so following the steps below:

Step 1 Go to “Common Services > Identity and Access

Step 2 Click on “Add Identity

Step 3 Follow the steps to create a Service Account. When doing so, assign a role with sufficient permissions for the orchestration. Palo Alto recommends assigning the “Network Administrator” role to the Prisma Access + NGFW application.

Prisma Access Role

For more information about Role Based Access in the Palo Alto account hub, please visit the Manage Identity and Access website.

Bandwidth Allocation

The only other other step needed in Prisma Access is the assignment of Bandwidth to the corresponding Compute Locations. To do this, go to Workflows > Prisma Access Setup > Remote Networks > Bandwidth Management in Strata Cloud Manager and assign the necessary bandwidth to the Compute Locations closest to your branch networks.

Bandwidth Management

Preparing Aruba Central

Once Prisma Access is ready, the only step needed to enable the orchestration in Central is to create a Prisma Access account with the corresponding account information. To do this, go to Global > Network Services > Cloud Connect > Config > Accounts > Prisma and click the ‘+’ sign. Select the “Cloud Management Region” being used in Prisma Access and enter the corresponding account details.

Add Prisma Access Account

Note: To check the Cloud Management Region for your Prisma Access account, go to Manage > Configuration > NGFW and Prisma Access in Strata Cloud Manager and look for the General Information card.