Link Search Menu Expand Document
calendar_month 07-Mar-24

Communication between Central and Prisma Access

For the orchestration to take place, the first step is to enable communication between Central and Palo Alto Strata Cloud Management through APIs. That will allow Central to query for the closest Prisma Access Locations, define Remote Networks, etc.

Preparing Prisma Access

In Palo Alto Strata Cloud Manager we only need to create a Service Account that can be used for the API and ensure there’s Bandwidth allocated to the corresponding Compute Locations.

Service Account

From your Palo Alto account hub create a Service Account for Central to use. You can do so following the steps below:

Step 1 Go to “Common Services > Identity and Access

Step 2 Click on “Add Identity

Step 3 Follow the steps to create a Service Account. When doing so, assign a role with sufficient permissions for the orchestration. Palo Alto recommends assigning the “Network Administrator” role to the Prisma Access + NGFW application.

Prisma Access Role

For more information about Role Based Access in the Palo Alto account hub, please visit the following website:

https://docs.paloaltonetworks.com/common-services/identity-and-access-access-management/manage-identity-and-access

Bandwidth Allocation

The only other other step needed in Prisma Access is the assignment of Bandwidth to the corresponding Compute Locations. To do this, go to Workflows > Prisma Access Setup > Remote Networks > Bandwidth Management in Strata Cloud Manager and assign the necessary bandwidth to the Compute Locations closest to your branch networks.

Bandwidth Management

Preparing Aruba Central

Once Prisma Access is ready, the only step needed to enable the orchestration in Central is to create a Prisma Access account with the corresponding account information. To do this, go to Global > Network Services > Cloud Connect > Config > Accounts > Prisma and click the ‘+’ sign. Select the “Cloud Management Region” being used in Prisma Access and enter the corresponding account details.

Add Prisma Access Account

Note: To check the Cloud Management Region for your Prisma Access account, go to Manage > Configuration > NGFW and Prisma Access in Strata Cloud Manager and look for the General Information card.


Back to top

© Copyright 2024 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Aruba Networks and the Aruba logo are registered trademarks of Aruba Networks, Inc. Third-party trademarks mentioned are the property of their respective owners. To view the end-user software agreement, go to Aruba EULA.