Simplify and Automate Prisma SD-WAN to AWS Through the Prisma CloudBlades Platform

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Team Member

Prisma SD-WAN-AWS_LIVEcommunity.jpg


Traditional SD-WAN solutions are falling behind—which is why Palo Alto Networks created the industry’s first ML-powered SD-WAN solution for the cloud-ready digital enterprise. Read on to discover why this new integration provides a simple and automated way to extend your Prisma SD-WAN fabric (previously known as CloudGenix SD-WAN) to AWS through the Prisma CloudBlades platform.


Branch-to-Cloud Access Made Simple

As organizations embrace the cloud more and more, they've come to realize that legacy SD-WAN solutions no longer comply and their WAN infrastructures are in need of a complete transformation. They need a next-generation SD-WAN solution that is purpose-built, based on SDN principles with robust API support, and allows them to operate and innovate at cloud-scale and pace. Enter Prisma SD-WAN.


The integration of Prisma SD-WAN and the AWS Transit Gateway Connect enables organizations to connect branches and users with applications at AWS in an easier, more automated, and efficient way. The integration ultimately translates to greater productivity and reduced costs through the Prisma CloudBlades platform.


Prior to this, CloudGenix customers could deploy virtual CloudGenix IONs through our AWS CloudFormation template-based Prisma SD-WAN ION Virtual Appliance marketplace listing, using either the greenfield or the brownfield deployment model.


There are several ways to connect on-premises networks with these central hubs. All of these options, however, come with trade-offs, including additional operational complexity, administrative overhead, and scalability challenges. (Check out the blog Extend CloudGenix SD-WAN to AWS Seamlessly for details.)


AWS Transit Gateway CloudBlade to the Rescue

Thanks to the flexibility of the Prisma CloudBlades platform and AWS’s robust API support for Transit Gateway Connect, we were able to develop a new CloudBlade: the AWS Transit Gateway Connect CloudBlade.  


The major advantage of this newly developed CloudBlade is that network administrators don’t need to worry about IPsec parameters, PSK management, BGP configuration, routing scale, VPN attachments, or vION deployments. All they have to do is express their intent in the CloudBlade configuration screen regarding where to extend the connectivity and, if they so choose, adjust the characteristics of the policies attached to the Prisma SD-WAN branch sites.




A Native Integration that Automates Connectivity and Simplifies Operations

The new AWS Transit Gateway Connect attachment provides native integration with Prisma SD-WAN vIONs to simplify configuration and improve the overall scalability of the solution. 


GRE tunnels are now supported between the Transit Gateway and the IONs, which enables greater performance beyond the 1.25 Gbps originally supported with the IPsec tunnels. Scalability is also improved by incrementing the number of routes allowed. Ultimately, the route management is simplified, and the routing scale across the hybrid environments is further improved.





Read more:


Feel free to share your questions, comments and ideas in the section below!


Thank you for taking time to read this blog.

Don't forget to hit the Like (thumbs up) button and to Subscribe to the LIVEcommunity Blog area.


Kiwi out!

Register or Sign-in
Top Liked Authors