Update - We have consolidated the Prisma Access Insights app that enables you to monitor the health and performance of your Prisma Access environment, with the Prisma Access App. This update provides operational simplicity with a single pane of glass to securely manage and monitor your Prisma Access deployments. Please login to the Hub and navigate to Insights within the Prisma Access App. If you have bookmarked the URL for Insights, we will redirect you to the Hub.
Mar 2, 03:26 UTC
Mar 2, 03:26 UTC
Monitoring - Scheduled: We are consolidating the Prisma Access Insights app that enables you to monitor the health and performance of your Prisma Access environment within the “Prisma Access” app. This migration offers operational simplicity by providing a single pane of glass to securely manage and monitor your Prisma Access deployments. You can continue to access the Prisma Access Insights app during this integration and migration process.
Starting March 1st, 2021, the Prisma Access Insights will be consolidated with the “Prisma Access” app and will no longer be available as a standalone app on the hub. You will be able to login to the hub and access the “Prisma Access app” to monitor the health and performance of your Prisma Access environment. If you have bookmarked the URL for Prisma Access Insights, we will redirect you to the hub.
Feb 8, 19:22 UTC
Starting March 1st, 2021, the Prisma Access Insights will be consolidated with the “Prisma Access” app and will no longer be available as a standalone app on the hub. You will be able to login to the hub and access the “Prisma Access app” to monitor the health and performance of your Prisma Access environment. If you have bookmarked the URL for Prisma Access Insights, we will redirect you to the hub.
Feb 8, 19:22 UTC
Monitoring - A fix has been implemented and we are monitoring the results.
Mar 1, 18:00 UTC
Mar 1, 18:00 UTC
Identified - Prisma Access is experiencing an issue with intermittent packet drops for inter service connection customer traffic. We are aware of the issue and are working on a resolution.
Mar 1, 16:53 UTC
Mar 1, 16:53 UTC
Monitoring - Palo Alto Networks will be implementing IP address optimizations throughout 2021 to improve the overall experience for our Prisma Access customers. Please read more about it here.
Feb 22, 23:30 UTC
Feb 22, 23:30 UTC
Monitoring - Scheduled: Our goal is to minimize the impact on your network traffic, and we make every effort to perform the upgrades at a time that is minimally disruptive to your organization.
With this data-plane upgrade, you will have the flexibility to select which Prisma Access location(s) to first perform the Dataplane upgrade along with the upgrade time window. A walkthrough of the upgrade process is available here.
To receive active communication on your Dataplane upgrade schedule, provide your upgrade preference and receive notifications during the upgrade process, you must subscribe to Insights notifications. If you have already subscribed to receive alert notifications on Insights before Feb 26th, 2021 you will be notified 21 days before the scheduled Dataplane upgrade via email notifications and Insights alerts.
Before the upgrade, please take the following action for IP Allow Listing:
Please continue to allow list both your Active and Reserved Public IPs in all of your local and 3rd party/SaaS IP allow lists. As a reminder, your current IPs can be obtained by using the API. Documentation on how to use the API can be found here.
If you use Panorama to manage the Prisma Access environment, after all your Prisma Access locations have been upgraded, a new Cloud Services plugin will become available to you. Once available, you have 15 days to upgrade your existing plugin.
Feb 26, 18:35 UTC
With this data-plane upgrade, you will have the flexibility to select which Prisma Access location(s) to first perform the Dataplane upgrade along with the upgrade time window. A walkthrough of the upgrade process is available here.
To receive active communication on your Dataplane upgrade schedule, provide your upgrade preference and receive notifications during the upgrade process, you must subscribe to Insights notifications. If you have already subscribed to receive alert notifications on Insights before Feb 26th, 2021 you will be notified 21 days before the scheduled Dataplane upgrade via email notifications and Insights alerts.
Before the upgrade, please take the following action for IP Allow Listing:
Please continue to allow list both your Active and Reserved Public IPs in all of your local and 3rd party/SaaS IP allow lists. As a reminder, your current IPs can be obtained by using the API. Documentation on how to use the API can be found here.
If you use Panorama to manage the Prisma Access environment, after all your Prisma Access locations have been upgraded, a new Cloud Services plugin will become available to you. Once available, you have 15 days to upgrade your existing plugin.
Feb 26, 18:35 UTC
Investigating - We have a planned service maintenance for Prisma Cloud in the following regions scheduled for February, date 21, year 2021 from 08:00 AM UTC to 11:00 AM UTC
For more information, view release notes: https://docs.twistlock.com/docs/releases/release-information/latest.html
During this scheduled maintenance, customers may experience intermittent failures across services as they get upgraded.
Feb 16, 08:21 UTC
For more information, view release notes: https://docs.twistlock.com/docs/releases/release-information/latest.html
During this scheduled maintenance, customers may experience intermittent failures across services as they get upgraded.
Feb 16, 08:21 UTC
Monitoring - Prisma Access Insights, the app to monitor the health and performance of your Prisma Access environment, is in public beta! And we have improved usability and performance based on your feedback. If you have not tried it yet, we invite you again to get the app from the hub.
Nov 6, 18:16 UTC
Nov 6, 18:16 UTC
Identified - The issue has been identified and a fix is being implemented.
Nov 12, 21:22 UTC
Nov 12, 21:22 UTC
Investigating - Because of the fast-paced release of Prisma Access and the Cloud Services plugin, Palo Alto Networks occasionally specifies earlier versions of Panorama as end-of-support (EoS) to ensure compatibility with Prisma Access. To allow you sufficient time to plan for Panorama upgrades, use the following dates to learn when the software version of the Panorama appliance that manages Prisma Access is no longer compatible with Prisma Access. Refer to the Prisma Access and Panorama Version Compatibility section of the Prisma Access (Panorama Managed) Administrator's Guide for more information.
Tip: To find the latest EoS compatibility information for your Panorama with Prisma Access, log in to the Panorama appliance that manages Prisma Access, select the Service Setup page (Panorama > Cloud Services > Configuration > Service Setup), and view the information in the Panorama Alert section.
February 1, 2021 - If you are running the Cloud Services plugin 1.7, Panorama Version 9.0 is end-of-support for compatibility with Prisma Access. Before this date, you must upgrade your Panorama version to 9.1.2 or later.
Note: While the Cloud Services plugin 1.7 supports Panorama 9.0 versions until February 1, 2021, any version of the Cloud Services plugin after 1.7 requires a minimum version of 9.1.2 before installation.
August 20, 2021 - Panorama Version 9.1 is end-of-support for compatibility with Prisma Access. Before this date, you must upgrade your Panorama to a version that is later than 9.1.x. Palo Alto Networks will update its technical documentation with more specific upgrade guidelines as newer Panorama software releases become generally available.
Refer to this Live Community article for more information.
Jun 30, 20:58 UTC
Tip: To find the latest EoS compatibility information for your Panorama with Prisma Access, log in to the Panorama appliance that manages Prisma Access, select the Service Setup page (Panorama > Cloud Services > Configuration > Service Setup), and view the information in the Panorama Alert section.
February 1, 2021 - If you are running the Cloud Services plugin 1.7, Panorama Version 9.0 is end-of-support for compatibility with Prisma Access. Before this date, you must upgrade your Panorama version to 9.1.2 or later.
Note: While the Cloud Services plugin 1.7 supports Panorama 9.0 versions until February 1, 2021, any version of the Cloud Services plugin after 1.7 requires a minimum version of 9.1.2 before installation.
August 20, 2021 - Panorama Version 9.1 is end-of-support for compatibility with Prisma Access. Before this date, you must upgrade your Panorama to a version that is later than 9.1.x. Palo Alto Networks will update its technical documentation with more specific upgrade guidelines as newer Panorama software releases become generally available.
Refer to this Live Community article for more information.
Jun 30, 20:58 UTC
Identified - Urgent message for Cortex Data Lake customers with firewalls onboarded via Panorama. Please read this Customer Advisory for more information. https://live.paloaltonetworks.com/t5/customer-advisories/panorama-on-boarded-firewall-certificate-issue-cortex-data-lake/ta-p/328630
May 19, 18:14 UTC
May 19, 18:14 UTC
Prisma Access: Minimum Panorama Version Changing to 9.0.4 or 9.1.1 on June 9, 2020 00:00 UTC
Subscribe
Update - We are continuing to work on a fix for this issue.
Jun 16, 00:02 UTC
Jun 16, 00:02 UTC
Identified - Starting June 9, 2020 00:00 UTC, Prisma Access deployments using the Cloud Services 1.5 plugin are not supported for use with Prisma Access, and you will not be able to make any changes or commits with the Cloud Services 1.5 plugin. The Cloud Services plugin 1.6 requires Panorama version 9.0.4 and later or 9.1.1 and later; however, for 9.1.x Panorama upgrades, do not upgrade your Panorama to 9.1.x until you install the Cloud Services plugin 1.6 because the 1.4 or 1.5 plugins do not support PAN-OS 9.1.x. You must upgrade the Cloud Services plugin version to 1.6 before upgrading your Panorama to 9.1.1.
If you have additional questions, please contact your Palo Alto Networks representative.
For more information, see the Palo Alto Networks Live article at Prisma Access Panorama Version Upgrade Required
May 29, 09:53 UTC
If you have additional questions, please contact your Palo Alto Networks representative.
For more information, see the Palo Alto Networks Live article at Prisma Access Panorama Version Upgrade Required
May 29, 09:53 UTC
Monitoring - To promote public health during the COVID-19 outbreak and reduce unnecessary exposure to risk, you may have elected to support your workforce to work from home. If you have a large number of employees working remotely, Prisma Access for Mobile Users provides a scalable way for your remote workers to securely access your organization’s applications and resources - both cloud-based and on-site.
When a large number of mobile users concurrently access a Prisma Access location, Prisma Access detects the increase in mobile users and adds a gateway to accommodate the additional users and enable a steady, predictable performance (also known as an auto-scale event). If you expect that a large number of users will be accessing Prisma Access, Palo Alto Networks recommends the following best practices:
- Make sure that your mobile user IP address pool is sufficient. As a guideline, verify that you have at least twice the number of IP addresses in the pool than the number of user devices that will connect to Prisma Access. This over-allocation ensures that enough IP addresses are available for auto-scale events. If you cannot allocate a sufficiently large IP address pool, contact Palo Alto Networks support to review an alternate design, which may include deploying a NAT policy in your data center.
- Proactively whitelist both the active and reserved gateway and portal IP addresses, so that your users do not lose any connectivity, if you whitelist Prisma Access IP addresses on your network.
To whitelist the gateway and portal IP addresses, run the API script and run commands with a serviceType of gp_gateway and gp_portal and an addrType of active (to get the currently-active gateway and portal addresses) and reserved (to get the IP addresses that are held in reserve for activation on a scaling event).
You can also set up a mechanism to be notified of IP address changes when Prisma Access auto-scales to support the increase in demand. If you have a script running on a web server that can process HTTP Post Notifications, add an IP Change Event Notification URL so that you are notified of changes to IP addresses. You can then re-run the API script to retrieve the new addresses, on-demand.
- Exclude video traffic, which uses high bandwidth and is a low security risk, from being sent to Prisma Access. GlobalProtect provides several configuration options to exclude video streaming traffic from being tunneled to Prisma Access. This configuration ensures prioritization of traffic for business critical applications. The following are some examples for video traffic exclusion:
-- Lower-risk video streaming applications such as YouTube or Netflix
-- Low-risk client applications such as RingCentral
-- Traffic destined to a specified domain name
Mar 13, 19:58 UTC
When a large number of mobile users concurrently access a Prisma Access location, Prisma Access detects the increase in mobile users and adds a gateway to accommodate the additional users and enable a steady, predictable performance (also known as an auto-scale event). If you expect that a large number of users will be accessing Prisma Access, Palo Alto Networks recommends the following best practices:
- Make sure that your mobile user IP address pool is sufficient. As a guideline, verify that you have at least twice the number of IP addresses in the pool than the number of user devices that will connect to Prisma Access. This over-allocation ensures that enough IP addresses are available for auto-scale events. If you cannot allocate a sufficiently large IP address pool, contact Palo Alto Networks support to review an alternate design, which may include deploying a NAT policy in your data center.
- Proactively whitelist both the active and reserved gateway and portal IP addresses, so that your users do not lose any connectivity, if you whitelist Prisma Access IP addresses on your network.
To whitelist the gateway and portal IP addresses, run the API script and run commands with a serviceType of gp_gateway and gp_portal and an addrType of active (to get the currently-active gateway and portal addresses) and reserved (to get the IP addresses that are held in reserve for activation on a scaling event).
You can also set up a mechanism to be notified of IP address changes when Prisma Access auto-scales to support the increase in demand. If you have a script running on a web server that can process HTTP Post Notifications, add an IP Change Event Notification URL so that you are notified of changes to IP addresses. You can then re-run the API script to retrieve the new addresses, on-demand.
- Exclude video traffic, which uses high bandwidth and is a low security risk, from being sent to Prisma Access. GlobalProtect provides several configuration options to exclude video streaming traffic from being tunneled to Prisma Access. This configuration ensures prioritization of traffic for business critical applications. The following are some examples for video traffic exclusion:
-- Lower-risk video streaming applications such as YouTube or Netflix
-- Low-risk client applications such as RingCentral
-- Traffic destined to a specified domain name
Mar 13, 19:58 UTC
About This Site
This page provides status information on Palo Alto Networks Cloud Services.
AutoFocus
Operational
Cortex Data Lake
Operational
Americas
Operational
Europe
Operational
United Kingdom
Operational
Singapore
?
Operational
Canada
?
Operational
Japan
?
Operational
Australia
?
Operational
Federal
?
Operational
Cortex XDR
Operational
Europe
Operational
Americas
Operational
United Kingdom
Operational
Singapore
Operational
Japan
Operational
Canada
Operational
Australia
Operational
Federal
Operational
DNS Security
Operational
DLP
Operational
Prisma SaaS DLP - NAM
?
Operational
Prisma SaaS DLP - EU
Operational
Prisma SaaS DLP - APAC
Operational
Prisma Access DLP
?
Operational
Prisma Cloud DLP
?
Operational
DLP (NGFW) APAC
Operational
DLP (NGFW) EU
Operational
DLP (NGFW) NAM
Operational
Device Insights
Operational
Directory Sync Service
Operational
Americas
Operational
Europe
Operational
United Kingdom
Operational
Singapore
Operational
Canada
Operational
Japan
Operational
Australia
Operational
Explore
?
Operational
Hub
?
Operational
IOT Security
Operational
IOT Security App (US)
Operational
IOT Security Service NGFW (US)
Operational
IoT Security Government
Operational
PAN-DB Cloud
Operational
Prisma Access
Operational
Americas-Argentina
Operational
Americas-Bolivia
Operational
Americas-Brazil Central
Operational
Americas-Brazil East
Operational
Americas-Brazil South
Operational
Americas-Canada Central
Operational
Americas-Canada East
Operational
Americas-Canada West
Operational
Americas-Chile
Operational
Americas-Colombia
Operational
Americas-Costa Rica
Operational
Americas-Ecuador
Operational
Americas-Mexico Central
Operational
Americas-Mexico West
Operational
Americas-Panama
Operational
Americas-Paraguay
Operational
Americas-Peru
Operational
Americas-US Central
Operational
Americas-US East
Operational
Americas-US Northeast
Operational
Americas-US Northwest
Operational
Americas-US South
Operational
Americas-US Southeast
Operational
Americas-US Southwest
Operational
Americas-US West
Operational
Americas-Venezuela
Operational
APAC-Australia East
Operational
APAC-Australia South
Operational
APAC-Australia Southeast
Operational
APAC-Bangladesh
Operational
APAC-Cambodia
Operational
APAC-Hong Kong
Operational
APAC-India North
Operational
APAC-India South
Operational
APAC-India West
Operational
APAC-Indonesia
Operational
APAC-Japan Central
Operational
APAC-Japan South
Operational
APAC-Malaysia
Operational
APAC-Myanmar
Operational
APAC-New Zealand
Operational
APAC-Pakistan South
Operational
APAC-Pakistan West
Operational