Update - We are continuing to work on a fix for this issue.
Oct 1, 19:06 UTC
Update - We are continuing to work on a issue. Some customer scans are also impacted at this time.
Oct 1, 19:05 UTC
Identified - We have reports of degraded performance in UI or UI showing up as empty. We are looking into this issue for a few customers in NAM
Sep 30, 15:29 UTC
Update - The enforcement date for upgrading the 1.7 plugin has been moved to October 15th, 2020. Prisma Access customers must upgrade the current plugin to the latest 1.7 plugin by this date.
Oct 1, 03:12 UTC
Update - The release of the new compute region in South Africa has been delayed. The new compute region for South Africa West location will be available on October 1st, 2020 with the 1.7 plugin. Until then, customers can use both locations in South Africa with existing mapping to the compute region in EU.
Sep 21, 23:07 UTC
Update - The phased rollout for the Cloud Services plugin 1.7 is planned starting September 8, 2020. When the new plugin is available for you, you will receive a notification on the Customer Support Portal and an alert will be generated on Prisma Access Insights. After you receive the notification to install the plugin, you have until October 1, 2020 to complete the installation.
Sep 8, 23:56 UTC
Update - Prisma Access 1.7 plugin GA has been postponed and the new tentative GA date is September 8, 2020. Prisma Access customers will have until September 21, 2020 to upgrade the plugin on Panorama.
Sep 1, 00:51 UTC
Investigating - To support the upcoming Prisma Access release 1.7, Palo Alto Networks will perform the following infrastructure and dataplane upgrades during the following dates and times:

Prisma Access Infrastructure Upgrade - Completed

Prisma Access Dataplane Upgrade - From August 28, 2020 at 13:00 UTC to August 31, 2020 12:00 UTC.

Palo Alto Networks makes every effort to perform the upgrades at a time that is minimally disruptive to your organization. Our goal is to minimize the impact to network traffic, but in some cases there may be a brief interruption.

What you need to do before the upgrade:

Retrieve the active and reserved addresses used for Prisma Access deployments and add them to your allow lists.

After the infrastructure upgrade, Prisma Access may change the active IP addresses to reserved IP addresses and vice versa, and you must add the reserved IP addresses to your allowed lists before Prisma Access performs the upgrade to minimize disruption to your users during this upgrade.

(Optional) Upgrade your Panorama to 9.1, if you want to take advantage of new PAN-OS 9.1 features available in this release.

Panorama 9.0 will be supported until November 20, 2020, but you will not be able to use PAN-OS 9.1 features with Prisma Access if the Panorama that manages Prisma Access is running a version of 9.0. Panorama 10.0 is supported by Prisma Access at this time.

The tentative date for the release of Cloud Services plugin 1.7 is September 8, 2020. After the plugin is released, you will have until September 21, 2020 to upgrade your existing plugin.

Prisma Access reserves the following time windows for each date to upgrade the dataplane for the following regions:





































RegionTime
South Korea,Australia Southeast,Japan Central,Australia East,Australia South,Japan South,New Zealand,Papua New Guinea13:00-16:00 UTC
Singapore,Taiwan,Hong Kong,Cambodia,Indonesia,Malaysia,Myanmar,Philippines,Thailand,Vietnam15:00-19:00 UTC
India West,Bangladesh,India North,India South,Pakistan South,Pakistan West18:00-20:00 UTC
Bahrain,Finland,Belarus,Lithuania,Norway,Russia Central,Russia Northwest,Sweden19:00-21:00 UTC
Germany Central,Netherlands Central,Kenya,Nigeria,South Africa Central,South Africa West,Andorra,Austria,Belgium,Bulgaria,Croatia,Czech Republic,Denmark,Egypt,Germany North,Germany South,Greece,Hungary,Israel,Italy,Jordan,Kuwait,Liechtenstein,Luxembourg,Moldova,Monaco,Netherlands South,Poland,Portugal,Romania,Saudi Arabia,Slovakia,Slovenia,Spain Central,Spain East,Switzerland,Turkey,Ukraine,United Arab Emirates,Uzbekistan20:00-00:00 UTC
Ireland,UK,France North,France South22:00-03:00 UTC
US Central,Brazil South,US East,Canada East,US Southeast,Canada Central,Costa Rica,Mexico Central,Mexico West,Panama,US Northeast,US South,Argentina,Bolivia,Brazil East,Brazil Central,Chile,Colombia,Ecuador,Paraguay,Peru,Venezuela02:00-09:00 UTC
US Northwest,US West,US Southwest,Canada West08:00-13:00 UTC

Aug 20, 23:45 UTC
Update - Sep. 4, 2020
We have addressed the issue, and GlobalProtect logs are forwarding to Cortex Data Lake for all Prisma Access customers. GlobalProtect logs between August 28, 2020, and September 3, 2020, are targeted to be available in Cortex Data Lake by September 22, 2020. If there is an immediate need for a GlobalProtect log that was generated during this timeframe, please open a support case ticket at https://support.paloaltonetworks.com/.
Sep 5, 02:46 UTC
Monitoring - A fix has been implemented and we are monitoring the results.
Sep 3, 08:44 UTC
Update - We are continuing to work on a fix for this issue.
Sep 1, 19:13 UTC
Identified - We have identified an issue where GlobalProtect logs from the Prisma Access Mobile Gateways and Portals are not forwarded to Cortex Data Lake. Our engineers identified the root cause of this issue and diligently working on a fix. We will update the status page periodically with the latest progress. We are addressing the log forwarding issues for all supported panorama versions for Prisma Access (9.0.4 - 10.0).

Workaround:
For Customers with 9.1 and above versions of Panorama, please use the 'Log Forwarding of GlobalProtect logs' option to forward the logs to Cortex Data Lake.
We do not have a workaround for the Panorama 9.0 customers, we are working on a fix.

ref: https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/features-introduced-in-pan-os-9-1/globalprotect-features.html#id1787EF00LF4
Sep 1, 19:03 UTC
Monitoring - The fix has been implemented for all the impacted customers. We are monitoring the results. If the users are experiencing any connectivity issues, please reconnect the GlobalProtect Agent to restore connectivity.
Aug 31, 19:43 UTC
Update - The fix is being rolled out to the service in batches. Please apply the workaround, and request the users to reconnect their Global Protect agent.
Aug 31, 09:04 UTC
Update - The fix is being validated. Once validated it will be rolled out to the service, no further action is required from the customer.
Aug 31, 08:03 UTC
Update - We are continuing to work on a fix for this issue.
Aug 31, 08:00 UTC
Identified - Issue Description: Change in the DNS server IP address on Mobile User endpoints (GlobalProtect Clients) causing DNS resolution failures

This issue was introduced as a part of the 1.7 rollouts, and the fix is being validated. Once validated it will be rolled out to the service, no further action is required from the customer.

In the meantime, if you are impacted please follow the workaround listed below;
Workaround:
Please review Prisma Access security policy to allow DNS traffic from the infrastructure subnet to your internal DNS infrastructure.
Please review your on-prem security policy at the data center to verify that all DNS traffic(UDP/TCP port 53) sourced from the Prisma Access infrastructure subnet is allowed into your network and have access to the internal DNS services.
If only a part of the infrastructure subnet or selected IP addresses are allowed then you must take an action to allow the entire infrastructure subnet to have access to your DNS infrastructure.
Please add the Prisma Access infrastructure subnet to the DNS infrastructure allow-lists where applicable.
Ref : https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview
Aug 31, 05:24 UTC
Identified - If a new Prisma Access Mobile User location is enabled after the infrastructure update on August 14, 2020, you may see a warning The Service can't fetch status on the cloud service plugin status page for the enabled location. To verify that the new location has been provisioned, you can connect to this location via the GlobalProtect agent, 20 minutes after the commit and push. This warning message will disappear after the users start connecting at the new location. Also, this intermittent behavior will be fixed after the dataplane upgrade from August 28, 2020 to August 31, 2020.
Aug 16, 04:34 UTC
Identified - Urgent message for Cortex Data Lake customers with firewalls onboarded via Panorama. Please read this Customer Advisory for more information. https://live.paloaltonetworks.com/t5/customer-advisories/panorama-on-boarded-firewall-certificate-issue-cortex-data-lake/ta-p/328630
May 19, 18:14 UTC
Investigating - To accommodate the fast pace of Prisma Access (Panorama Managed) releases, some Panorama versions will become End-of-Support (EoS) with Prisma Access in late 2020 and mid 2021. We are making this announcement now to allow you to plan for the Panorama upgrades with sufficient advance notice. Refer to this Live Community article for more information.
Jun 30, 20:58 UTC
Update - We are continuing to work on a fix for this issue.
Jun 16, 00:02 UTC
Identified - Starting June 9, 2020 00:00 UTC, Prisma Access deployments using the Cloud Services 1.5 plugin are not supported for use with Prisma Access, and you will not be able to make any changes or commits with the Cloud Services 1.5 plugin. The Cloud Services plugin 1.6 requires Panorama version 9.0.4 and later or 9.1.1 and later; however, for 9.1.x Panorama upgrades, do not upgrade your Panorama to 9.1.x until you install the Cloud Services plugin 1.6 because the 1.4 or 1.5 plugins do not support PAN-OS 9.1.x. You must upgrade the Cloud Services plugin version to 1.6 before upgrading your Panorama to 9.1.1.

If you have additional questions, please contact your Palo Alto Networks representative.

For more information, see the Palo Alto Networks Live article at Prisma Access Panorama Version Upgrade Required
May 29, 09:53 UTC
Monitoring - To promote public health during the COVID-19 outbreak and reduce unnecessary exposure to risk, you may have elected to support your workforce to work from home. If you have a large number of employees working remotely, Prisma Access for Mobile Users provides a scalable way for your remote workers to securely access your organization’s applications and resources - both cloud-based and on-site.

When a large number of mobile users concurrently access a Prisma Access location, Prisma Access detects the increase in mobile users and adds a gateway to accommodate the additional users and enable a steady, predictable performance (also known as an auto-scale event). If you expect that a large number of users will be accessing Prisma Access, Palo Alto Networks recommends the following best practices:

- Make sure that your mobile user IP address pool is sufficient. As a guideline, verify that you have at least twice the number of IP addresses in the pool than the number of user devices that will connect to Prisma Access. This over-allocation ensures that enough IP addresses are available for auto-scale events. If you cannot allocate a sufficiently large IP address pool, contact Palo Alto Networks support to review an alternate design, which may include deploying a NAT policy in your data center.

- Proactively whitelist both the active and reserved gateway and portal IP addresses, so that your users do not lose any connectivity, if you whitelist Prisma Access IP addresses on your network.

To whitelist the gateway and portal IP addresses, run the API script and run commands with a serviceType of gp_gateway and gp_portal and an addrType of active (to get the currently-active gateway and portal addresses) and reserved (to get the IP addresses that are held in reserve for activation on a scaling event).

You can also set up a mechanism to be notified of IP address changes when Prisma Access auto-scales to support the increase in demand. If you have a script running on a web server that can process HTTP Post Notifications, add an IP Change Event Notification URL so that you are notified of changes to IP addresses. You can then re-run the API script to retrieve the new addresses, on-demand.

- Exclude video traffic, which uses high bandwidth and is a low security risk, from being sent to Prisma Access. GlobalProtect provides several configuration options to exclude video streaming traffic from being tunneled to Prisma Access. This configuration ensures prioritization of traffic for business critical applications. The following are some examples for video traffic exclusion:
-- Lower-risk video streaming applications such as YouTube or Netflix
-- Low-risk client applications such as RingCentral
-- Traffic destined to a specified domain name
Mar 13, 19:58 UTC

About This Site

This page provides status information on Palo Alto Networks Cloud Services.

AutoFocus Operational
Cortex Data Lake Operational
Americas Operational
EU Operational
UK Operational
Cortex XDR - Analytics Operational
Americas Operational
Europe Operational
Cortex XDR 1.0 Operational
Americas Operational
Europe Operational
Cortex XDR 2.0 Operational
Europe Operational
Americas Operational
United Kingdom Operational
Singapore Operational
Japan Operational
DNS Security Operational
Directory Sync Service Operational
Americas Operational
EU Operational
Hub ? Operational
PAN-DB Cloud Operational
Prisma Access Operational
90 days ago
100.0 % uptime
Today
Americas-Argentina Operational
90 days ago
100.0 % uptime
Today
Americas-Bolivia Operational
90 days ago
100.0 % uptime
Today
Americas-Brazil Central Operational
90 days ago
100.0 % uptime
Today
Americas-Brazil East Operational
90 days ago
100.0 % uptime
Today
Americas-Brazil South Operational
90 days ago
100.0 % uptime
Today
Americas-Canada Central Operational
90 days ago
100.0 % uptime
Today
Americas-Canada East Operational
90 days ago
100.0 % uptime
Today
Americas-Canada West Operational
90 days ago
100.0 % uptime
Today
Americas-Chile Operational
90 days ago
100.0 % uptime
Today
Americas-Colombia Operational
90 days ago
100.0 % uptime
Today
Americas-Costa Rica Operational
90 days ago
100.0 % uptime
Today
Americas-Ecuador Operational
90 days ago
100.0 % uptime
Today
Americas-Mexico Central Operational
90 days ago
100.0 % uptime
Today
Americas-Mexico West Operational
90 days ago
100.0 % uptime
Today
Americas-Panama Operational
90 days ago
100.0 % uptime
Today
Americas-Paraguay Operational
90 days ago
100.0 % uptime
Today
Americas-Peru Operational
90 days ago
100.0 % uptime
Today
Americas-US Central Operational
90 days ago
100.0 % uptime
Today
Americas-US East Operational
90 days ago
100.0 % uptime
Today
Americas-US Northeast Operational
90 days ago
100.0 % uptime
Today
Americas-US Northwest Operational
90 days ago
100.0 % uptime
Today
Americas-US South Operational
90 days ago
100.0 % uptime
Today
Americas-US Southeast Operational
90 days ago
100.0 % uptime
Today
Americas-US Southwest Operational
90 days ago
100.0 % uptime
Today
Americas-US West Operational
90 days ago
100.0 % uptime
Today
Americas-Venezuela Operational
90 days ago
100.0 % uptime
Today
APAC-Australia East Operational
90 days ago
100.0 % uptime
Today
APAC-Australia South Operational
90 days ago
100.0 % uptime
Today
APAC-Australia Southeast Operational
90 days ago
100.0 % uptime
Today
APAC-Bangladesh Operational
90 days ago
100.0 % uptime
Today
APAC-Cambodia Operational
90 days ago
100.0 % uptime
Today
APAC-Hong Kong Operational
90 days ago
100.0 % uptime
Today
APAC-India North Operational
90 days ago
100.0 % uptime
Today
APAC-India South Operational
90 days ago
100.0 % uptime
Today
APAC-India West Operational
90 days ago
100.0 % uptime
Today
APAC-Indonesia Operational
90 days ago
100.0 % uptime
Today
APAC-Japan Central Operational
90 days ago
100.0 % uptime
Today
APAC-Japan South Operational
90 days ago
100.0 % uptime
Today
APAC-Malaysia Operational
90 days ago
100.0 % uptime
Today
APAC-Myanmar Operational
90 days ago
100.0 % uptime
Today
APAC-New Zealand Operational
90 days ago
100.0 % uptime
Today
APAC-Pakistan South Operational
90 days ago
100.0 % uptime
Today
APAC-Pakistan West Operational
90 days ago
100.0 % uptime
Today
APAC-Papua New Guinea Operational
90 days ago
100.0 % uptime
Today
APAC-Philippines Operational
90 days ago
100.0 % uptime
Today
APAC-Singapore Operational
90 days ago
100.0 % uptime
Today
APAC-South Korea Operational
90 days ago
100.0 % uptime
Today
APAC-Taiwan Operational
90 days ago
100.0 % uptime
Today
APAC-Thailand Operational
90 days ago
100.0 % uptime
Today
APAC-Vietnam Operational
90 days ago
100.0 % uptime
Today
EMEA-Andorra Operational
90 days ago
100.0 % uptime
Today
EMEA-Austria Operational
90 days ago
100.0 % uptime
Today
EMEA-Belarus Operational
90 days ago
100.0 % uptime
Today
EMEA-Belgium Operational
90 days ago
100.0 % uptime
Today
EMEA-Bulgaria Operational
90 days ago
100.0 % uptime
Today
EMEA-Croatia Operational
90 days ago
100.0 % uptime
Today
EMEA-Czech Republic Operational
90 days ago
100.0 % uptime
Today
EMEA-Denmark Operational
90 days ago
100.0 % uptime
Today
EMEA-Finland Operational
90 days ago
100.0 % uptime
Today
EMEA-France North Operational
90 days ago
100.0 % uptime
Today
EMEA-France South Operational
90 days ago
100.0 % uptime
Today
EMEA-Germany Central Operational
90 days ago
100.0 % uptime
Today
EMEA-Germany North Operational
90 days ago
100.0 % uptime
Today
EMEA-Germany South Operational
90 days ago
100.0 % uptime
Today
EMEA-Greece Operational
90 days ago
100.0 % uptime
Today
EMEA-Hungary Operational
90 days ago
100.0 % uptime
Today
EMEA-Ireland Operational