I hope that's okay, I have a question regarding Prima Access that I can't confirm.
With respect to the Prisma remote networks, and the service Networks, as I have only seen theoretical topics and I have not practiced, I cannot confirm it yet, but the question is the following.
I understand that we use Service Networks when we need to communicate with a remote network, it can be DC and internal resources, with this make a remote network or mobile users communicate with the DC.
-Now my question is the following, when for example you already have the DC/HQ as a remote network, and you have to allow access to internal resources, DC, DNS, some servers and internal systems, then this remote network becomes a service connection ? There is my doubt that network happens to be a remote network and at the same time a service connection? Either you can't configure a remote network as a service connection (logic says yes...) or once you want to configure a service connection you rely on an existing remote network or a new one... is that the logic?
-Now in one case, hypothetical that some resources, some workstations, for a, b, c and d reasons... must connect to one or some Global Protects endpoint IPs, in that case? Is this allowed or should it be allowed with some security policy or adjustment at the Prisma Access level, such as a Prisma FWas a service? since I doubt that Service Connections are required... since there is a limit of 2 or 3, and then it is with Remote Networks Bandwidth Licensing.
Thanks for the good vibes, for the constructive comments, for the time and collaboration