Hi good afternoon, as always, thanks for the time to answer and the good vibes. Today there is some confusion regarding these different variables, whether to use Prisma SD-WAN i.e. CloudGenix ION, to put together a sd-wan based network and/or to use PAN-OS SD-WAN.
Thinking about an environment with 30 branches, some sites with 2 links, the most critical ones, others with only one, that have Palo Alto FWs, connected by IPSEC currently to the Central HQ site and another 5 or 6 sites, with non Palo Alto FWs ( Standard IPSEC connection ) and a couple of edge routers in branches, with IPSEC. NO PANORAMA.
Now thinking about the above scenario, which is more convenient to use PAN-OS SDWAN to put together the SDWAN architecture, thinking about adding the SDWAN subscription, it is not obligation, although they say so, if it makes everything more friendly and practical, but PANORAMA is not obligation or use Prisma-SDWAN with ION Cloudgenix ?
With PAN-OS SDWAN, I have firewall with full coverage, while with cloudgenix I only have a device that its purpose is sd-wan connectivity but not security, as a firewall gives me.
On the other hand, as the title indicates, thinking about the approach of jumping on the "SASE" bandwagon, and in the future... having the VPN Global Protect connections in Prisma Access, but currently they are in the PA, or HA pair in the Central site, what would be the best planning strategy because or which products/subscriptions/services do you target, according to the environment and infra before commented ? With Prima access/Prisma SD-WAN can I integrate FWs, routers or third party devices with IPSEC and integrate them to the SDWAN architecture?
Thanks as always for the good vibes, collaboration and for the time.