Create a Prisma SD-WAN Device

A Prisma SD-WAN device can be created on Network Edge. You can create redundant devices, or a single edge device.

This topic demonstrates how to create a single Prisma SD-WAN device.

  1. Sign in to Equinix Fabric..
  2. From the Network Edge menu, select Create Virtual Device.
  3. Locate the Palo Alto Networks Prisma card and click See Description.
  4. Click Select and Continue.
  5. Review the high-level steps for creating the SD-WAN device and click Create SD-WAN Device.
  6. Click Create Single Device.

  7. Click Begin Creating Edge Devices.
  8. Click Create SD-WAN Device.
  9. In the Select Metro section, click a location.
  10. In the Select Billing Account section, select a billing account in the Your accounts in this metro drop-down menu.

    In order to create a device in a specific metro location, you need a billing account for the metro. You can continue without selecting an account, but you won’t be able to create your device.
  11. Click Next: Device Details.

    Device Configuration defaults to Self-configured. Licensing defaults to Bring your own License.

  12. Select the Device Resources (2 cores, 8GB memory; 4 cores, 8GB memory; or 8 cores, 32GB memory).

  13. Select a Software Package.

  14. Select a Software Version.

  15. In the Device Details box, enter:

    • Device Name – Enter a name for the device.
    • License Key – Enter your license key.
    • License Secret – Enter your secret license phrase.
  16. In the Interfaces drop-down menu, select the number of interfaces.
  17. In the Device Status Notifications box, enter the email addresses of anyone who should receive email notifications regarding device status.
  18. (Optional) In the Optional Details box, enter the Purchase Order Number and Order Reference/Identifier.
  19. In the Term Length drop-down menu, select a term length.
  20. Click Next: Additional Services to add any additional services.
    • Click Add Users to configure user names for SSH and Web-Console access. For Self-configured devices, you need to configure SSH Public Keys to perform password-less authentication. For more information, see Network Edge Device Access.

    • (Optional) RSA Public Keys – Enter an existing RSA Public Key, or click Add New RSA Public Key to generate a new one. See Network Edge Device Access for more information about generating an RSA public key.

    • Diverse Compute from an Existing Single Device – If you already have another single device and you want this new device to exist in a different plane, click Select Diverse From and select the existing device.
    • Add Access IP Addresses – Select an access control list (ACL) template. This template will be applied to the gateway interface connected to the WAN/SSH interface of your VNF. ACL templates control communication from the Internet.
    • Note: By default, the communication required for initial bootstrap (DNS, NTP, License Server communication, SD-WAN controller communication, etc.) is allowed to properly configure the initial VNF configuration. Additional protocols such as SSH need to be intentionally permitted using an ACL template (Custom ACL). If you need to create a template to apply to your device, click Create Access Control List Template. See Configure Access Controls on Virtual Devices for more information.

    • Additional Internet Bandwidth – Add between 25 and 5000 additional Mbps of internet bandwidth (for a fee). 15 Mbps of Internet Bandwidth is included free in the package by default.
  21. Click Next: Review.
  22. In the Terms & Conditions box, click Review and Accept Order Terms.
  23. Select I have read and understand these terms and click Accept.
  24. Click Create Edge Device.