Home / Paloalto / Prisma Access / SASE / Service connections / Prisma Access : What is Service Connections (SC) ?

Prisma Access : What is Service Connections (SC) ?

August 06, 2025 , , ,

Prisma Access : What is Service Connections (SC) ?

As we discussed in our previous article that Prisma Access is a Secure Access Service Edge (SASE) that provides consistent connectivity and security for mobile users, branch offices and Datacenters and other locations, anywhere across the globe.

Prisma Access uses a common cloud-based infrastructure that delivers multiple types of security services, including advanced threat prevention, web filtering, sandboxing, DNS security, credential theft prevention, DLP and next-generation firewall policies based on user-to-application, and host information profile.

One of the components which is used to connect to the datacenter is called Service Connections (SC). Let's talk about Service Connections (SC) in details

Prisma Access : What is Service Connections (SC) ?

What is Service Connections (SC) ?

A service connection, also known as a Corporate Access Node (CAN), allows mobile users and users at remote networks access to internal resources and lets your mobile users and remote networks communicate with each other. Palo Alto Networks recommends always creating a service connection in your Prisma Access deployment

Service Connections are the connections between Prisma Access Cloud and the datacenter only, Every connections support 1 GB of the capacity and in our scenario we use 2 x 1GB (two links) per datacenter as shown below.

What is Service Connections (SC) ?

If you have a headquarters or data center location that requires additional service connection bandwidth, you can configure multiple service connections to that location.

So what that means typically, a branch office doesn't need to host services or applications that require inbound access. What it does need, however, is a reliable and secure way to access the Internet. This is where RN comes into play, as it's perfectly suited for this need. 

A data center, on the other hand, typically houses services and applications that do need inbound connectivity, frequently from users in branch offices or remote access users. Because it efficiently enables this type of access, a service connection is the best option in these situations.

Service Connection Bandwidth

As we discuss previous above that we can have 1 service connection can provide 1 Gbps of throughput and we can have multiple Service connections use of one of the datacenter if required for high throughput. In our case, we use 2 service connections which will give us 2GB of throughput per datacenter. 

Check basics on Prisma Access below
PaloAlto Networks: What is Prisma Access ? - The Network DNA

Conclusion

In conclusion, a service connection doesn't offer extra security enforcement because it assumes that your site already has a firewall and other security mechanisms in place. A remote network, on the other hand, is made for situations that call for security enforcement but require such infrastructure.