—Checks for valid
corporate username submissions and verifies that the login
username maps to the source IP address of the session. To do
this, Prisma Access matches the submitted username and source IP
address of the session against its IP-address-to-username
Use Domain Credential Filter
valid corporate username and password submissions and verifies
that the username maps to the IP address of the logged-in
Use Group Mapping
—Checks for valid
username submissions based on the user-to-group mapping table
populated when you map users to groups. You can apply credential
detection to any part of the directory or for specific groups
that have access to your most sensitive applications, such as
This method is prone to false
positives in environments that do not have uniquely
structured usernames. Because of this, you should only use
this method to protect your high-value user
Valid Username Detected Log Severity
the severity level that the firewall records in log when it detects
corporate credential submissions:
Configure the action taken when the firewall detects corporate credential
Under Access Control, select an action for
for each URL category with its
set to allow or alert.
You can select from the following actions:
submit credentials to websites in the given URL category but
generates a URL Filtering log each time this happens.
submit credentials to the website.
users from submitting credentials to websites in the given URL
category. When a user tries to submit credentials, the firewall
displays the anti-phishing block
—Presents the anti-phishing continue
page to users when they attempt to submit
credentials. Users must select Continue on the response page to
proceed to the website.
Apply the URL Access Management profile to your Security policy rules.
NGFW and Prisma Access
Under Security Policy Rules, create or select a Security
, and then select a URL Access Management profile