The data represents how many mobile users at a given time are trying to authenticate
to a GlobalProtect portal, which then sends the mobile users’ credentials for
verification to an on-premises active directory (AD) server, resulting in an
authentication success or failure. If you see a large number of authentication
failures, you can correlate the failures with a network event that indicates a
problem with a certain location or an on-premises authentication server that was
down. The data in these charts provide troubleshooting insights for network
administrators who resolve network issues. You can view the count of authentication
success or failure trends for mobile users at GlobalProtect portals and gateways,
use this data to learn about the patterns of authentication successes or failures
over time, and establish count ranges that can be normal or anomalous in your Prisma
Access deployment. For example, anomalous counts could indicate existing users’
inability to connect to Prisma Access because to availability issues with
GlobalProtect portals or slow authentication servers. Or, anomalous counts might
represent large numbers of users onboarded to the customer’s network all at
once.