If you have configured an on-premises next-generation firewall as a master device, you can
auto-populate user and group information for mobile user device groups in
traffic steering and security policy rules by selecting , clicking the gear icon to edit the Settings, and selecting the
Master Device
in the Device Group area. While this
populates the master device in every device group, it only populates the user
and group information for mobile users in security policy rules.