Enforcing your security policy consistently across all the firewalls in your network relies on those firewalls having the most up-to-date identity information from your sources, such as cloud-based identity management systems. With the array of management systems and large numbers of users and devices, it can often be time-consuming and difficult to correlate identity information with its originating sources and ensure that it was provided to all necessary devices.

You can now use Strata Cloud Manager with the Cloud Identity Engine to manage IP address-to-tag (also known as IP-tag) mappings and simplify your security policy by creating tag-based rules. When you configure a cloud connection in the Cloud Identity Engine to your cloud-based identity management system (either Azure or AWS), you can use the Cloud Identity Engine to collect IP-tag mappings.

You can see all of your IP-tag mappings, as well as their associated sources, in the Cloud Identity Manager. Using filters to highlight the most relevant information, you can quickly identify issues with your security policy, such as a source that is currently unavailable. You can then use the Strata Cloud Manager to create tag-based security policy using dynamic address groupsand distribute it to the firewalls in your network to ensure they have the latest information needed to consistently enforce security policy. You can also share the IP-tag mappings with other firewalls in your network by using User Context segments in the Cloud Identity Engine.

By leveraging the capabilities of Strata Cloud Manager with the identity information that the Cloud Identity Engine provides, you can more easily create and manage your security policy using tags.