User Identification (User-ID™) is a Palo Alto Networks® next-generation firewall feature that seamlessly integrates with a range of enterprise directory and terminal services to tie application activity and policies to usernames and groups instead of just IP addresses. Configuring User-ID enables the Application Command Center (ACC), App Scope, reports, and logs to include usernames in addition to user IP addresses. You can configure the following agents to collect IP address-to-username mapping and username-to-group mapping information:
You can configure several
methods for collecting user and group mapping information
, including server monitoring, syslog message parsing, port mapping, XFF headers, and Captive Portal authentication. In a network with multiple firewalls and hundreds of user identification sources or users who rely on local sources for authentication but access remote resources, you can simplify User-ID management by
configuring user mapping redistribution
among firewalls.


If the firewall has multiple virtual systems, each virtual system requires a separate User-ID configuration; by default, virtual systems don’t share user mapping information, though you can configure them for redistribution. When configuring User-ID, select the virtual system in the
Location
drop-down at the top of the
Device > User Identification
page.
What do you want to know? | See: |
---|---|
|
|
|
|
|
|
|
|
|
|
|
![]() |