- DeviceUser IdentificationUser MappingPalo Alto Networks User-ID Agent SetupRedistribution
To enable a firewall or virtual system to serve as a User-ID agent that redistributes user mapping information along with the timestamps associated with authentication challenges, configure the settings described in the following table. When you later connect this firewall to an appliance (such as Panorama) that will receive the mapping information and timestamps, the appliance uses these fields to identify the firewall or virtual system as a User-ID agent.
The complete procedure to configure firewalls to redistribute user mapping information and authentication timestamps requires additional tasks besides specifying the redistribution settings.
By default, a firewall with multiple virtual systems doesn’t redistribute user mapping information across its virtual systems, though you can configure them for redistribution.
Enter a collector name (up to 255 alphanumeric characters) to identify the firewall or virtual system as a User-ID agent.
Pre-Shared Key/Confirm Pre-Shared Key
Enter a pre-shared key (up to 255 alphanumeric characters) to identify the firewall or virtual system as a User-ID agent.
User-ID Agent Settings
User-ID Agent Settings Panorama > Managed Collectors > User-ID Agents A Dedicated Log Collector can receive user mappings from up to 100 User-ID agents. The ...
Configure User-ID Redistribution
Configure User-ID Redistribution Before you configure User-ID redistribution: Plan the redistribution architecture. Some factors to consider are: Which firewalls will enforce policies for all users ...
Redistribute User-ID Information to Managed Firewalls
Redistribute User-ID Information to Managed Firewalls To ensure all the firewalls that enforce policies and generate reports have the required IP address-to-username mappings and authentication ...
Configure Access to User-ID Agents
Configure Access to User-ID Agents Each firewall and Panorama management server can connect to a maximum of 100 User-ID agents or User-ID redistribution points (or ...
User-ID Redistribution Using Panorama
User-ID Redistribution Using Panorama One of the key benefits of the Palo Alto Networks firewall is that it can enforce policies and generate reports based ...
Redistribute User Mappings and Authentication Timestamps
Redistribute User Mappings and Authentication Timestamps Every firewall that enforces user-based policy requires user mapping information. In a large-scale network, instead of configuring all your ...
Deploy User-ID in a Large-Scale Network
Deploy User-ID in a Large-Scale Network A large-scale network can have hundreds of information sources that firewalls query to map IP addresses to usernames and ...
Redistribute HIP Reports
Redistribute HIP Reports To ensure consistent Host Information Profile (HIP) policy enforcement and to simplify policy management, you can distribute HIP reports received from the ...
Firewall Deployment for User-ID Redistribution
Firewall Deployment for User-ID Redistribution To aggregate User-ID information, organize the redistribution sequence in layers, where each layer has one or more firewalls. In the ...