Prisma Access User-Based Policy
Enforce user-based policy using Prisma Access.
Where Can I Use This? | What Do I Need? |
- Prisma Access (Managed by Strata Cloud Manager)
- Prisma Access (Managed by Panorama)
- Cloud Identity Engine
|
|
Prisma Access requires that you configure IP address-to-username mapping to consistently
enforce user-based policy for mobile users and users at remote network locations. In
addition, you need to configure
username to user-group mapping if you want to
enforce policy based on group membership.
To select the groups from a drop-down list when you create and configure policies in
Panorama, you can also configure Panorama to obtain the list of user groups retrieved
from the username-to-user group mapping.
The following sections provide an overview and the steps you perform to configure and
implement User-ID and use the Cloud Identity Engine to get IP address-to-username and
username-to-user group mapping in Prisma Access.
Configure User-Based Policy for Prisma Access