Prisma Access requires that you configure IP address-to-username mapping to consistently
enforce user-based policy for mobile users and users at remote network locations. In
addition, you need to configure
username to user-group mapping if you want to
enforce policy based on group membership.