Configure User-ID and User-Based Policies with Prisma Access

Prisma Access requires that you configure IP address-to-username mapping to consistently enforce user-based policy for mobile users and users at remote network locations. In addition, you need to configure username to user-group mapping if you want to enforce policy based on group membership.
You can then configure your deployment to allow Panorama to get the list of user groups retrieved from the group mapping, which allows you to easily select these groups from a drop-down list when you create and configure policies in Panorama.
The following sections provide an overview and the steps you perform to configure and implement User-ID and use the Cloud Identity Engine to get user and group mapping in Prisma Access.

Recommended For You