Nugget Post : Quick USER ID tip for palo alto admins

Quick Tip…

You’re a Palo Alto firewall administrator, and you’ve setup USER ID to identify all your users and write user-based firewall policies.

Problem: some users have linux laptops and do not login to the domain, others are windows users that the USER ID system simply does not pick up.

Solution:

1. Create a read only (possibly empty) share on your fileserver

2. Have your linux users write a startup script that just mounts this fileshare, and similarly for windows users, to have every user access the fileshare at least once throughout their day.

3. Install the PaloAlto user agent, and make sure “enable server session read” is enabled

 

Selection_074

You’re good to go

Any problematic users simply need to visit your share to get identified and be granted/denied access by your user based policies

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s