Nugget Post : Quick USER ID tip for palo alto admins

Posted on by David Vassallo

Quick Tip…

You’re a Palo Alto firewall administrator, and you’ve setup USER ID to identify all your users and write user-based firewall policies.

Problem: some users have linux laptops and do not login to the domain, others are windows users that the USER ID system simply does not pick up.

Solution:

1. Create a read only (possibly empty) share on your fileserver

2. Have your linux users write a startup script that just mounts this fileshare, and similarly for windows users, to have every user access the fileshare at least once throughout their day.

3. Install the PaloAlto user agent, and make sure “enable server session read” is enabled

 

Selection_074

You’re good to go

Any problematic users simply need to visit your share to get identified and be granted/denied access by your user based policies

Advertisement
Privacy Settings

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.