Chapter 6: Identifying Users and Controlling Access
In this chapter, we will be learning about User Identification (User-ID) and the various ways in which we can intercept credentials or have users identify themselves. Once they're identified, their user-to-IP mapping can be leveraged to control which resources they can access. User-based reports can also be generated to keep track of users' habits or review incidents. In addition, we will link user-to-IP mappings to group membership so we can apply role-/group-based access control. This will help us to identify groups of users so they can access only the resources they need while roaming without the need for network segmentation or static IP addresses.
In this chapter, we're going to cover the following topics:
- User-ID basics
- Configuring group mapping
- Captive portals and authentication
- Using APIs for User-ID
- User credential phishing prevention