Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Implementing Palo Alto Networks Prisma® Access

You're reading from   Implementing Palo Alto Networks Prisma® Access Learn real-world network protection

Arrow left icon
Product type Paperback
Published in May 2024
Publisher Packt
ISBN-13 9781835081006
Length 346 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Tom Piens Aka 'Reaper' Tom Piens Aka 'Reaper'
Author Profile Icon Tom Piens Aka 'Reaper'
Tom Piens Aka 'Reaper'
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Part 1:Activate and Configure Prisma Access
2. Chapter 1: Designing and Planning Prisma Access FREE CHAPTER 3. Chapter 2: Activating Prisma Access 4. Chapter 3: Setting Up Service Infrastructure 5. Chapter 4: Deploying Service Connections 6. Part 2:Configure Mobile User and Remote Network Security Processing Nodes
7. Chapter 5: Configuring Remote Network SPNs 8. Chapter 6: Configuring Mobile User SPNs 9. Chapter 7: Securing Web Gateway 10. Chapter 8: Setting Up Your Security Policy 11. Part 3:Advanced Configuration and Best Practices
12. Chapter 9: User Identification and Cloud Identity Engine 13. Chapter 10: Advanced Configurations and Insights 14. Chapter 11: ZTNA Connector 15. Index 16. Other Books You May Enjoy

User ID redistribution

When users log on to a MU-SPN via GlobalProtect, they receive an IP address from the pool used by the SPN. Their username is also mapped against that IP address to form a user ID. These User-IDs can be used to grant users access to specific resources via security rules, provide them with a specific GlobalProtect agent configuration, or simply log what they are doing in terms of traffic, URLs, and threat logs.

This user ID can also be shared with other Palo Alto NGFW so that policies can be applied to down range. This can be useful when a user is connecting to a datacenter resource that is behind a service connection. Security is only enforced on the SPN in Prisma Access, so the datacenter must have its own security enforcement, and any subsequent connected networks may also be equipped with their own NGFW. Without user ID redistribution, these firewalls outside Prisma Access will only be able to apply security based on the source address.

There is already...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime