Palo Alto Networks User-ID

Palo Alto User-ID

As Organisations make greater use of Internet and web-based applications, it becomes all the more important to have visibility into what users are doing on the network. Remote network access and dynamic IP addressing make IP addresses an ineffective way of monitoring and controlling end user activity, which is effectively the mechanism on which many port-based firewalls are heavily reliant.

Palo Alto Networks’ User-ID technology addresses the lack of visibility into end user activity by seamlessly integrating with enterprise directory services (Active Directory, LDAP, eDirectory) to dynamically link an IP address to user and group information.

In Citrix and Terminal Services environments, User-ID associates the individual user with their network activity, enabling IT to deploy granular security policies. Integration with other 3rd party repositories is enabled by an XML API.

With visibility into user activity, enterprises can monitor and control applications and content traversing the network based on the user and group information stored within the user repository.

User-ID Benefits:

  • Regain visibility into user activities relative to the applications in use and the content they may generate
  • Tighten security posture by implementing policies that ties application usage to specific users and groups, as opposed to simply the IP address
  • Identify Citrix and Microsoft Terminal Services users and control their respective application usage

New With PAN OS 4.1: Extending policy control to non-Windows users


With the new release of PAN OS 4.1, Microsoft Exchange integration is just one of many new features that will allow organisations to extend secure application enablement policies to users outside of their Microsoft Windows domain. Microsoft Exchange integration complements the existing captive portal and XML API as a means of extending user discovery and policy control to Apple Mac OS X, Apple iOS, and Linux client systems that don't directly authenticate to a Microsoft Active Directory Domain. Additional features that further streamline the deployment of user-based security policies include User-ID agent consolidation, multi-Domain/Forest support, auto Domain Controller discovery and User-ID NTLM redundancy.