Alto MS Series User Manual Page 79
- Page / 108
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Getting Started Guide 75
Configure User Identification Enable User Identification
Step 2 Define the servers the firewall should
monitor to collect IP address to user
mapping information. You can define
entries for up to 100 Microsoft Active
Directory, Microsoft Exchange, or Novell
eDirectory servers on your network.
Keep in mind that in order to collect all of
the required mappings, you must connect
to all servers that your users log in to so
that the firewall can monitor the security
log files on all servers that contain logon
events.
1. Select
Device > User Identification > User Mapping.
2. In the
Server Monitor section of the screen, click Add.
3. Enter a
Name and Network Address for the server. The
network address can be a FQDN or an IP address.
4. Select the
Type of server.
5. Make sure the
Enabled check box is selected and then click OK
6. (Optional) To enable the firewall to automatically discover
domain controllers on your network using DNS lookups, click
Discover.
Note The auto-discovery feature is for domain controllers only;
you must manually add any Exchange servers or eDirectory
servers you want to monitor.
7. (Optional) To tune the frequency at which the firewall polls
configured servers for mapping information, in the
Palo Alto
Networks User ID Agent Setup
section of the screen, click the
Edit icon and then select the
Server Monitor tab. Modify
the value in the
Server Log Monitor Frequency (sec) field.
Best Practice:
You should increase the value in the
Server Log Monitor
Frequency (sec)
field to 5 seconds in environments with older
DCs or high-latency links.
8. Click
OK to save the changes.
Step 3 Set the domain credentials for the account
the firewall will use to access Windows
resources. This is required for monitoring
Exchange servers and domain controllers
as well as for WMI probing.
1. Click the Edit icon in the
Palo Alto Networks User ID Agent
Setup
section of the screen.
2. On the
WMI Authentication tab, enter the User Name and
Password for the account that will be used to probe the clients
and monitor servers. Enter the user name using the
domain\username syntax.
Map IP Addresses to Users Using the PAN-OS Integrated User-ID Agent (Continued)
- Palo Alto Networks 1
- Contact Information 2
- About this Guide 2
- Table of Contents 3
- Table of Contents 4
- Management Network 5
- Perform Initial Configuration 6
- 4 Getting Started Guide 8
- 6 Getting Started Guide 10
- 8 Getting Started Guide 12
- Activate Firewall Services 13
- Manage Content Updates 15
- 12 Getting Started Guide 16
- Install Software Updates 17
- 14 Getting Started Guide 18
- Add Firewall Administrators 19
- How to Configure 20
- 18 Getting Started Guide 22
- Monitor the Firewall 23
- View Local Log Data 24
- View Reports 25
- Set Up Email Alerts 27
- Set Up SNMP Trap Destinations 27
- 24 Getting Started Guide 28
- Define Syslog Servers 29
- 26 Getting Started Guide 30
- Forward Logs to Panorama 31
- Enable Log Forwarding 31
- 28 Getting Started Guide 32
- Create the Security Perimeter 35
- Security Perimeter Overview 36
- Virtual Wire Deployments 37
- Layer 2 Deployments 37
- Layer 3 Deployments 37
- About Security Policies 38
- Optional 40
- Policy Best Practices 41
- About Policy Objects 41
- About Security Profiles 42
- Getting Started Guide 39 43
- Set Up Interfaces and Zones 44
- 42 Getting Started Guide 46
- Configure NAT Policies 47
- 44 Getting Started Guide 48
- 46 Getting Started Guide 50
- Create Security Rules 52
- 50 Getting Started Guide 54
- Test Your Security Policies 55
- Getting Started Guide 53 57
- Monitor > Logs 57
- Enable WildFire 59
- Scan Traffic for Threats 59
- Control Access to Web Content 59
- Set Up File Blocking 64
- Continue to 66
- 64 Getting Started Guide 68
- For More Information 69
- Configure User Identification 71
- User Identification Overview 72
- About User Mapping 73
- PAN-OS XMLAPI Usage Guide 74
- Enable User Identification 75
- 72 Getting Started Guide 76
- Map IP Addresses to Users 77
- Configure User Mapping 78
- Captive Portal Modes 81
- Configure Captive Portal 82
- 80 Getting Started Guide 84
- 82 Getting Started Guide 86
- Getting Started Guide 85 89
- Monitor > Logs) 89
- Set Up High Availability 91
- HA Overview 92
- Getting Started Guide 89 93
- Failover Triggers 94
- HA Timers 94
- 92 Getting Started Guide 96
- Getting Started Guide 93 97
- Configuration Guidelines 98
- 96 Getting Started Guide 100
- 98 Getting Started Guide 102
- 100 Getting Started Guide 104
- Click Commit 106
- Verify Failover 107
- Getting Started Guide 108
© 2020, manymanuals.com. All rights reserved. | 0.939 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals