https://live.paloaltonetworks.com/t5/cloud-identity-engine/why-should-customers-use-cloud-identity-engine-and-user-id-on/m-p/411318#M2 <P><SPAN style="font-weight: 400;">Cloud IAM vendors are meant for Identities (managing users and groups), but they do not enforce security policies on these identities as they are not a firewall. With PANW, our customers can authenticate using groups/users in these Cloud IdPs and enforce identity-based security policies (URL Filtering, Cred Phishing, etc.) Customers can achieve the same outcomes if they use Okta with PANW firewalls or Okta with Fortinet firewalls; however, a cloud-offered service like Cloud Identity Engine keeps users and group information in sync with the cloud IdP and onprem Idps providers to PANW firewall products. This way, the user information is dynamically updated at all times.</SPAN></P> Fri, 04 Jun 2021 20:06:06 GMT blevin 2021-06-04T20:06:06Z https://live.paloaltonetworks.com/t5/cloud-identity-engine/why-should-customers-use-cloud-identity-engine-and-user-id-on/m-p/411318#M2 <P><SPAN style="font-weight: 400;">Cloud IAM vendors are meant for Identities (managing users and groups), but they do not enforce security policies on these identities as they are not a firewall. With PANW, our customers can authenticate using groups/users in these Cloud IdPs and enforce identity-based security policies (URL Filtering, Cred Phishing, etc.) Customers can achieve the same outcomes if they use Okta with PANW firewalls or Okta with Fortinet firewalls; however, a cloud-offered service like Cloud Identity Engine keeps users and group information in sync with the cloud IdP and onprem Idps providers to PANW firewall products. This way, the user information is dynamically updated at all times.</SPAN></P> Fri, 04 Jun 2021 20:06:06 GMT https://live.paloaltonetworks.com/t5/cloud-identity-engine/why-should-customers-use-cloud-identity-engine-and-user-id-on/m-p/411318#M2 blevin 2021-06-04T20:06:06Z