Community Blog

PAN-OS 9.0 Release Features: User-ID

by ‎02-12-2019 04:44 AM - edited ‎04-05-2019 07:38 AM (803 Views)

Read about the new PAN-OS 9.0 Release Features: User-ID.  Learn about the few highlights of features we added to User-ID, including: WinRM Support for Server Monitoring, Increased Terminal Services Capacity, User-ID Scaling in Terminal Services Capacity. Got Questions? Get Answers on Live Community.

Graphic banner for PAN-OS 9.0 Release Features: User-ID

 

WinRM Support for Server Monitoring

  • Provide an option for an alternative method to retrieve security logs and session info - Windows Remote Management (WinRM) to retrieve data (both over HTTP and HTTPS).
  • This method, improves performance and consumes less memory and CPU.
  • WinRM transit traffic is identified by the firewall as windows-remote-management in case the management interface is not used.

 

Screenshot of User Identification Monitored ServerWinRM-HTTP / WinRM-HTTPS

 

Increased Terminal Services Capacity

  • This feature increases the limit on the number of TS Agents supported on some of the platforms.
  • Another change introduced in this feature is that the TS Agent now supports host names for alternative host addresses.

 

Model Old Capacity New Capacity
PA-7000-100G-NPC NA 2500
PA-52x0, VM-700 1000 2500
VM-500, PA-70x0 1000 2000
PA-32x0 400 2000
PA-8x0 400 1000
PA-30x0, PA-220R, All other VM models 400

400

 

Screenshot of Terminal Server AgentAlternative Host Addresses

 

Shared User-ID Mappings Across Virtual Systems

  • To easily enforce user-based policy in a multi-vsys environment, you can assign a virtual system as the User-ID hub to share mappings with other virtual systems. This reduces configuration complexity and maximizes the number of mappings available to each virtual system.

 

Screenshot of Virtual SystemInter-vsys User-ID Data Sharing

 

Additional resources

All the new User-ID features in PAN-OS 9.0: User-ID Features

All of the New features in PAN-OS 9.0: What's New in PAN-OS 9.0

 

PAN-OS 9.0 Release Features: DNS Security and Content Inspection

PAN-OS 9.0 Release Features: Policy Optimizer and App-ID

PAN-OS 9.0 Release Features: Panorama

PAN-OS 9.0 Release Features: GlobalProtect

PAN-OS 9.0 Release Features: Networking and Virtualization

PAN-OS 9.0 Release Features: Management

PAN-OS 9.0 Release Features: PA-7000 New Cards

PAN-OS 9.0: Got Questions? Get Answers!

 

Then ask a question, join a discussion, or answer someone else's inquiry -- that's community!

 

Not a member of the Live Community yet? It's simple and easy to join. Just sign up with an email address. 

 

Follow us on Twitter.

 

Check out our YouTube channel and join more than 8,000 other subscribers learning about PAN-OS and more!

 

Feel free to post your comments or questions in the comments section below.

 

@kiwi out!

 

 

 

 

Ask Questions Get Answers Join the Live Community
Labels