Multiple Logins for a single user at different stations filtering not functioning - security threat?

Reply
Highlighted
L0 Member

Multiple Logins for a single user at different stations filtering not functioning - security threat?

I am new to Palo jsut going Live with a unit.  I am seeing when users move from desk to desk and do not log out but login again at the second station their filtering does not function.  They are either filtered as per the last login previously at the station (though that might be a user again also logged in somewhere else) OR they get no filtering and basically can do what they want.  This seems to be an issue we me testing changes to Palo as I use certain levels of users logons (though they are working in another part of the office) and the filtering does not produce results I expect - toough to troubleshoot.  AND of course this is obviously a security issue.  I see posts in here as far back as 2010 asking and reporting the same things I have here - is there a resolution to this?

L7 Applicator

Re: Multiple Logins for a single user at different stations filtering not functioning - security thr

Hello,

How are you monitoring the User-id mapping?

 

Check out this article, may help out.

 

https://docs.paloaltonetworks.com/pan-os/8-0/pan-os-admin/user-id

 

Regards,

 

L7 Applicator

Re: Multiple Logins for a single user at different stations filtering not functioning - security thr

@samuelsmith,

User-ID is really something that needs to be designed for the environment that you are in, and as such there really isn't a 'one size fits all' guide we can point you towards. If you describe your environment a bit we could likely advise you on directions to take, sources to monitor, settings to modifiy and the such. Sadly a lot of people configure user-id settings using default settings and that's not always going to work depending on the environment. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!