PAN-OS 9.0 Release Features: User-ID

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

Community Team Member

user id.jpg

Read about the new PAN-OS 9.0 Release Features: User-ID. Learn about the few highlights of features we added to User-ID, including: WinRM Support for Server Monitoring, Increased Terminal Services Capacity, User-ID Scaling in Terminal Services Capacity. 

 

 

WinRM Support for Server Monitoring

  • Provide an option for an alternative method to retrieve security logs and session info - Windows Remote Management (WinRM) to retrieve data (both over HTTP and HTTPS).
  • This method, improves performance and consumes less memory and CPU.
  • WinRM transit traffic is identified by the firewall as windows-remote-management in case the management interface is not used.

 

WinRM-HTTP / WinRM-HTTPSWinRM-HTTP / WinRM-HTTPS

 

Increased Terminal Services Capacity

  • This feature increases the limit on the number of TS Agents supported on some of the platforms.
  • Another change introduced in this feature is that the TS Agent now supports host names for alternative host addresses.

 

Model Old Capacity New Capacity
PA-7000-100G-NPC NA 2500
PA-52x0, VM-700 1000 2500
VM-500, PA-70x0 1000 2000
PA-32x0 400 2000
PA-8x0 400 1000
PA-30x0, PA-220R, All other VM models 400

400

 

Alternative Host AddressesAlternative Host Addresses

 

Shared User-ID Mappings Across Virtual Systems

  • To easily enforce user-based policy in a multi-vsys environment, you can assign a virtual system as the User-ID hub to share mappings with other virtual systems. This reduces configuration complexity and maximizes the number of mappings available to each virtual system.

 

Inter-vsys User-ID Data SharingInter-vsys User-ID Data Sharing

 

Additional Resources

All the new User-ID features in PAN-OS 9.0: User-ID Features

All of the New features in PAN-OS 9.0: What's New in PAN-OS 9.0

 

PAN-OS 9.0 Release Features: DNS Security and Content Inspection

PAN-OS 9.0 Release Features: Policy Optimizer and App-ID

PAN-OS 9.0 Release Features: Panorama

PAN-OS 9.0 Release Features: GlobalProtect

PAN-OS 9.0 Release Features: Networking and Virtualization

PAN-OS 9.0 Release Features: Management

PAN-OS 9.0 Release Features: PA-7000 New Cards

 

Then ask a question, join a discussion, or answer someone else's inquiry — that's community!

 

Not a member of the LIVEcommunity yet? It's simple and easy to join. Just sign up with an email address. 

 

Follow us on Twitter.

 

Check out our YouTube channel and join more than 8,000 other subscribers learning about PAN-OS and more!

 

Feel free to post your comments or questions in the comments section below.

 

@kiwi out!

 

 

 

 
2,584 Views
Labels