06-04-2021 01:06 PM
Cloud IAM vendors are meant for Identities (managing users and groups), but they do not enforce security policies on these identities as they are not a firewall. With PANW, our customers can authenticate using groups/users in these Cloud IdPs and enforce identity-based security policies (URL Filtering, Cred Phishing, etc.) Customers can achieve the same outcomes if they use Okta with PANW firewalls or Okta with Fortinet firewalls; however, a cloud-offered service like Cloud Identity Engine keeps users and group information in sync with the cloud IdP and onprem Idps providers to PANW firewall products. This way, the user information is dynamically updated at all times.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!