01-05-2022 10:02 AM
Does anyone know if PanOS v10+ can identify when a UserAgent is being spoofed? I've been looking through the discussion boards and online user documentation and haven't been able to find any results. I'm trying to see if we can catch when a device tries to circumvent restriction policies by claiming to be a different device.
01-05-2022 11:17 AM
This really isn't something that can be detected at a firewall level. The UserAgent string was never designed to be utilized as a security measure, it's just a string value.
01-05-2022 12:22 PM
Hello,
If you have the GlobalPRotect license, this can be used as it can perform posture validation. Your clients would need to vpn in however its a good step since its basically zero trust.
Regards,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
