with the risk that this was already discussed, I have a question regarding ignore users with User-ID.
I configured User-ID for our clients, also for the IT department.
In the IT, we also using admin accounts. So when I started a programm in admin mode, the firewall registered this in the DCs. So my client gets the adm account linked with my client IP.
This is correct but annoying, because our admin accounts have no internet access. So I have to start a normal user login from my client, for example restarting Outlook.
My question is if it's possible to add entries in the ignore list in connection with IP subnets. So I can tell the PA to ignore admin logins for our clients in the IT department.
I did not found any possibility to configure it.
Thanks and best Regards
I just wanted to acknowledge that I saw the post, but agree that I am not sure there is a way to filter out.
I do know that the FW is capable of not learning based on subnets (dont attempt to learn VoIP softphone subnet, as example), but as for not learning a specific user type. But you may want to focus in the Group Mapping section of UserID, to see if you can create a certain pattern that will be learned/associated with group mappings, and try to not have the admin accounts part of the pattern.
Then you may be able to do something. It is a long shot, but wanted to give you some encouragement. :P
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!