12-01-2024 08:35 AM
We recently setup our CIE to work with our Microsoft Entra ID so when on GlobalProtect, we can track users and their traffic.
We are now looking for solutions for a similar setup for internal users (not on GlobalProtect but on network). We are trying to avoid using direct AD access since Entra ID is our source of truth. I have seen a few options but wanted to see what others have setup. Any recommendations?
12-07-2024 10:48 PM - edited 12-07-2024 10:49 PM
For internal users also you can use CIE for group mapping. I don't know what exactly you are trying to achieve group mapping for internal users or user IP mapping. But once EntraID is integrated with CIE firewall can get the group mapping from CIE for internal users.
12-08-2024 06:35 PM
I thought CIE was only for global protect and its configurations.
We are looking to get User-ID running so that we can make users to their traffic and create more specific rules.
So can we use CIE to map internal users to their traffic?
12-08-2024 06:56 PM
CIE can be used for fetching group mapping and you can reference those groups in the security policy if needed. To see the users in traffic logs you need to have user IP mapping which can be done by GP for GP users but for internal users, you need to implement UIA or some other method mentioned in the article to learn those mappings. Check this: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/user-id/user-id-overview
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
