User-ID Mapping To Not-Domain-Joint Devices

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

User-ID Mapping To Not-Domain-Joint Devices

L2 Linker

Hello,

 

What would be the best way to enable User-ID for devices that aren't joined to the domain? We have a number of contractors whose laptops aren't members of the domain but we would like to enable User-ID to be able to monitor their User-IDs?

 

Thanks in advance.

 

 

Best, ~zK

2 REPLIES 2

Cyber Elite
Cyber Elite

If you have Exchange and they have Outlook connected to it then you could configure Palo to read Exchange event log.

You could also install GlobalProtect client into contractor laptops to get UserID. This can be used just for UserID without encrypting traffic if they are inside your organization.

Or you could use Caprive Portal (like hotels and airports) to ask user to enter credentials you have provided to them to get IP to User mapping. Captive Portal capability is built into Palo.

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

Thanks for the reply. We're on O365 so I don't think monitoring the Event log in Exchange would be an option. I am leaning towards using GP, which we currently use to access the corp's network from the outside. Do you have any information on how to configure GP for the users/contractors in the inside(LAN)?

 

Thanks, ~zK

  • 1769 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!