Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
10-03-2017 04:53 PM
Hello,
What would be the best way to enable User-ID for devices that aren't joined to the domain? We have a number of contractors whose laptops aren't members of the domain but we would like to enable User-ID to be able to monitor their User-IDs?
Thanks in advance.
Best, ~zK
10-03-2017 05:58 PM
If you have Exchange and they have Outlook connected to it then you could configure Palo to read Exchange event log.
You could also install GlobalProtect client into contractor laptops to get UserID. This can be used just for UserID without encrypting traffic if they are inside your organization.
Or you could use Caprive Portal (like hotels and airports) to ask user to enter credentials you have provided to them to get IP to User mapping. Captive Portal capability is built into Palo.
10-04-2017 09:12 AM
Thanks for the reply. We're on O365 so I don't think monitoring the Event log in Exchange would be an option. I am leaning towards using GP, which we currently use to access the corp's network from the outside. Do you have any information on how to configure GP for the users/contractors in the inside(LAN)?
Thanks, ~zK
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
