01-18-2012 08:43 PM
I have firmware version 4.1.1 and use the appropriate User-ID program for this firmware. I undretand how it all works for Active Directory user accounts, but what I want to know is can it be used to scan AD containers that only contain computer names, which I can then use in my security policies?
I am trying to block certain apps for specific AD computers (not users), which are all members of an AD security group and apply a security policy based on the AD group. The only other way I can think of is by setting up many address objects and throwing them all into an address group, but any users on DHCP may change IP address, rendering this solution useless.
Is this something for DEV?
01-19-2012 12:26 AM
I'd say - look at Global Protect if you want a packaged product. If you have the skills/time you could use the API to push computer names and IP in to the PAN. Would require some development time on your end though.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
