This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
About Thrace
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- LIVEcommunity
- About Thrace
06-21-2022
1Post
0Likes
0Solutions
Jun 21, 2022Last Visited
User
Activity
User
Profile
Latest posts by Thrace
| Subject | Views | Posted |
|---|---|---|
| 2090 | 05-21-2021 08:46 AM |
User Badges
Community Statistics
| Member Since | 05-07-2021 06:27 AM |
| Date Last Visited | 06-21-2022 09:25 PM |
| Posts | 1 |
05-21-2021
08:46 AM
Has anyone effectively used HIP to deny login to Prisma Access? One of the biggest challenges we had with AnyConnect (and a large reason we are moving away) is that there were no native methods for controlling which device a user was connecting with. I have built a Security Pre-Rule that references the Domain-joined HIP Policy, and I can see the matches in our monitor tab. I would like to deny logon to anyone who does not satisfy this rule EXCEPT those who are members of a specific Active Directory user group. I figure the rules would look something like this: 1) HIP Match on domain = allowed to connect to Portal URL 2) Match on security group membership = allowed to connect to Portal URL 3) Deny all connections to Portal URL. Can anyone confirm that this would be effective?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-21-2022
09:25 PM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2023 - Palo Alto Networks