Hello everyone, Is it possible to request an additional authentication for a specific zone with PAN-OS 5.0? The requirement would be to have regular userauthenticated through regular ActiveDirectory/NTLM for regular zones. However for very sensitive zone, a Captive Portal would be requested with additional authentication requirements (e.g. RSA). Ideally the username would be kept (to avoid administrative overhead and to facilitate security monitoring). The session would then be open according to Captive Portal rules (e.g. for 30 minutes). Do you think this is possible? One way we thought it throug would be to use a virtualised context but this is still no clean solution as there would probably be some redundancies in log files and would certainly facilitate debugging as one part of the logs would be on one device, and the other part on another device. What we are looking is really to "upgrade" user rights. Thanks in advance!
... View more