HIP has nothing to do with the request. What he is looking to do is to differentiate traffic that is initiated by the SYSTEM account, and other non user accounts, versus what is initiated by the user accounts. This way he can have a policy that says "group of computer" can access APP, but the user initiated traffic doesn't necessarily have to be allowed to do that. It's one thing to associate a user to an IP, which is what is currently done. What he is looking for is to associate TRAFFIC to a user.
... View more