User-ID Features
New User-ID Features Description
Panorama and Log Collectors as User-ID Redistribution Points You can now leverage your Panorama and distributed log collection infrastructure to redistribute User-ID mappings in large-scale deployments. By using the existing connections from firewalls to Log Collectors to Panorama, you can aggregate the mappings without setting up and managing extra connections between firewalls.
Centralized Deployment and Management of User-ID and TS Agents You can now use endpoint management software such as Microsoft SCCM to remotely install, configure, and upgrade multiple Windows-based User-ID agents and Terminal Services (TS) agents in a single operation. Using endpoint management software streamlines your workflow by enabling you to deploy and configure numerous User-ID and TS agents through an automated process instead of using a manual login session for each agent.
User Groups Capacity Increase To accommodate environments where access control for each resource is based on membership in a user group, and where the number of resources and groups is increasing, you can now reference more groups in policy (the limit varies by platform).
User-ID Syslog Monitoring Enhancements The following enhancements improve the accuracy of User-ID mappings and simplify monitoring syslog servers for mapping information: Automatic deletion of user mappings—To improve the accuracy of your user-based policies and reports, the firewall can now use syslog monitoring to detect when users have logged out and then delete the associated User-ID mappings. Multiple syslog formats—In environments with multiple points of authentication sending syslog messages in different formats, it is now easier to monitor login and logout events because the firewall can ingest multiple formats from a syslog server aggregating from various sources.
Group-Based Reporting in Panorama Panorama now provides visibility into the activities of user groups in your network through the User Activity report, SaaS Application Usage report (see SaaS Application Visibility for User Groups), custom reports, and the ACC. Panorama aggregates group activity information from managed firewalls so that you can filter logs and generate reports for all groups.

Related Documentation