Role-based access control (RBAC), which relies on a user’s role in the directory, is a powerful mechanism but standard RBAC procedures are riddled with challenges when it comes to enforcing security based on unexpected changes in user behavior.

 

In contrast, Dynamic Access Groups (DUG) enable your security admins to dynamically change user access based on any change in circumstances due to new indicators of compromise for the user. Configuring DUG on your Next-Generation Firewall lets you reap the benefits of automated enforcement, tighter security that matches users’ behavior, and minimal risks associated with over-provisioned access.