Visibility

Improved visibility into application usage based on users gives you a more relevant picture of network activity.

Policy Control

Tying user and group information to the security policies allows you to control application usage while reducing the administrative effort associated with end-user moves, adds and changes.

Logging, Reporting, Forensics

If a security incident occurs, forensics analysis and reporting based on user information provides a more complete picture of the incident.

User and group information must be directly integrated into the technology platforms that secure modern organizations. Knowing who is using the applications on your network, and who may have transmitted a threat or is transferring files, strengthens security policies and reduces incident response times. User-ID, a standard feature on Palo Alto Networks next-generation firewalls, enables you to leverage user information stored in a wide range of repositories.

Visibility into a User’s Application Activity

Visibility into the application activity at a user level, not just an IP address level, allows you to more effectively enable the applications traversing the network. You can align application usage with business requirements and, if appropriate, inform users that they are in violation of policy, or even block their application usage outright.

User-Based Policy Control

Policies can be defined to safely enable applications based on users or groups of users, in either outbound or inbound directions, for example, allow only the IT department to use tools such as SSH, telnet, and FTP on standard ports. With User-ID, policy follows the users no matter where they go – headquarters, branch office or at home – and whatever device they may use.

User-Based Analysis, Reporting and Forensics

Informative reports on user activities can be generated using any one of the pre-defined reports or by creating a custom report.

Neutralizing Credential Theft

User-ID integrates with identity and authentication frameworks, which enables precise access control through policy-based multi-factor authentication. This disrupts the use of stolen credentials. Learn more here.


 

What is a denial of service attack (DoS) ?

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users by flooding it with traffic.
  • 3
  • 61126

Product Summary Specsheet

Key features, performance capacities and specifications for all Palo Alto Networks firewalls.
  • 86
  • 240812

What is an Intrusion Prevention System?

An Intrusion Prevention System (IPS) is a network security prevention technology that examines network traffic flow to detect and prevent vulnerability exploits
  • 5
  • 110704

What is a Zero Trust Architecture?

Businesses who want to prevent the exfiltration of sensitive data and improve their defense against modern cyber threats can consider a Zero Trust architecture.
  • 1
  • 41920

PA-5200 Series Datasheet

Palo Alto Networks® PA-5200 Series of next-generation firewall appliances is comprised of the PA-5280, PA-5260, PA-5250 and PA-5220.
  • 21
  • 90655

What is Cybersecurity?

Cybersecurity refers to the preventative techniques used to protect the integrity of networks, programs and data from attack, damage, or unauthorized access.
  • 4
  • 83804