Visibility

Improved visibility into application usage based on users gives you a more relevant picture of network activity.

Policy Control

Tying user and group information to the security policies allows you to control application usage while reducing the administrative effort associated with end-user moves, adds and changes.

Logging, Reporting, Forensics

If a security incident occurs, forensics analysis and reporting based on user information provides a more complete picture of the incident.

User and group information must be directly integrated into the technology platforms that secure modern organizations. Knowing who is using the applications on your network, and who may have transmitted a threat or is transferring files, strengthens security policies and reduces incident response times. User-ID, a standard feature on Palo Alto Networks next-generation firewalls, enables you to leverage user information stored in a wide range of repositories.

Visibility into a User’s Application Activity

Visibility into the application activity at a user level, not just an IP address level, allows you to more effectively enable the applications traversing the network. You can align application usage with business requirements and, if appropriate, inform users that they are in violation of policy, or even block their application usage outright.

User-Based Policy Control

Policies can be defined to safely enable applications based on users or groups of users, in either outbound or inbound directions, for example, allow only the IT department to use tools such as SSH, telnet, and FTP on standard ports. With User-ID, policy follows the users no matter where they go – headquarters, branch office or at home – and whatever device they may use.

User-Based Analysis, Reporting and Forensics

Informative reports on user activities can be generated using any one of the pre-defined reports or by creating a custom report.

Neutralizing Credential Theft

User-ID integrates with identity and authentication frameworks, which enables precise access control through policy-based multi-factor authentication. This disrupts the use of stolen credentials. Learn more here.


 

What is an Intrusion Prevention System?

An Intrusion Prevention System (IPS) is a network security prevention technology that examines network traffic flow to detect and prevent vulnerability exploits
  • 4
  • 101982

What is a denial of service attack (DoS) ?

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users by flooding it with traffic.
  • 2
  • 50057

What is Cybersecurity?

Cybersecurity refers to the preventative techniques used to protect the integrity of networks, programs and data from attack, damage, or unauthorized access.
  • 4
  • 77613

What is a Zero Trust Architecture?

Businesses who want to prevent the exfiltration of sensitive data and improve their defense against modern cyber threats can consider a Zero Trust architecture.
  • 1
  • 34606

Product Summary Specsheet

Key features, performance capacities and specifications for all Palo Alto Networks firewalls.
  • 85
  • 230744

What is a Data Center?

A data center is a facility that centralizes an organization’s IT operations and equipment, and where it stores, manages, and disseminates its data
  • 0
  • 42623