Implement User-ID in Security Policies For a Standalone Prisma Access Deployment
Focus
Focus

Implement User-ID in Security Policies For a Standalone Prisma Access Deployment

Table of Contents

Implement User-ID in Security Policies For a Standalone Prisma Access Deployment

In a standalone Prisma Access deployment without a Master Device, you can use group-based policy using long-form DN entries in Panorama. Prisma Access uses the DN entries to evaluate the User-ID-based policies you have configured in Panorama.
For example, given a User named Bob Alice who works in IT for Organization Hooli in the United States, a matching security policy may have ou=IT Staff,O=Hooli,C=US if the policy is to be applied to all IT staff, or CN=Bob Alice,ou=IT Staff,O=Hooli,C=US if the policy is only to be applied to Bob Alice.