Manage GlobalProtect Mobile Users
Table of Contents
Expand all | Collapse all
Manage GlobalProtect Mobile Users
You can use the Mobile Users - GlobalProtect tab to manage and view data related to
your mobile users that connect to
Prisma Access
through the GlobalProtect agent. You can use the
Mobile Users - GlobalProtect
tab to manage
and view data related to your mobile users that connect to Prisma Access
security
services through the GlobalProtect agent on their devices. View the Health of Your GlobalProtect Mobile Users
The
Monitoring Summary
tab gives you an overview of the health status of
GlobalProtect Mobile Users logged into Prisma Access
.Current Users
Current
displays the number of users connected to Prisma Access
at the
time the data was fetched or as indicated in the timestamp. A mobile user that
connects to Prisma Access
at least once in the past 90 days consumes an
mobile user license. A mobile user license consumption considers only the unique
username of the mobile user and not all of the devices that one user might have
used to connect to Prisma Access
.Select
Connected Users
to open the Current Connected
Users
window.Select any
User
to open the User Details Page and view that user’s statistics, including devices connected
through Prisma Access
locations, the user’s location, source IP address,
device OS, GlobalProtect version on their device, and other details, and a table
of all login events that occurred in the time interval selected on every device
that the user has connected to Prisma Access
.Mobile User License Consumption
GlobalProtect License Consumption
shows the total number of licenses
consumed by unique mobile users that were connected to Prisma Access
in the
last 90 days, because licenses are based on the past 90 days of Prisma Access
login data. A user who has logged in to Prisma Access
at least once in
the past 90 days contributes toward consumption of one Mobile User license.When you hover over the line chart, you’ll see the time stamp
corresponding to the x-axis day reference with its license consumption
figure, total licenses purchased for mobile users, license utilization
as a percentage of the total licenses purchased, and the 90-day
license computation time period used for determining the license
consumption at the day referenced on the x-axis.
You can view the mobile user license consumption trend, which
is shown for the past 30 days regardless of the time filter you
selected on the Monitoring Summary page. Hover over the line chart
to display information on day referenced in the x-axis. Select the
View
Users
button to open the Mobile Users License
Consumption
page and view data on users connected in
the last 90 days. You can view the users list or export it in CSV format.Panorama Managed
Prisma Access
normalizes usernames to a single format to prevent the
same mobile usernames (appearing in different formats) from being counted
multiple times.For example, when users connect to a gateway,
Panorama Managed
Prisma Access
can receive
instances of the same username from the gateway in various formats, such
as:- jane.doe@domain.com
- domain\jane.doe
- (null)\jane.doe@domain.com
- jane.doe
Before normalization, these instances of the same username are counted as
individual users, causing the mobile user counts to be inflated
incorrectly.
After normalization, all usernames will be in the
user.name@domain.com
format, and the mobile user
counts will accurately reflect the number of users who have connected to Panorama Managed
Prisma Access
within the last 90 days. If the username is already in
the user.name@domain.com
format, the username is not
normalized.Top 5 Open Alerts by Severity
By default, only the nodes with the top five most severe
alerts during the
Time Range
selected appear.
The vertical lines represent the severity of the alerts. Drilling
down into an alert gives you more context of the underlying issue.
These alerts cannot be cleared manually. They can be cleared only by
resolving the underlying issue. View All Mobile User Alerts
link
takes you to the Alerts
page, where you can
filter the data displayed by Status
and Use Case
.When you drill down into an alert, the
Alert Details
page opens. This page
displays the status and description of the alert along with other information,
such as the Alert Generation Timestamp, alert status as to whether the alert is
open, the alert type, Prisma Access
location from where the alert was
generated, and the name of the tenant that was affected. Select the name of the
tenant to open the Prisma Access
Location page for the tenant, which shows
you the detailed tenant status.Top 5 Most Active Prisma Access Locations
Prisma Access
Locations Use this bar graph to view the most active
Prisma Access
locations based on the number of
connected users at that time. It shows you the top five sites based on users
connected to a particular Prisma Access
location. Hover over a bar to see
the details of the number of Mobile Users that were logged in by region in the
specified Time Range
.GlobalProtect Version Distribution
GlobalProtect Version Distribution
shows the GlobalProtect versions that
your users’ devices are using to connect to Prisma Access
. The data
displayed can be used to enforce compliance with the latest GlobalProtect app
version. Select a GlobalProtect version in the trend chart to open the Mobile
User List Page, where you can view connected users who have at least one device
with the selected GlobalProtect version connected to Prisma Access
.Current IP Pools Utilization
Use the real-time bar graph to see IP pool utilization
by different IP pool allocation theaters based on the number of
connected users at that time. The IP pool utilization percentage
on the bar graph is the number of IP pool blocks used out of all
the IP pool blocks that are available across all the subnets. You
can take proactive actions by adding subnets when you see an IP
pool bar approaching the maximum capacity for any region.
GlobalProtect Distribution Trend
GlobalProtect Version Distribution
provides the
trend data shown here. Note that data on some of the less-used GlobalProtect versions
may not appear on this trend chart.Map View of Mobile Users Connected to Prisma Access
Prisma Access
The or allows you
to select the locations you want to view, and
Map View
tab shows all the mobile users connected to Prisma Access
locations on a map. You can clarify information using Prisma Access
LocationMobile User
in
the filter icon. Prisma Access
LocationUser
allows you
to select any user to view details on their location and devices.The inverted triangles on the map are color-coded to indicate
Prisma Access
location
status:- Green: If any one instance is up, the MU location is connected, or up.
- Red: If all instances areDown, the MU connection is disconnected, or down
- Gray: If instance states are a mixture of disconnected and unknown, the MU location is unknown.
Use the
Real Time
option on the time selector to see users who are
currently connected to Prisma Access
locations. The default view for the map shows the states of all
Prisma Access
locations configured for
the tenant. Slide the Show all users
toggle at the top of the
map view to see users or clusters of users who were connected to Prisma Access
in the selected time interval, along with the Prisma Access
locations. Select
aPrisma Access
location to show only the users who were connected to that
particular Prisma Access
location with at least one device.Select a cluster to see details about users in that area. When
you select a user in that cluster, a side panel with login trend
data about this user opens.
Use the
Map View
Time Range
selector to view users connected to Prisma Access
at time intervals other than Real Time
,
such as Last 24 hours
. Hover on a location in the map to see
the name of the location and the number of users connected to that location in the
selected time interval. Note that time range selections other than Real
Time
could show a user connected from the same device to different
Prisma Access
locations at different times during the interval, while in
real time, a user would be connected to a single Prisma Access
location with one
device. To see all users connected to a specific
Prisma Access
location, select the location icon on
the map. A flight path appears from the Prisma Access
location you selected to
all users who are connected to this location. Select any cluster of users connected to your location, and zoom in to view details about users
within each cluster. Select any user to see data about the devices this user
employed to connect to this location, as well as other devices that the user may
have used to connect to other
Prisma Access
locations. You can slide the
Show All Users
toggle to see all connected users on the
Mobile User map.Select a flight path to see details about the connected users.
The flight path shown (see the red circle in the following image)
has six users, and a side panel opens to show information about
them. Select any one of these users to see their information, such
as device ID, IP address, last user location, and last login time.
Monitor Connected Mobile Users
The
Mobile Users List
tab provides
data on your users connected during the Time Range
selected.
The Devices of Connected Users page corresponds
with the Mobile Users List
page, providing
details about your users’ connected devices.Connected Users
The
(Number of) Connected Users
trend chart displays the count of mobile
users who were connected to Prisma Access
during the time interval selected
on the page time selector. The y-axis value at any point along the trend line
indicates the exact number of users corresponding to the x-axis time indicator. All Connected Mobile Users
The
(Number of) Connected Users
table following the chart displays all the
users who were connected to Prisma Access
within the specified
Time Range
selected, which is 30 days in the
following example. To view data about users connected at a specific time, select a point in the
Connected
Users
trend chart. The Connected Users
table filters on the data point that you select. The table shows the users who
are connected at that time, along with the number of devices they have connected
to Prisma Access
, the last location from where the user was recorded
connecting to Prisma Access
, and the last Prisma Access
location where
the user was connected with any device. Because this image shows a
Time Range
selected of Last 30
Days
, the specific point you selected shows the users connected
during a 3-hour interval between 04
Sep. 2022 1:22:34pm through 04 Sep. 2022 4:22:33pm.User Details Page
From the
Connected Users
table, select a connected
User
to open the User Details
page to view information about that unique user. The Devices of
Connected User
chart shows the Prisma Access
locations used
and how many times the user connected to each location, from any of their
devices. Breaks in the instances mean there were no devices connected at that
time.The
(Number of) Devices
table shows details about each device connected to
Prisma Access
using GlobalProtect. The (Number of) User
Login/Logout Events (All Devices)
table shows the unique login
events that occurred from all devices belonging to the user with the associated
session statistics in the selected time interval.View an example of the
User Details
page below:Select a connected user’s
Last
Prisma Access
Location
Used
to go to the Prisma Access
page and view details about the user’sPrisma Access
locations.View Data About All Connected Users’ Devices
The
User Details Page
shows the
data of all connected devices during the Time Range
selected.
The Mobile Users List page
corresponds with the Devices of Connected
Users page, providing details about your users rather than
the users’ connected devices.Devices of Connected Users
Devices of Connected Users
shows all mobile devices that were connected to
Prisma Access
during the time interval selected on the page time
selector. The trend line shows the connectivity in terms of device count as
connected to Prisma Access
at various times corresponding to the x-axis time
indicators. Devices
The
(Number of) Devices
table displays all the devices connected to Prisma Access
within the specified Time Range
selected, which is 30 days in the following example. You can see in the
Devices
table that each device has its own row of
data, regardless of its user. To view data about devices connected at a specific time, select
a point in the
Devices of Connected Users
trend
chart. The Total Devices
table filters on
the data point that you select. Because this image shows a selected Time
Range
of Last 30 Days
, the specific
point you selected shows the devices connected during a 3-hour interval between
12 Sep. 2022 6:37:02pm through 12 Sep. 2022 9:37:01pm.Select a specific user to view the User Details Page page.
Select a device’s user’s
Last
Prisma Access
Location
Used
to go to the Prisma Access Locations
page and view details about the user’s Prisma Access
locations.