Strata Cloud Manager
Manage: Cloud Identity Engine
Table of Contents
Expand All
|
Collapse All
Strata Cloud Manager Docs
-
- Strata Copilot
- Command Center: Strata Cloud Manager
-
- Dashboard: Build a Custom Dashboard
- Dashboard: Executive Summary
-
- WildFire Dashboard: Filters
- WildFire Dashboard: Total Samples Submitted
- WildFire Dashboard: Analysis Insights
- WildFire Dashboard: Session Trends For Samples Submitted
- WildFire Dashboard: Verdict Distribution
- WildFire Dashboard: Top Applications Delivering Malicious Samples
- WildFire Dashboard: Top Users Impacted By Malicious Samples
- WildFire Dashboard: Top Malware Regions
- WildFire Dashboard: Top Firewalls
- Dashboard: DNS Security
- Dashboard: AI Runtime Security
- Dashboard: IoT Security
- Dashboard: Prisma Access
-
- Application Experience Dashboard: Mobile User Experience Card
- Application Experience Dashboard: Remote Site Experience Card
- Application Experience Dashboard: Experience Score Trends
- Application Experience Dashboard: Experience Score Across the Network
- Application Experience Dashboard: Global Distribution of Application Experience Scores
- Application Experience Dashboard: Experience Score for Top Monitored Sites
- Application Experience Dashboard: Experience Score for Top Monitored Apps
- Application Experience Dashboard: Application Performance Metrics
- Application Experience Dashboard: Network Performance Metrics
- Dashboard: Best Practices
- Dashboard: Compliance Summary
-
- Prisma SD-WAN Dashboard: Device to Controller Connectivity
- Prisma SD-WAN Dashboard: Applications
- Prisma SD-WAN Dashboard: Top Alerts by Priority
- Prisma SD-WAN Dashboard: Overall Link Quality
- Prisma SD-WAN Dashboard: Bandwidth Utilization
- Prisma SD-WAN Dashboard: Transaction Stats
- Prisma SD-WAN Dashboard: Predictive Analytics
- Dashboard: PAN-OS CVEs
- Dashboard: CDSS Adoption
- Dashboard: Feature Adoption
- Dashboard: On Demand BPA
- Manage: IoT Policy Recommendation
- Manage: Enterprise DLP
- Manage: SaaS Security
- Manage: Prisma Access Browser
- Reports: Strata Cloud Manager
-
-
- Strata Cloud Manager Release Information
-
- New Features in February 2025
- New Features in January 2025
- New Features in December 2024
- New Features in November 2024
- New Features in October 2024
- New Features in September 2024
- New Features in August 2024
- New Features in July 2024
- New Features in June 2024
- New Features in May 2024
- New Features in April 2024
- New Features in March 2024
- New Features in February 2024
- New Features in January 2024
- New Features in November 2023
- New Features in October 2023
- New Features in September 2023
- Known Issues
- Addressed Issues
- Getting Help
Manage: Cloud Identity Engine
Learn to manage your Cloud Identity Distribution in Strata Cloud Manager.
Where Can I Use This? | What Do I Need? |
---|---|
|
Each of these licenses include access to Strata Cloud Manager:
→ The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are
using.
|
Cloud Identity Engine (Directory Sync)
gives Prisma Access read-only access to your Active Directory information, so that
you can easily set up and manage security and decryption policies for users and
groups.
Cloud Identity Engine works with both on-premises Active Directory and Azure Active
Directory.
To set up Cloud Identity Engine with Prisma Access, start by going to the hub to
activate Cloud Identity Engine and to add it to Prisma Access. Then go to Prisma
Access to validate that Prisma Access is able to access directory data.
- Activate Cloud Identity EngineCloud Identity Engine can share Active Directory information with any supported app on the hub. It’s free and does not require an auth code to get started. Cloud Identity Engine setup includes activating the Cloud Identity Engine app on the hub, configuring the Cloud Identity Engine agent to gather Active Directory mappings, and configuring mutual authentication between Cloud Identity and and the agent.Make sure to deploy the Cloud Identity Engine instance in the same region that you deployed Prisma Access and Strata Logging Service.
- Enable Cloud Identity Engine for Prisma Access.You can associate Prisma Access with Cloud Identity Engine when you’re first activating Prisma Access or anytime after:
- While you’re activating Prisma Access: When you first activate Cloud Managed Prisma Access, you can choose a Cloud Identity Engine instance for Prisma Access to use. Make sure to select an instance that is deployed in the same region as Prisma Access.
- After you’ve activated Prisma Access: To enable Cloud Identity Engine for an existing Prisma Access instance, log in to the hub. From the hub settings dropdown (see the gear on the top menu bar), select Manage Apps. Find the Prisma Access instance you want to update, and select the Cloud Identity Engine instance you want Prisma Access to use.
- Confirm that Prisma Access is connected to Cloud Identity Engine, and that Cloud Identity Engine is sharing directory information with Prisma Access.
-
Check that you can see your directories in Prisma Access.Go to ManageConfigurationIdentity ServicesCloud Identity Engine:
-
Verify that you can add users and groups to a policy rule.Select ManageSecurity ServicesSecurity or Decryption. In a security or decryption policy rule, check that the Users dropdown displays your Active Directory user and group entries. Now you can start adding these users and groups to your security and decryption policy rules.Troubleshoot traffic that isn't being enforced as expected–check the status of specific firewalls to understand whether there’s a mismatch between expected policies (as configured) and enforced policies.
-