Learn how Prisma Access redistributes User-ID mapping and how to configure it.
Where Can I Use This?
What Do I Need?
Prisma Access (Managed by Strata Cloud Manager)
Prisma Access (Managed by Panorama)
Prisma Access license
So that you can enforce your security policy consistently, Prisma Access
shares identity data that GlobalProtect discovers locally across your entire Prisma
Access environment. Prisma Access can also share identity data with on-premises devices
at remote network sites or service connection sites (HQ and data centers).
For mobile users to access a resource at a remote network location or HQ/data center
that’s secured by a device with user-based policies, you must redistribute the identity
data from the Prisma Access mobile users and users at remote networks to that
on-premises device.
When the users connect to Prisma Access, Prisma Access collects the user’s identity data
and stores it.
The following example shows two mobile users that have an existing IP address-to-username
mapping in Prisma Access. Prisma Access then redistributes this mapping by way of a
service connection to the on-premises devices that’s securing the HQ/data center.
Prisma Access (Managed by Strata Cloud Manager) automatically enables service connections to work as
identity redistribution agents (also called User-ID agents).