Configure User-ID and User-Based Policies with Prisma Access
Prisma Access requires that you configure IP address-to-username mapping
to consistently enforce user-based policy for mobile users and users
at remote network locations. In addition, you need to configure
username to user-group mapping if
you want to enforce policy based on group membership.
You can then configure your deployment to allow Panorama to get
the list of user groups retrieved from the group mapping, which
allows you to easily select these groups from a drop-down list when
you create and configure policies in Panorama.
The following sections provide an overview and the steps you
perform to configure and implement User-ID in Prisma Access.