Palo Alto Networks was the first next-generation firewall vendor to enable identity-based security with the introduction of natively integrated User-ID for user-based policies. Learn about Identity and how Identity works at Palo Alto Networks.
Identity at Palo Alto Networks
Cloud Identity Engine
-
Identity Concepts
This course provides a high-level introduction to the concepts, products, and features of the Palo Alto Networks Identity architecture. A key concept is that of the Zero Trust security model where traffic from all zones is inspected and controlled.
-
The Cyberattack Lifecycle
This course provides an overview of the cyberattack lifecycle, threat types, firewall packet flow, and threat prevention.
-
Setup and Connection
This course describes the process of setting up Cloud Identity Engine (CIE) and shows how to connect CIE to Identity providers to pull users and groups into CIE. This course also describes connecting an on-premises Active Directory (AD) and a Cloud Ide...
-
User Authentication Configuration
Multi-authentication in the Palo Alto Networks Cloud Identity Engine (CIE) allows customers to configure a single authentication endpoint (GlobalProtect, Authentication Portal, Admin login) with multiple authentication types and/or multiple identity pr...
-
Prisma Access Cloud Managed for Identity
Cloud Identity Engine (CIE) is one place in the cloud that all network security form factors can talk to, where they can authenticate and authorize their users against a variety of identity sources, whether they are on-prem, in the cloud, or in a hybri...
-
Panorama Managed for Identity
Cloud Identity Engine (CIE) provides both user identification and user authentication for a centralized cloud-based solution in on-premise, cloud-based, or hybrid network environments. Cloud Identity Engine allows you to write security policy based on ...
-
Advanced Identity Concepts
This course describes how the dynamic user group and address group capabilities enables customers to write user-based policies based on their behavior. With these capabilities, the firewall will detect the user's unusual activity and block those transa...
-
Prevent Use of Stolen Credentials
This course describes how to use multi-factor authentication (MFA) and its supported methods to prevent credential theft.
-
Identity Data Redistribution
This course describes how identity mappings are shared between firewalls, the recommended architecture for on-premises Active Directory configuration, and the general steps to configure data redistribution.
-
User-ID Best Practices
The ability to consistently identify the users on your network regardless of location provides better visibility into user activity, enables user- and group-based security policy, and helps you gain more insightful analytics (logging, reporting, forens...
-
User Context
This course describes the Cloud Identity Engine (CIE) user context feature. The course details the setup, components, and use of user context.
-
SCIM
This course describes the System for Cross-domain Identity Management (SCIM) architecture and how to configure SCIM for Azure in the Cloud Identity Engine.
-
Health Alerts
This course describes the Cloud Identity Engine health alerts that are sent to PAN-OS.