User and group information must be directly integrated into the technology platforms that secure modern organizations. Knowing who is using the applications on your network, and who may have transmitted a threat or is transferring files, strengthens security policies and reduces incident response times. User-ID, a standard feature on Palo Alto Networks next-generation firewalls, enables you to leverage user information stored in a wide range of repositories.

Visibility into a User’s Application Activity

Visibility into the application activity at a user level, not just an IP address level, allows you to more effectively enable the applications traversing the network. You can align application usage with business requirements and, if appropriate, inform users that they are in violation of policy, or even block their application usage outright.

User-Based Policy Control

Policies can be defined to safely enable applications based on users or groups of users, in either outbound or inbound directions, for example, allow only the IT department to use tools such as SSH, telnet, and FTP on standard ports. With User-ID, policy follows the users no matter where they go – headquarters, branch office or at home – and whatever device they may use.

User-Based Analysis, Reporting and Forensics

Informative reports on user activities can be generated using any one of the pre-defined reports or by creating a custom report.