Dell PowerConnect W Clearpass 100 Software Palo Alto Networks User-ID Services - Page 10

• Username Suffix: The Palo Alto Networks plugin versions 0.7.0 and later allow you to optionally specify a suffix to add to usernames, e.g., #{$user.sponsor_name} 4. Click Save Configuration to save your settings. The configuration of the plugin is complete. Check Palo Alto Networks Version and Setup Palo Alto Networks firewalls and Agent Software are required to be running the following software releases in order to support the XML API for the User-ID integration: • Firewall Software Version 3.1.0 or later • User-ID Agent Software Version 3.1.0 or later In the test environment referenced in this document, the Palo Alto Networks firewall was deployed in a simple VWire or virtual wire deployment mode as shown below. In a virtual wire deployment, the firewall is installed transparently on a network segment by binding two ports together. You can install the firewall in any network environment with no configuration of adjacent network devices required. If necessary, a virtual wire can block or allow traffic based on the virtual LAN (VLAN) tag values. By default, the virtual wire "default-vwire" binds together Ethernet ports 1 and 2 and allows all untagged traffic. This configuration will not suit all deployments and it is not a mandatory requirement for the integration with Amigopod. The actual design and deployment of the Palo Alto Networks firewall is outside of the scope of this document and the reader is encouraged to consult the Palo Alto Networks documentation and/or their Palo Alto Networks Networks reseller or representative. A very simplistic Policy configuration has been adopted for the test environment that is forwarding bi-directional traffic between the Trust and UnTrust zones. Again this configuration will certainly not suit all deployments but Palo Alto Networks policy definitions are considered to be out of scope for this document. 10| Palo Alto Networks User-ID Services Amigopod |Technical Note