Dell PowerConnect W Clearpass 100 Software Palo Alto Networks User-ID Services - Page 6

Palo Alto Networks User-ID Services Architecture Amigopod is typically deployed in conjunction with a Wired or Wireless Access Controller to provide a clean branded user experience, user session management and many other innovative enhancements to a traditional Guest or Public Access solution. The additional of an upstream Palo Alto Networks firewall adds a wealth of security and traffic management features to these networks. As discussed previously the Palo Alto Networks User-ID technology allows all sessions passing through (or visible via TAP interface) the firewall to be associated with the source Enterprise user's identity by integrating with Active Directory or Novell eDirectory, for example. Typical Wired and Wireless Access Controllers have basic firewalling and traffic management features whilst granular application control, content filtering, anti-virus etc is passed onto purpose built platforms in the network DMZ. The challenge arises on these devices that they have no visibility of the users associated with the traffic they are processing and therefore are unable to make policy decisions based on user identity or collect audit and forensic reports where the end user responsible for "interesting" traffic is identified. With the introduction of the Palo Alto Networks firewall performing these functions, this lack of user visibility is removed through the tight integration with Amigopod's user authentication process. 6| Palo Alto Networks User-ID Services Amigopod |Technical Note