01-26-2015 06:51 AM
Now that AOS 6.4 supports direct Palo Alto User-ID integration via the XMLAPI on the PanOS:
In an environment with both AOS 6.4 Controllers and CPPM, is there a reccomended best practice or preferred Aruba reccomendation as to which of those two sources update the User-ID info in Palo Alto?
01-26-2015 06:54 AM
If you are using identity integration on your wired network, it would be
best to use ClearPass as the Palo identity source.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP
01-26-2015 08:22 AM
Note that CPPM priovdes additional context over AOS to the PANW about an endpoint in the form of HIP Objects.
And I agree with Tim, ONLY use one source as context input to the PANW.
Snr Tech Marketing Engineer - ClearPass
-- Found something helpful, important, or cool? Click the Kudos Star in a post.
-- Problem Solved? Click "Accept as Solution" in a post.