02-10-2014 03:55 PM
I've come across some of the values and benefits when integrating ClearPass Policy Manager (CPPM) with Palo Alto Networks Next-Generation Firewalls (PAN-NGFW). Basically the CPPM would feed PAN-NGFW with User ID/IP Address mapping and the device types for guest users. This is done when the users became unknown to PAN-NGFW and don’t have information in the Directory Servers (i.e., Active Directory, LDAP, etc.). CPPM add much values to the network security by providing this information, but my question would be what values/benefits CPPM would provide to clients other than guest/BYOD if no RADIUS Authentication Server is deployed? I guess the values are only confined with guest users and BYOD. Other users whom information is supposedly available in the directory servers are already known to PAN-NGFW without the need to integrate with CPPM.
I'd appreciate your resourceful and insightful comments.
Thanks & regards,