Agentless capturing transparently the user id's and feeding these into the Palo Alto ID aware gateway.
The need
a. User visibility, User based access control, User based reporting.
b. When using VmWare virtual desktop (Horizon client).
Current Identity agents are unable to wrap around the VmWare credential providers
and are unable to capture the User logon via SSO (transparent).
c. Based on transparent NTLM authentication (located in the startup script)
d. The endpoints remain agentless.
The user will connect to a webpage (hosting the ASP script and UID agent). The webpage will return a HTTP:401 Indicating that authentication is required. In this way the user will authenticate himself (similar as other website authentication fi. Proxy). The ASP script will capture the ip, username, domain etc. and sent it over to the User ID Agent by XML. The Palo Alto gateway connects to the User ID Agent to obtain the user.
A very detailed how to;