When using certificate authentication for firewall administration, which method is used for authorization?
When using certificate authentication for firewall administration, which method is used for authorization?
When using certificate authentication for firewall administration, the authorization method typically used is 'Local.' This approach means that while the certificates are used for authentication, the authorization and role assignments are managed locally on the firewall itself. This allows the firewall to control the administrative permissions internally rather than relying on external services like LDAP, Radius, or Kerberos for authorization.
Maybe C https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClcCCAS
Authentication: Certificates Authorization: Local The administrative accounts are local to the firewall, but authentication to the web interface is based on client certificates. You use the firewall to manage role assignments but access domains are not supported.
Definitely, the correct answer is C.
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/firewall-administration/manage-firewall-administrators/administrative-authentication
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/firewall-administration/manage-firewall-administrators/administrative-authentication
Not maybe, but surely C
Definitely C, RADIUS in some situations would provide authorization *EXCEPT* we're specifically looking at cert-based authentication here, negating RADIUS from my understanding.
C Local 100%