An engineer needs to collect User-ID mappings from the company’s existing proxies.
What two methods can be used to pull this data from third party proxies? (Choose two.)
An engineer needs to collect User-ID mappings from the company’s existing proxies.
What two methods can be used to pull this data from third party proxies? (Choose two.)
To collect User-ID mappings from third-party proxies, the methods that can be used are XFF (X-Forwarded-For) Headers and Syslog. XFF Headers allow proxy servers to pass the original IP address of a client requesting an HTTP connection to the server, which can then be used for User-ID mapping. Syslog is a standardized protocol used to send system log or event messages to a specific server, which can also be used to gather User-ID mappings from proxies. Client probing is not recommended for high-security networks, and server monitoring does not apply to collecting data from third-party proxies.
Should be B and C.
B, C are correct
On the 1/23/24 exam
B and C are correct
B and C correct
According to New Docs it's B and C https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/user-id/user-id-concepts/user-mapping/xff-headers#idf60a278d-2285-4b19-9cc3-95a4b88d5c51 https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/user-id/user-id-concepts/user-mapping/syslog#idee459093-72c1-4ca5-9e44-2c4f359090bb
the diagram shows the methods for proxy server https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/user-id-overview
New link https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/user-id/user-id-overview
Not only is B,C correct but note the negative stance from Palo regarding Client Probing: "Palo Alto Networks strongly recommends disabling client probing because it is not a recommended method of obtaining User-ID information in a high-security network." https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/user-id/user-id-concepts/user-mapping/client-probing
look at the classic diagram for USERID ingestion and third party proxy is listed under Syslog and XFF Headers.