Deployment of Ivanti Policy Secure using PAN Next Generation Firewall

This section describes the integration of Ivanti Policy Secure with PAN Next Generation Firewall. Ivanti Policy Secure integrates with PAN Next Generation Firewall syslog notification mechanism to receive the threat alert information from Palo Alto Networks and takes an action based on the admin configured policies.

The authentication process is described below:

1. User is authenticated on Ivanti Policy Secure after validating the Host Checker policy.

2. The user sessions are exported to PAN through enforcement configuration, which uses REST APIs for updating the session details.

3. The PAN Next Generation firewall obtains session information from REST APIs and creates an IP to username mapping. The firewall can use this information to either allow or block traffic based on the configured policy.

4. PAN Next Generation Firewall Monitors the end user flow and activity and detects attacks/malicious activity at the end user session

5. PAN Next Generation Firewall sends a syslog message to Ivanti Policy Secure if any suspicious traffic or activity is detected from end user.

6. Ivanti Policy Secure will process the received syslog message and based on the configured policies, actions will be taken for the end user session.

7. Ivanti Policy Secure will update PAN Next Generation firewall with updated session information.

8. The PAN Next Generation Firewall changes access to the user based on the updated session information obtained from Ivanti Policy Secure.

The enforcement of the user is also updated on the firewall.