Manifest Group Suggestions

Here is a suggested Manifest directory structure for Palo Alto firewalls. Network Services will need the path for each group in order for access to work.

Folders
 Groups  Description
 uw:domain:<YOUR_DEPT_NAME>:Firewall_Administration    
  Firewall_Admins-ReadWrite  NetIDs allowed to change/add/remove firewall settings.
  Firewall_Admins-ReadOnly  NetIDs allowed to view firewall settings & logs.



 uw:domain:<YOUR_DEPT_NAME>:VPN


Group/Service Specific Users
NetIDs allowed to log into a specific VPN.
"BELOW IS STILL BEING FINALIZED - PLEASE HOLD"

uw:domain:<YOUR_DEPT_NAME>:Firewall_Groups
AD groups that can be used to write firewall rules against after the user has logged into VPN.

Admins
System &/or Network Administrators

Users
Department Users

Vendors
Outside Vendors







Keywords:
manifest palo alto group vpn access domain firewall administration ou cn 
Doc ID:
76116
Owned by:
Scott B. in Network Services
Created:
2017-08-25
Updated:
2019-01-15
Sites:
DoIT Help Desk, Network Services