Manifest Group Suggestions
Here is a suggested Manifest directory structure for Palo Alto firewalls. Network Services will need the path for each group in order for access to work.
| Folders |
Groups | Description |
|---|---|---|
| uw:domain:<YOUR_DEPT_NAME>:Firewall_Administration | ||
| Firewall_Admins-ReadWrite | NetIDs allowed to change/add/remove firewall settings. | |
| Firewall_Admins-ReadOnly | NetIDs allowed to view firewall settings & logs. | |
| uw:domain:<YOUR_DEPT_NAME>:VPN | ||
| Group/Service Specific Users | NetIDs allowed to log into a specific VPN. | |
| "BELOW IS STILL BEING FINALIZED - PLEASE HOLD" | ||
| uw:domain:<YOUR_DEPT_NAME>:Firewall_Groups | AD groups that can be used to write firewall rules against after the user has logged into VPN. | |
| Admins | System &/or Network Administrators | |
| Users | Department Users | |
| Vendors | Outside Vendors | |