Create a passive identity agent identity source

This task discusses how to create a passive identity agent that sends user session activity to the Cloud-Delivered Firewall Management Center.

Before you begin

Complete the following:

Procedure

Step 1

Log in to the Security Cloud Control.

Step 2

Click Policies > Threat Defense > Integration > Other Integrations > Identity > Identity Sources.

Step 3

Click Passive Identity Agent.

Step 4

If the dynamic attributes connector has not been enabled yet, you are prompted to do so.

For more information about enabling the dynamic attributes connector, see Enable the dynamic attributes connector.

Step 5

Click Create Agent.

Step 6

In the Configure Agent dialog box, enter the following information:

Item

Description

Name

Enter a unique name to identify this passive identity agent.

Description

Enter an optional description.

Role

Click one of the following:

  • Primary: The agent responsible for communicating with the Cloud-Delivered Firewall Management Center.

    Not available if you choose Standalone.

  • Secondary: Becomes the primary if the primary loses contact with the Cloud-Delivered Firewall Management Center.

    Not available if you choose Standalone.

  • Standalone: If there is only one passive identity agent.

For more information about roles, see About passive identity agent roles.

Step 7

Continue with: