How Do I Configure Separate Global Protect Authentication Profiles for macOS and Windows Users in Strata Cloud Manager?

How do I configure separate Global Protect authentication profiles for macOS and Windows users in Strata Cloud Manager?

• Prisma Access
• Strata Cloud Manager

1. Begin by configuring GlobalProtect Mobile Users following the instructions in this document.
2. Once the initial setup is complete, navigate to Manage > Configuration > NGFW and Prisma Access > Identity Services > Authentication and configure distinct authentication profiles for each operating system. The supported authentication methods are detailed here.
3. Proceed to Workflows > Prisma Access Setup > GlobalProtect > Infrastructure > User Authentication > Add Authentication.
4. Within this section, configure user authentication settings for each operating system.
5. The key differentiating factor is the operating system selection in the Authenticate Users From section, specify the appropriate Authentication Method and the corresponding Authentication Profile created in the previous step.
6. For enhanced security, you can select certificate-based authentication, and select whether users must authenticate with a client certificate, the authentication profile, or both.

Example: In the following scenario, Windows users authenticate with SAML, while macOS users authenticate with the Cloud Identity Engine.