Identity and SIG Deployment

Suggest Edits

An Umbrella identity represents a network entity, user, or group. You can add an identity to an Umbrella policy and enable security settings, and destination and content access controls. For information about Umbrella policies, see Umbrella Policies Overview.

Umbrella can identify a user, group, or network entity by:

Public IP address
Internal IP address and hostname
IPsec (Internet Protocol Security) tunnel authentication: IKEv2 (Internet Key Exchange, version 2)
Security Assertion Markup Language (SAML)
Active Directory users and groups
G Suite identity

The following table describes the Umbrella deployment and identity types.

Deployment	Identity	Description
PAC file	Networks Users and Groups	Web policy only. Network identity required. Security Assertion Markup Language (SAML) authentication provides identity of browser traffic. Integrate SAML with Active Directory (AD) groups and users. For more information, see Manage Umbrella's PAC File.
Proxy chaining	Networks Users and Groups	Web policy only. Security Assertion Markup Language (SAML) authentication provides individual user and group-based identities for policy enforcement. Internal IP provided by proxy X-Forwarded-For (XFF) to HTTP headers. For more information, see Manage Proxy Chaining.
IPsec tunnel	Network Tunnels Users and Groups	DLP, Firewall, and Web policies. Security Assertion Markup Language (SAML) authentication provides individual user and group-based identities for policy enforcement. Enable Active Directory (AD) and provision groups and users to map internal IP address.
AnyConnect Roaming Security Module (macOS, Windows)	Networks Roaming Computers Users and Groups	DNS and Web policies. Enable Active Directory (AD) and provision groups and users to map internal IP address and hostname of the entity to the Roaming Computer identity. For more information, see Umbrella Roaming Security Module for AnyConnect.
Umbrella Roaming Client (macOS, Windows)	Networks Roaming Computers Users and Groups	DNS policy only. Enable Active Directory (AD) and provision groups and users to apply policy to AD users and groups. For more information, see Roaming Client User Guide.
Umbrella mobile client app (iOS, Android)	Networks Mobile Clients	DNS policy only. For information about the iOS app, see iOS Client User Guide. For information about the Android app, see Umbrella Module for AnyConnect (Android OS).
Network	Networks	DNS policy only. Egress public IP address identity. For more information, see Add a Network Identity.
Umbrella Chromebook client	Networks Chromebook Users G Suite	DNS policy only. Enable G Suite integration for G Suite user and group policy. For more information, see Chromebook Client User Guide.
Virtual Appliance	Networks Sites Internal Networks Users and Groups	DNS policy only. Enable Active Directory (AD) and provision groups and users to map the internal IP address and hostname of the entity to the Roaming Computer identity. For more information, see Virtual Appliance User Guide.

Delete a Network Identity < Identity and SIG Deployment > Find the Total Number of Identities in Your Organization

Updated about 2 months ago