I need to integrate Firewall with Active directory for managing Networking traffic and implement policy for web access. we need to manage and monitor the network traffic of remote AD login users . for this what are the services is required to enable, for managing the traffic in firewall.
All the AD users is working in remote environment. I required all the AD user traffic to pass to firewall for implementing the Network policy and monitoring traffic. please suggest.
If you have a firewall running ASA image then you are quite limited as the only way to do this was using the now-obsolete AD Agent. It would run on your AD server(s) and report username-IP address mapping to the ASA so that it could enforce user-based policies.
If you are running Cisco Secure Firewall Threat Defense then you can integrate Cisco ISE or ISE-PIC as an identity source and Realm integration combined to then use user-based (or group-based) policies.
The firewall by itself in either case needs an external identity source to inform it.