| 主权项 |
1. A system, comprising:
a processor configured to:
receive log data generated in response to a first user-provided device authenticating to an electronic mail server on a first network, wherein the generated log data includes at least a username portion of an email address of the user, wherein the first user-provided device is not authenticating to a directory service provider accessible via the first network, and wherein the first user-provided device has not authenticated to the directory service provider;receive, from the first user-provided device, a request for a first resource that is external to the first network, wherein the first user-provided device has an IP address;determine an identity of the user of the first user-provided device based at least in part on correlating at least a portion of the received log data, including the username portion of the email address, and identity information associated with the user and stored in the directory service provider;determine a mapping between the IP address of the first device and the identity of the first user-provided device; andapply a policy with respect to the request for the first resource based at least in part on the identity of the user of the first user-provided device; and a memory coupled to the processor and configured to provide the processor with instructions. |
