Identity Sources

An Identity AwarenessClosed Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. Gateway gets identities from different identity sources.

An Identity Awareness Gateway gets information from some identity sources directly.

For other identity sources, Identity Clients installed on an endpoint device or Windows server get identities and share them with the Identity Awareness Gateway.

Identity Clients have versions that are different from the versions of Identity Awareness Gateways.

To download the latest Identity Clients, see sk134312.

Identity Source

Documentation

Description

Browser-Based Authentication

See the Identity Awareness Administration Guide for your version.

The Identity Awareness Gateway gets identities from one of these:

Active Directory Query

See the Identity Awareness Administration Guide for your version.

The Identity Awareness Gateway gets identities seamlessly from Microsoft Active Directory.

This is a clientless identity acquisition tool (AD QueryClosed Check Point clientless identity acquisition tool. It is based on Active Directory integration and it is completely transparent to the user. The technology is based on querying the Active Directory Security Event Logs and extracting the user and computer mapping to the network address from them. It is based on Windows Management Instrumentation (WMI), a standard Microsoft protocol. The Check Point Security Gateway communicates directly with the Active Directory domain controllers and does not require a separate server. No installation is necessary on the clients, or on the Active Directory server.).

Identity Agents

See Identity Agent for a User Endpoint Computer

The Identity Awareness Gateway gets identities from Identity Agents that are installed on the user endpoint computers.

Terminal Servers

See Identity Agent for a Terminal Server

The Identity Awareness Gateway gets identities from Identity Agents that are installed on a Windows-based application server that hosts Terminal Servers, Citrix XenApp, and Citrix XenDesktop services.

These Identity Agents identify individual users.

RADIUS Accounting

See the Identity Awareness Administration Guide for your version.

The Identity Awareness Gateway gets identities through RADIUS Accounting directly from a RADIUS Accounting client.

Identity Collector

See Identity Collector

The Identity Awareness Gateway gets identities from Identity Collectors that are installed on these:

  • Microsoft Active Directory Domain Controllers

  • Cisco Identity Services Engine (ISE) Servers

  • NetIQ eDirectory Servers

  • Syslog

Identity Web API

See the Identity Awareness Administration Guide for your version.

Gives you a flexible method to create identities.

Remote Access

See these:

The Identity Awareness Gateway gets identities from Mobile AccessClosed Check Point Software Blade on a Security Gateway that provides a Remote Access VPN access for managed and unmanaged clients. Acronym: MAB. clients and IPsec VPNClosed Check Point Software Blade on a Security Gateway that provides a Site to Site VPN and Remote Access VPN access. clients configured to work in Office Mode when they connect to the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources..