Identity Collector - Send Monitoring Information

You can configure Identity CollectorClosed Check Point dedicated client agent installed on Windows Servers in your network. Identity Collector collects information about identities and their associated IP addresses, and sends it to the Check Point Security Gateways for identity enforcement. For more information, see sk108235. You can download the Identity Collector package from sk134312. to send monitoring information to the Identity AwarenessClosed Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. Gateway R80.20 and higher.

Each Identity Collector instance that is connected to the Identity Awareness Gateway sends information about the identity sources configured in the Query Pool that is linked to it. This information includes: type, name, host, and event counters.

Monitoring is not enabled by default. To enable monitoring, on the Windows Server add a registry key named "MonitoringEnabled" and set its value to "1" (Type: "DWORD").

Full file path:

  • On 32-bit Windows Servers:


  • On 64-bit Windows Servers:


The default interval for sending monitoring information is 10 seconds. You can configure this interval in the "MonitoringInterval" registry key (Type: "DWORD".

You can use these methods to query the data: