Introduction to Identity Awareness
Traditionally, firewalls use IP addresses to monitor traffic and are unaware of the user and computer identities behind those IP addresses. Identity Awareness Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. lets you enforce rules based on user identities and computer identities.
Check Point Identity Awareness is an easy to deploy and scalable solution. It is applicable for both Active Directory and non Active Directory based networks, as well as for employees and guest users.
Check Point Identity Awareness uses the Source and Destination IP addresses of network traffic to identity users and computers.
You can use these elements as matching criteria in the Source and Destination fields of your Access Control policy rules:
-
The identity of users or user groups
-
The identity of computers or computer groups
Identity Awareness gets identities from the applicable identity sources. You must enable and configure at least one Identity Source in the Identity Awareness Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. object. See Identity Sources.
To start working with Identity Clients, see Getting Started with Identity Clients.
Known Limitations
-
Identity Awareness does not support NAT.