When Check Point locates and prevents an attack, the administrators can identify the infected host both by its IP address and the name of the user that used that host.
Identity Awareness Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. is configured through a 3rd party Identity Provider.
When users try to access an internet service through Harmony Connect, Check Point generates an authentication request and redirects the users to their Identity Provider. The Identity Provider verifies if the user is authenticated.
If not verified, the user must enter their authentication details.
If the user is successfully identified, the Identity Provider generates a response and redirects the user back to Check Point.
Check Point matches the request, accepts or blocks it according to the Access Control policy, and applies Threat Prevention. Traffic logs generated as part of this request will include the name of this user.
- Subsequent requests from the same user are automatically matched with the user identity and do not require the user to enter authentication details during the Identity Provider session. This session typically lasts for one day. For more information, contact Check Point Support in the Check Point Infinity Portal > Support.).
Harmony Connect also allows you to bypass the Check Point cloud An administrator approved Harmony Connect cloud location that processes the internet and corporate traffic. for specified IP addresses. You can enable this feature only for the traffic from the sources that you select.
Before you configure Identity Awareness, you must establish integration between your Harmony Connect and your 3rd party Identity Provider. For more information, see Identity Provider Settings.
Enabling Identity Awareness
When your identity provider is configured, and, optionally, the list of the excluded IP or network addresses is set, click Enable to enable Identity Awareness.
Note - It take several minutes to enable Identity Awareness. When the process is complete, the status of the page changes to Enabled, and a new notification appears on the Infinity Portal Notifications pane.
Disable Identity Awareness the same way.
At any stage, you can enter one or more IP addresses to bypass the Check Point cloud. Traffic from these IP addresses are not redirected to the Identity Provider authentication page. This is useful for automatic devices, for example, printers, servers, or Internet of Things (IoT).
To configure bypass authentication:
Go to Identity Awareness > Bypass authentication from these sources.
Click [+] to add the IP Addresses.
Note - Identity Awareness updating takes several minutes. When the process is complete, a new notification appears on the Infinity Portal Notifications pane.