Compliance

The Identity and Trust Compliance feature helps you automatically check compliance, enforce rules, and monitor endpoints in real time. It uses Microsoft Intune and Entra ID sync to strengthen your organization's security posture.

Depending on your organizational requirements, you can define policies, manage gateways, and customize enforcement.

Use Cases

• Identifies non-compliant devices based on specific rules.

• Enforces compliance by blocking or restricting access for non-compliant devices on identity awareness gateways.

• Logs events and triggers automation for non-compliant devices if Playblocks automation is enabled.

• Allows you to customize rules and enforcement actions for your environment.

Prerequisites

• Integration with Microsoft Intune and Microsoft Entra ID.

• Identity Awareness Gateways for enforcement of compliance policies.

• Application Control and HTTPS Inspection blades enabled on the gateways.

Activating Compliance in Identity and Trust

• Step 1 - Configure the required integrations

• Step 2 - Configure Quantum Connector in Playblocks

• Step 3 - Enable Device Compliance Enforcement in the Identity and Trust Portal

• Step 4 - Enable Playblocks Automation

Step 1 - Configure the required integrations

Make sure that you have integrated Microsoft Intune and Microsoft Entra ID with Identity and Trust. See Microsoft Intune and Microsoft Defender and Microsoft Entra ID.

Step 2 - Configure Quantum Connector in Playblocks

1. Access the Identity and Trust portal with administrator privileges.

2. From the left navigation panel, click Compliance.

3. Click Configure in Playblocks. The system redirects you to the Playblocks portal and shows the Quantum Enforcement card.

4. Perform these actions in the Quantum Enforcement card:

   1. Enable the Quantum Enforcement toggle.

   2. Select the Enforce Identity and Trust on Gateways with Identity Awareness blade checkbox.

   3. Click Save.

   4. In the Install updated policy? pop-up that appears, click Install policy.

   5. The Activate Automations pop-up appears and shows the number of automations that will be activated on the Quantum gateways. Click Activate.

      Check Point recommends selecting all the automations shown on this page.

   Once the policy installation is successful, the system adds a new policy for quarantined devices named Policy for non compliant devices in the Access Control Automated Remediation policy section in SmartConsole (Security Policies > Access Control > Policy > Automated Remediation).

Step 3 - Enable Device Compliance Enforcement in the Identity and Trust Portal

Now that the system has created a policy for quarantined devices, it works in Detect mode and creates logs for non-compliant devices.

To enable device compliance enforcement:

1. Access the Identity and Trust portal with administrator privileges.

2. From the left navigation panel, click Compliance.

3. Select the Enable Enforcement toggle.

4. In the Enable device compliance enforcement pop-up that appears, click Enable.

Step 4 - Enable Playblocks Automation

To receive notifications about non-compliant devices, you must enable automation in Playblocks. To do that:

1. Access the Identity and Trust portal with administrator privileges.

2. From the left navigation panel, click Compliance.

3. To enable Playblocks automation directly from the Identity and Trust portal:

   1. Click Enable Playblocks automation.

   2. In the Enable Playblocks automation pop-up that appears, click Enable.

4. To view and enable the automation manually in the Playblocks portal:

   1. Click View and configure it on Playblocks.

      The system redirects you to the Playblocks portal and shows the Notify on not compliant devices blocked by Identity and Trust automation.

   2. From the top-right corner, click Enable.

Now that compliance is enabled, the system shows the number of Identity Awareness Gateways on which the compliance policy is enforced.