Identity Collector
An instance of Identity Collector
Check Point dedicated client agent installed on Windows Servers in your network. Identity Collector collects information about identities and their associated IP addresses and sends it to the Check Point Security Gateways for identity enforcement, you can download the Identity Collector package from the Support Center. supports one Identity and Trust integration. You can use Identity Collector on these types of servers as an identity source for Identity and Trust:
-
Microsoft Active Directory (for configuration instructions, see Directory Sync with Active Directory)
-
Cisco ISE
-
Syslog
-
NetIQ eDirectory
Prerequisites
-
Check Point Identity Collector supports integration with Identity and Trust starting from Identity Collector version R82.129.000. Download the latest Identity Collector version from sk134312 - Identity Awareness Clients.
-
Identity Collector must be installed on a Windows server and integrated with Active Directory, Cisco ISE, Syslog, and/or NetIQ eDirectory. For documentation, see the Identity Awareness Clients Administration Guide .
Integrating Identity Collector with Identity and Trust
Keep Identity and Trust and Identity Collector open throughout this procedure.
|
|
Note - This procedure is for an Identity Collector that collects identities from Cisco ISE, Syslog, or NetIQ eDirectory. For Identity Collector that collects identities for Active Directory, see Directory Sync with Active Directory. |
Step 1: Copy values from Identity and Trust
Keep Identity and Trust and Identity Collector open throughout this procedure.
|
|
Note - This procedure is for an Identity Collector that collects identities from Cisco ISE, Syslog, or NetIQ eDirectory. For Identity Collector that collects identities for Active Directory, see Directory Sync with Active Directory. |
Watch the Video
-
In Identity and Trust, from the left menu, click Integrations.
-
Click the + (plus sign) button. Then, expand Identity Integrations and click Identity Collector.
The Identity Collector window opens.
-
For Integration title, enter a title for the Identity Collector integration. This title will appear in Identity and Trust.
-
For Available Integrations, select one or more of these identity sources:
-
Identity and Trust AD (Active Directory)
-
Cisco ISE
-
Syslog
-
NetIQ eDirectory
-
-
Click Create.
The Identity Collector window reloads.
-
In the Identity Collector window:
Copy these values from Identity and Trust and keep them in a safe place:
-
Client ID
-
Access Key
-
URL
-
Step 2: Paste values from Identity and Trust into Identity Collector
Watch the Video
- On the Windows server, open the Check Point Identity Collector application.
-
From the top toolbar, click Cloud Configuration.
The Cloud Configuration window opens.
-
Paste these values that you copied from Infinity Identity into Identity Collector:
-
Client ID
-
Access Key
-
URL
-
-
In Identity Collector, click Test to test the connectivity between Identity Collector and Identity and Trust. If the test is successful, green check marks appear next to Directory Sync and Identity and Trust.
-
After the test finishes, click OK to confirm.
Step 3: In Identity Collector, create an Identity Server object for Identity and Trust
-
In the Identity Collector application, from the left toolbar, click Identity Servers.
-
Above the table, click
, expand Add, and select Identity and Trust.The Configure Identity and Trust window opens.
-
Optional - select a Query Pool to send information to Identity and Trust only for users that are in the Query Pool.
For more information about Query Pools, see theIdentity Awareness Clients Administration Guide.
-
Optional - select a Filter to send information to Identity and Trust only for users who are in the filter results.
For more information about Filters, see theIdentity Awareness Clients Administration Guide.
-
Click OK.
The Identity and Trust Identity Server
Check Point Security Gateway with enabled Identity Awareness Software Blade. object appears in the table.