OneCheck Logon

OneCheck Logon is a Single Sign-On solution that let users log on one time to authenticate to:

Full Disk Encryption
DLP
Windows
VPN

When OneCheck Logon is enabled, a different logon window opens that looks almost the same as the regular Windows authentication window. The logon credentials are securely stored internally.

These actions define if you enable OneCheck Logon:

Action	Description
Enable lock screen authentication (OneCheck) Enable OneCheck Identity Single Sign On for OS	Users log on one time to authenticate to the operating system, Full Disk Encryption, and other Endpoint Security blades.
Use native sign on for OS	Use the native OS logon mechanism. You can enable Single-Sign On (not OneCheck) in User Authentication (OneCheck) to have one log on that applies to the OS and Full Disk Encryption.

Action

Description

Enable lock screen authentication (OneCheck)

Enable OneCheck Identity Single Sign On for OS

Users log on one time to authenticate to the operating system, Full Disk Encryption, and other Endpoint Security blades.

Use native sign on for OS

Use the native OS logon mechanism. You can enable Single-Sign On (not OneCheck) in User Authentication (OneCheck) to have one log on that applies to the OS and Full Disk Encryption.

Double-click an action to edit the Properties.

To configure OneCheck Logon properties:

Select Enable OneCheck.
Optional: Configure the Check Point Endpoint Security screensaver.
- The screensaver is active only after a Full Disk Encryption policy has been installed on the client.
- After selecting the Check Point Endpoint Security screensaver option, enter the:
  - Text that shows when the screensaver is active.
  - Number of minutes the client remains idle before the screensaver activates.
Optional: Select Require that only an authorized Pre-boot user is allowed to log into Windows. If selected, only users that have permission to authenticate to the Pre-boot on that computer can log on to the operating system.