Identity Awareness Software Blade

Traditionally, firewalls use IP addresses to monitor traffic and are unaware of the user and computer identities behind those IP addresses. Identity Awareness Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. removes this notion of anonymity since it maps users and computer identities. This lets you enforce access and audit data based on identity.

Identity Awareness is an easy to deploy and scalable solution. It is applicable for both Active Directory and non-Active Directory based networks, as well as for employees and guest users.

Identity Awareness uses the Source and Destination IP addresses of network traffic to identity users and computers. You can use these elements as matching criteria in the Source and Destination fields of your policy rules:

• The identity of users or user groups

• The identity of computers or computer groups

To work with Identity Awareness, you define policy rules for specified users, who send traffic from specified computers or from any computer. Likewise, you create policy rules for any user on specified computers.

Identity Awareness gets identities from the configured identity sources.

For more information, see:

• R80.20 Identity Awareness Administration Guide

• sk86441 - ATRG: Identity Awareness