Print Download PDF Send Feedback

Previous

Next

Identity Awareness Commands

In This Section:

Introduction

adlog

pdp

pep

test_ad_connectivity

For more information about Identity Awareness, see the R80.20 Identity Awareness Administration Guide.

Introduction

These terms are used in the CLI commands:

Term

Description

PDP

Identity Awareness Policy Decision Point.

This is an Identity Awareness Security Gateway, which is responsible to collect and share identities.

PEP

Identity Awareness Policy Enforcement Point.

This is an Identity Awareness Security Gateway, which is responsible to enforce network access restrictions. It makes its decisions based on identity data it collected from the PDP.

ADLOG

The module responsible for the acquisition of identities of entities (users or computers) from the Active Directory.

The adlog runs on:

  • An Identity Awareness Security Gateway, for which you enabled the AD Query. The AD Query serves the Identity Awareness Software Blade, which enforces the policy and logs identities.
  • A Log Server. The adlog logs identities.

The adlog is the command line process used to control and monitor the ADLOG feature. The command line tool helps control users' statuses, as well as troubleshoot and monitor the system.

The PEP and PDP processes are key components of the system. Through them, administrators control user access and network protection.

27 December 2020
Was this helpful?
Incorrect information Not what I'm looking for Too much information Confusing information
© 2020 Check Point Software Technologies Ltd. All rights reserved.