Identity Sources

This section describes the Identity Sources.

Identity Sources determine how the Identity AwarenessClosed Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. learns the user names and computers that generate traffic on the network.

You must enable the applicable identity sources in the Identity Awareness Security Gateway object > Identity Awareness page, and install the Access Control Policy.

Identity Source

Description

Browser-Based AuthenticationClosed Authentication of users in Check Point Identity Awareness web portal - Captive Portal, to which users connect with their web browser to log in and authenticate.

See Browser-Based Authentication

Identities are acquired through the authentication web portal on Identity Awareness Gateway (Captive PortalClosed A Check Point Identity Awareness web portal, to which users connect with their web browser to log in and authenticate, when using Browser-Based Authentication.), or Transparent KerberosClosed An authentication server for Microsoft Windows Active Directory Federation Services (ADFS). Authentication.

Active Directory Query (AD QueryClosed Check Point clientless identity acquisition tool. It is based on Active Directory integration and it is completely transparent to the user. The technology is based on querying the Active Directory Security Event Logs and extracting the user and computer mapping to the network address from them. It is based on Windows Management Instrumentation (WMI), a standard Microsoft protocol. The Check Point Security Gateway communicates directly with the Active Directory domain controllers and does not require a separate server. No installation is necessary on the clients, or on the Active Directory server.)

See AD Query

Identities are acquired seamlessly from the Microsoft Active Directory.

This is a clientless identity acquisition tool.

Identity Agents

See Identity Agents for a User Endpoint Computer

Identities are acquired using Identity Agents that are installed on the user endpoint computers.

Terminal Servers

See Terminal Servers

Identities are acquired using Identity Agents that are installed on Windows-based application server that hosts Terminal Servers, Citrix XenApp, and Citrix XenDesktop services.

These Identity Agents are used to identify traffic from individual users on Terminal Servers.

RADIUS Accounting

See RADIUS Accounting

Identities are acquired using RADIUS Accounting directly from a RADIUS Accounting Client.

Identity CollectorClosed Check Point dedicated client agent installed on Windows Servers in your network. Identity Collector collects information about identities and their associated IP addresses, and sends it to the Check Point Security Gateways for identity enforcement. You can download the Identity Collector package from Support Center.

See Identity Collector

Identities are acquired using Identity Agents that are installed on Microsoft Active Directory Domain Controllers, Cisco Identity Services Engine (ISE) Servers, or NetIQ eDirectory Servers.

Identity Web API

See Identity Web API

Gives you a flexible method for creating identities.

Remote Access

See Remote Access

Identities are acquired for Mobile AccessClosed Check Point Software Blade on a Security Gateway that provides a Remote Access VPN access for managed and unmanaged clients. Acronym: MAB. clients and IPsec VPNClosed Check Point Software Blade on a Security Gateway that provides a Site to Site VPN and Remote Access VPN access. clients configured to work in Office Mode, when they connect to the Security Gateway.

For this to work, you must enable both the Identity Awareness and IPsec VPN Software Blades on the same Security Gateway.