Access Role Objects

In SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., you can create Access RoleClosed Access Role objects let you configure network access according to: Networks, Users and user groups, Computers and computer groups, Remote Access Clients. After you activate the Identity Awareness Software Blade, you can create Access Role objects and use them in the Source and Destination columns of Access Control Policy rules. objects to configure specified users, computers, and network locations as one object.

You can use Access Role objects as a source or a destination parameter in a ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session..

Access Role objects include one or more of these objects:

  • Networks.

  • Users and user groups.

  • Computers and computer groups.

  • Remote Access Clients.

For example, this rule permits IT Department and Sales Department roles to share files over FTP.

Name

Source

Destination

VPN

Services & Applications

Action

IT and Sales File Sharing

IT_dept

Sales_dept

*Any

ftp

accept