Introduction to Identity Awareness

Traditionally, firewalls use IP addresses to monitor traffic, and are unaware of the user and computer identities behind IP addresses. Identity AwarenessClosed Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. maps users and computer identities. This lets you enforce Access Control policy rules and audit data based on identity.

Identity Awareness is an easy to deploy and scalable solution. It works for both Active Directory and non-Active Directory based networks, and also for employees and guest users.

Identity Awareness uses the Source and Destination IP addresses of network traffic to identify users and computers.

You can use these elements as matching criteria in the Source and Destination fields of the Access Control policy rules:

  • The identity of users or user groups

  • The identity of computers or computer groups

With Identity Awareness, you define policy rules for specified users, who send traffic from specified computers or from any computer. Likewise, you can create policy rules for any user on specified computers.

Identity Awareness gets identities from the configured identity sources. See Identity Sources.

When Identity Awareness is configured, you can see logs in SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. based on IP address, user ,and computer name in the > Logs & Monitor > Logs tab. You can see events in the Logs & Monitor > Access Control views.

An Identity Awareness Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. can share the identity information that it acquires with other Identity Awareness Security Gateways. This way, users that need to pass through many Security Gateways are identified only one time. See Advanced Identity Awareness Environment for more information.