Wireless Campus

Security Challenge

You use wireless networks to grant access to employees that use Wi-Fi enabled devices, to guests, and to contractors. Guests and contractors in some cases cannot use the corporate wired network connection and must connect through WLAN. Guests and contractors have no permission to install other endpoint agents on their devices.

In addition, mobile devices such as smartphones intensively use wireless access. You can install agents in these devices.

These devices are not part of the Active Directory domain. Wireless networks do not give an applicable level of security in terms of network access.

Configuration Scenario

  1. Configure the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. in Bridge ModeClosed Security Gateway or Virtual System that works as a Layer 2 bridge device for easy deployment in an existing topology. in front of the Wireless Switch.

  2. Make sure that the Security Gateway gets an access to the Internet or other necessary resources in the network.

  3. Make sure that the Security Gateway connects to the authentication server, such as Active Directory or RADIUS.

  4. Make sure that the Security Gateway and the WLAN network have no NAT or proxy device between them.

Configuration Procedure

  1. Enable Identity AwarenessClosed Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. on the Security Gateway.

  2. Select Browser-Based AuthenticationClosed Authentication of users in Check Point Identity Awareness web portal - Captive Portal, to which users connect with their web browser to log in and authenticate. as an identity source.

  3. In the Gateway properties, register your guests:

    1. Go to Identity Awareness tab.

    2. In the Browser-Based Authentication Settings, select Unregistered guests login.

    3. In Settings, select the fields for your guests to enter their credentials.

  4. Select Log out users when they close the portal browser.