Identity Collector

Check Point Identity Collector is a dedicated client agent installed on Windows Servers in your network. Identity Collector collects information about identities and their associated IP addresses, and sends it to the Check Point Security Gateway for identity enforcement.

The Identity Collector supports these Identity Sources:

  • Microsoft Active Directory Domain Controllers.

  • Cisco Identity Services Engine (ISE) Servers, versions 2.0, 2.1 and 2.2.

  • NetIQ eDirectory Servers .

The Identity Collector can connect with more than one Identity Source at a time. The Identity Sources are organized in Query Pools.

A Query Pool is an object, which contains a number of Identity Sources. Each Query Pool is assigned to one Identity Awareness Gateway. The Identity Collector collects information from the Identity Sources in the Query Pools and sends the information to the Identity Awareness Gateways.

Example:

An environment has two domains: Asia.com and Euro.com.

The administrator wants the Asia Identity Awareness Gateway to get the events from all the 4 Active Directory Domain Controllers in the Asia.com domain.

The administrator in addition wants the Europe Identity Awareness Gateway 1 and Europe Identity Awareness Gateway 2 to get the events from all the 6 Active Directory Domain Controllers in the Euro.com domain.

The administrator, therefore, creates 2 Query Pools:

  • One, which contains all the Active Directory Domain Controllers in the Asia.com domain.

  • One, which contains all the Active Directory Domain Controllers in the Euro.com domain.

The administrator configures:

  • The Asia Identity Awareness Gateway to get events from the Asia Query Pool.

  • The two Europe Identity Awareness Gateways to get events from the Europe Query Pool.