Identity Awareness Environment

Identity AwarenessClosed Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. Software BladeClosed Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. is commonly enabled on a perimeter Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources.. It is frequently used in conjunction with Application ControlClosed Check Point Software Blade on a Security Gateway that allows granular control over specific web-enabled applications by using deep packet inspection. Acronym: APPI. Software Blade.

To protect internal data centers, Identity Awareness Software Blade can be enabled on an internal Security Gateway located in front of internal servers, such as data centers. This can be done in addition to the perimeter Security Gateway, but a perimeter Security Gateway is not necessary.

Identity Awareness can have a Bridge ModeClosed Security Gateway or Virtual System that works as a Layer 2 bridge device for easy deployment in an existing topology. or a Route Mode configuration.

  • In Bridge Mode, the Security Gateway can use a current subnet with no change to the hosts' IP addresses.

  • In Route Mode, the Security Gateway works as a router with different subnets connected to its network interfaces.

For redundancy, you can configure a clusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. of Identity Awareness Security Gateways in High Availability or Load Sharing modes.

If you configure multiple Identity Awareness Security Gateways in your environment to share identity information. Common scenarios include:

  • Enabling Identity Awareness Software Blade on a perimeter Security Gateway and on a data center Security Gateway.

  • Enabling Identity Awareness Software Blade on more than one data center Security Gateway.

  • Enable Identity Awareness Software Blade on a branch office Security Gateway and on a central Security Gateway.

You can have one or more Identity Awareness Gateways get identities and share them with the other Identity Awareness Gateways.

You can in addition share identities between Identity Awareness Gateways that are managed in different Multi-Domain Servers.