Using Azure AD for Authorization

In addition to SAML used for user authentication, you can use Azure AD entities to authorize the access to the corporate resources.

Azure Active Directory (Azure AD) is a Microsoft cloud-based identity and access management service that offers identity and access capabilities for applications that run in Microsoft Azure.

>

Best Practice:

To use Azure AD, your Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. and Security Gateways that work as PDPs must have an Internet access.

Configuring Azure AD

This section describes the procedure for configuring Azure AD.

The procedure consists of two parts. Each part consists of these steps:

  • Part 1 - Configuration in Microsoft Azure Portal.

  • Part 2 - Configuration in Check Point SmartConsole.

Configuration in Microsoft Azure Portal

Note - For more information about configuration on the Microsoft Azure portal, refer to Microsoft Azure documentation.

Configuration in Check Point SmartConsole

>

Best Practice - If you use Azure for the two of authentication and authorization, then Azure AD performs authentication through the SAML protocol with the SAML Identity Provider.

To configure SAML for authentication, refer to SAML Identity Provider.