Access Roles

Access Role objects let you configure network access according to:

  • Networks

  • Users and user groups

  • Computers and computer groups

  • Remote Access VPN clients (supported for Security Gateways R80.10 and higher)

After you activate the Identity AwarenessClosed Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. Software BladeClosed Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities., you can create access role objects and use them in the Source and Destination columns of Access Control Policy rules.

For more information, see the R81.20 Identity Awareness Administration Guide.

Adding Access Roles

Important - Before you add Active Directory users, machines, or groups to an Access Role, make sure there is LDAP connectivity between the Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. and the AD Server that holds the management directory. The management directory is defined on the Objects Management tab in the Properties window of the LDAP Account Unit.