This tutorial will provide you with the necessary steps to install and configure Check Point Identity Awareness Software Blade along with Microsoft Active Directory.
Setting up Check Point R75 Identity Awareness
1. We will be configuring Check Point Identity Awareness with Application Control. You must of enabled Application Control to complete this tutorial successfully. Log into Check Point SmartDashboard and edit your gateway object.
2. Select the Identity Awareness Software Blade and the Identity Awareness Configuration wizard will begin. Select AD Query and click Next.
3. Select your Domain Name and enter in a username and password that has Domain Admin access to your Active Directory.
4. Click Connect. You will see a Successfully Connected as displayed below. Click Next.
5. A notification window is displayed that shows your Check Point Identity Awareness Software Blade is Now Active. Click Finish.
6. Edit your gateway again and under Software Blades. Select the management tab.
7. Below Logging & Status select Identity Awareness. This will add identity information to logs. Click Next.
8. The information will be pre-populated from step 4 above.
9. Click Connect. The connection is successful. Click Next.
10. Logs for Check Point Identity Awareness is Now Active. Click Finish.
11. Click on the Application and URL Filtering Tab. In rule 2 in the image below I’m currently blocking facebook from anyone coming from a source IP address of Internal_Lan (192.168.10.x/24). I will now change this to use Identity Awareness. Right click on the source box at rule number 2 and select Add User/Access Rule. I’m going to be blocking an Active Directory user called user1. I’ll type in User1 in the Name field and then select the Users Tab. Click the green + sign which will bring up your Active Directory. I will select user1 and click Ok.
12. You can now see that for rule 2 my source is user1. When user1 tries to browse to facebook he will be blocked.
13. Install the new policy to apply the Identity Awareness settings and rules.
14. If we open up SmartEvent Intro, we can see some real interesting statistics on URL’s and Application tied in with Check Point Identity Awareness.
15. Click on the Charts Tab, and you will be presented with a nice pie graph of the amount of time spent on each site.
Disclaimer:
All the tutorials included on this site are performed in a lab environment to simulate a real world production scenario. As everything is done to provide the most accurate steps to date, we take no responsibility if you implement any of these steps in a production environment.
Be the first to comment