https://community.checkpoint.com/t5/SASE-and-Remote-Access/Endpoint-Security-On-Demand-distinguishing-compliance-policy-per/m-p/37007#M13874 <HTML><HEAD></HEAD><BODY><P>Hi Pawel,</P><P></P><P>Yes. ESOD is pushed to gateway but you can fine tune access related things with applying Mobile access rules by creating Native applications, Web applications. Also there is a way to do drive mapping and other things with Native applications. You can apply&nbsp;to particular users or groups.</P><P></P><P><A href="https://sc1.checkpoint.com/documents/R76/CP_R76_Mobile_Access_WebAdmin/23024.htm#o23211">https://sc1.checkpoint.com/documents/R76/CP_R76_Mobile_Access_WebAdmin/23024.htm#o23211</A></P></BODY></HTML> Thu, 22 Mar 2018 11:20:22 GMT Gaurav_Pandya 2018-03-22T11:20:22Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Endpoint-Security-On-Demand-distinguishing-compliance-policy-per/m-p/37006#M13873 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Is there any chance to distinguish ESOD "Compliance" per user or user group.</P><P></P><P>The only possibile option I am aware of is to apply a ESOD policy directly to GW properties. So the only way i do see at this particular time is to create VSX context to distinguish Remote Access users and place propert perimeter verification when trying to establish User2Site tunnel.</P><P></P><P>If You know better way, please educate me asap <img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.checkpoint.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P></BODY></HTML> Thu, 22 Mar 2018 10:10:37 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Endpoint-Security-On-Demand-distinguishing-compliance-policy-per/m-p/37006#M13873 Pawel_Topczewsk 2018-03-22T10:10:37Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Endpoint-Security-On-Demand-distinguishing-compliance-policy-per/m-p/37007#M13874 <HTML><HEAD></HEAD><BODY><P>Hi Pawel,</P><P></P><P>Yes. ESOD is pushed to gateway but you can fine tune access related things with applying Mobile access rules by creating Native applications, Web applications. Also there is a way to do drive mapping and other things with Native applications. You can apply&nbsp;to particular users or groups.</P><P></P><P><A href="https://sc1.checkpoint.com/documents/R76/CP_R76_Mobile_Access_WebAdmin/23024.htm#o23211">https://sc1.checkpoint.com/documents/R76/CP_R76_Mobile_Access_WebAdmin/23024.htm#o23211</A></P></BODY></HTML> Thu, 22 Mar 2018 11:20:22 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Endpoint-Security-On-Demand-distinguishing-compliance-policy-per/m-p/37007#M13874 Gaurav_Pandya 2018-03-22T11:20:22Z