https://community.checkpoint.com/t5/Spark-Firewall-SMB/NAC-solution-or-third-party-integration/m-p/254419#M13005 <P>FWIW, straight from our "friend", chatgpt <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> <P>Andy</P> <P>************************************************</P> <H6 class="sr-only">ChatGPT said:</H6> <DIV class="text-base my-auto mx-auto pb-10 [--thread-content-margin:--spacing(4)] @[37rem]:[--thread-content-margin:--spacing(6)] @[72rem]:[--thread-content-margin:--spacing(16)] px-(--thread-content-margin)"> <DIV class="[--thread-content-max-width:32rem] @[34rem]:[--thread-content-max-width:40rem] @[64rem]:[--thread-content-max-width:48rem] mx-auto max-w-(--thread-content-max-width) flex-1 group/turn-messages focus-visible:outline-hidden relative flex w-full min-w-0 flex-col agent-turn" tabindex="-1"> <DIV class="flex max-w-full flex-col grow"> <DIV class="min-h-8 text-message relative flex w-full flex-col items-end gap-2 text-start break-words whitespace-normal [.text-message+&amp;]:mt-5" dir="auto" data-message-author-role="assistant" data-message-id="721caa58-83c8-4626-8123-4fe1c87248e6" data-message-model-slug="gpt-4o"> <DIV class="flex w-full flex-col gap-1 empty:hidden first:pt-[3px]"> <DIV class="markdown prose dark:prose-invert w-full break-words dark markdown-new-styling"> <P data-start="0" data-end="322">Yes, Check Point <STRONG data-start="17" data-end="77">does not have a traditional NAC (Network Access Control)</STRONG> solution like Cisco ISE, Aruba ClearPass, or FortiNAC. However, Check Point offers <STRONG data-start="161" data-end="218">some endpoint and network access control capabilities</STRONG> through its broader security portfolio and does support <STRONG data-start="275" data-end="321">integration with third-party NAC solutions</STRONG>.</P> <H3 data-start="324" data-end="368"><span class="lia-unicode-emoji" title=":locked_with_key:">🔐</span> What Check Point Provides (Directly):</H3> <OL data-start="369" data-end="926"> <LI data-start="369" data-end="601"> <P data-start="372" data-end="401"><STRONG data-start="372" data-end="399">Identity Awareness (IA)</STRONG></P> <UL data-start="405" data-end="601"> <LI data-start="405" data-end="489"> <P data-start="407" data-end="489">Core feature on Check Point gateways (including Spark appliances like the 1800).</P> </LI> <LI data-start="493" data-end="566"> <P data-start="495" data-end="566">Allows user-based policies by integrating with AD, LDAP, RADIUS, etc.</P> </LI> <LI data-start="570" data-end="601"> <P data-start="572" data-end="601">Can map IPs to users/devices.</P> </LI> </UL> </LI> <LI data-start="603" data-end="798"> <P data-start="606" data-end="646"><STRONG data-start="606" data-end="644">Harmony Endpoint / Harmony Connect</STRONG></P> <UL data-start="650" data-end="798"> <LI data-start="650" data-end="701"> <P data-start="652" data-end="701">Endpoint control, posture checks, and compliance.</P> </LI> <LI data-start="705" data-end="798"> <P data-start="707" data-end="798">Not true NAC but helps control what devices/users can access what, based on endpoint state.</P> </LI> </UL> </LI> <LI data-start="800" data-end="926"> <P data-start="803" data-end="847"><STRONG data-start="803" data-end="845">IoT Protect / Asset Management for IoT</STRONG></P> <UL data-start="851" data-end="926"> <LI data-start="851" data-end="926"> <P data-start="853" data-end="926">Can fingerprint and control IoT assets (but again, not a full NAC suite).</P> </LI> </UL> </LI> </OL> <HR data-start="928" data-end="931" /> <H3 data-start="933" data-end="998"><span class="lia-unicode-emoji" title=":white_heavy_check_mark:">✅</span> Third-Party NAC Integrations (More Complete NAC Capability)</H3> <P data-start="1000" data-end="1116">You can enhance NAC capabilities on Spark 1800s by <STRONG data-start="1051" data-end="1109">integrating Check Point with third-party NAC solutions</STRONG>, like:</P> <DIV class="_tableContainer_16hzy_1"> <DIV class="_tableWrapper_16hzy_14 group flex w-fit flex-col-reverse" tabindex="-1"> <TABLE class="w-fit min-w-(--thread-content-width)" data-start="1118" data-end="1849"> <THEAD data-start="1118" data-end="1164"> <TR data-start="1118" data-end="1164"> <TH data-start="1118" data-end="1133" data-col-size="sm">NAC Solution</TH> <TH data-start="1133" data-end="1155" data-col-size="sm">Integration Quality</TH> <TH data-start="1155" data-end="1164" data-col-size="lg">Notes</TH> </TR> </THEAD> <TBODY data-start="1212" data-end="1849"> <TR data-start="1212" data-end="1356"> <TD data-start="1212" data-end="1228" data-col-size="sm"><STRONG data-start="1214" data-end="1227">Cisco ISE</STRONG></TD> <TD data-col-size="sm" data-start="1228" data-end="1235">Good</TD> <TD data-col-size="lg" data-start="1235" data-end="1356">Use RADIUS integration + pxGrid (for sharing user/device context). Identity Awareness can pull user context from ISE.</TD> </TR> <TR data-start="1357" data-end="1495"> <TD data-start="1357" data-end="1379" data-col-size="sm"><STRONG data-start="1359" data-end="1378">Aruba ClearPass</STRONG></TD> <TD data-col-size="sm" data-start="1379" data-end="1386">Good</TD> <TD data-col-size="lg" data-start="1386" data-end="1495">Similar to Cisco ISE; supports RADIUS and TACACS. Check Point can consume context via Identity Awareness.</TD> </TR> <TR data-start="1496" data-end="1626"> <TD data-start="1496" data-end="1510" data-col-size="sm"><STRONG data-start="1498" data-end="1509">Portnox</STRONG></TD> <TD data-col-size="sm" data-start="1510" data-end="1521">Moderate</TD> <TD data-col-size="lg" data-start="1521" data-end="1626">Cloud-native NAC. Integrates via RADIUS. Useful in SMB/midmarket where Spark appliances are deployed.</TD> </TR> <TR data-start="1627" data-end="1748"> <TD data-start="1627" data-end="1654" data-col-size="sm"><STRONG data-start="1629" data-end="1653">Forescout CounterACT</STRONG></TD> <TD data-col-size="sm" data-start="1654" data-end="1661">Good</TD> <TD data-col-size="lg" data-start="1661" data-end="1748">Passive &amp; agentless. Can tag and enforce on devices. Integrates via API and RADIUS.</TD> </TR> <TR data-start="1749" data-end="1849"> <TD data-start="1749" data-end="1764" data-col-size="sm"><STRONG data-start="1751" data-end="1763">FortiNAC</STRONG></TD> <TD data-col-size="sm" data-start="1764" data-end="1772">Basic</TD> <TD data-col-size="lg" data-start="1772" data-end="1849">Not commonly integrated with Check Point, but possible via RADIUS and logs.</TD> </TR> </TBODY> </TABLE> <DIV class="sticky end-(--thread-content-margin) h-0 self-end select-none"> <DIV class="absolute end-0 flex items-end">&nbsp;</DIV> </DIV> </DIV> </DIV> <HR data-start="1851" data-end="1854" /> <H3 data-start="1856" data-end="1894"><span class="lia-unicode-emoji" title=":wrench:">🔧</span> How Integration Typically Works</H3> <OL data-start="1896" data-end="2470"> <LI data-start="1896" data-end="2059"> <P data-start="1899" data-end="1926"><STRONG data-start="1899" data-end="1924">RADIUS Authentication</STRONG></P> <UL data-start="1930" data-end="2059"> <LI data-start="1930" data-end="1973"> <P data-start="1932" data-end="1973">The NAC solution acts as RADIUS server.</P> </LI> <LI data-start="1977" data-end="2024"> <P data-start="1979" data-end="2024">Spark 1800 authenticates users via the NAC.</P> </LI> <LI data-start="2028" data-end="2059"> <P data-start="2030" data-end="2059">NAC enforces access policies.</P> </LI> </UL> </LI> <LI data-start="2061" data-end="2268"> <P data-start="2064" data-end="2096"><STRONG data-start="2064" data-end="2094">Syslog/API Context Sharing</STRONG></P> <UL data-start="2100" data-end="2268"> <LI data-start="2100" data-end="2177"> <P data-start="2102" data-end="2177">Some NACs send user/IP/device metadata to Check Point via syslog or APIs.</P> </LI> <LI data-start="2181" data-end="2268"> <P data-start="2183" data-end="2268">Check Point’s Identity Awareness consumes that metadata to apply user-aware policies.</P> </LI> </UL> </LI> <LI data-start="2270" data-end="2470"> <P data-start="2273" data-end="2311"><STRONG data-start="2273" data-end="2309">Posture Check + Quarantine VLANs</STRONG></P> <UL data-start="2315" data-end="2470"> <LI data-start="2315" data-end="2394"> <P data-start="2317" data-end="2394">NAC can isolate non-compliant devices before they reach the Spark firewall.</P> </LI> <LI data-start="2398" data-end="2470"> <P data-start="2400" data-end="2470">Spark then enforces firewall policies after NAC authorizes the device.</P> </LI> </UL> </LI> </OL> <HR data-start="2472" data-end="2475" /> <H3 data-start="2477" data-end="2507"><span class="lia-unicode-emoji" title=":package:">📦</span> For Spark 1800 Use Case</H3> <P data-start="2509" data-end="2671">Given that Spark appliances are <STRONG data-start="2541" data-end="2565">branch/SOHO-oriented</STRONG>, heavy-duty NACs like ISE or ClearPass might be overkill unless you already use them elsewhere. Consider:</P> <UL data-start="2673" data-end="3002"> <LI data-start="2673" data-end="2729"> <P data-start="2675" data-end="2729"><STRONG data-start="2675" data-end="2692">Portnox CLEAR</STRONG> – Cloud NAC, scalable, SMB-friendly.</P> </LI> <LI data-start="2730" data-end="2799"> <P data-start="2732" data-end="2799"><STRONG data-start="2732" data-end="2764">Aruba ClearPass OnGuard Lite</STRONG> – Lightweight posture/NAC control.</P> </LI> <LI data-start="2800" data-end="2879"> <P data-start="2802" data-end="2879"><STRONG data-start="2802" data-end="2815">Cisco ISE</STRONG> – Only if enterprise-wide and you need strong endpoint posture.</P> </LI> <LI data-start="2880" data-end="3002"> <P data-start="2882" data-end="3002"><STRONG data-start="2882" data-end="2916">Check Point + Harmony Endpoint</STRONG> – If you're also using Harmony Mobile or Endpoint, posture can be partially enforced.</P> </LI> </UL> <HR data-start="3004" data-end="3007" /> <H3 data-start="3009" data-end="3039">🧠 Recommendation Strategy</H3> <P data-start="3041" data-end="3106">If you want a <STRONG data-start="3055" data-end="3096">light NAC enhancement for Spark 1800s</STRONG>, propose:</P> <UL data-start="3107" data-end="3309"> <LI data-start="3107" data-end="3142"> <P data-start="3109" data-end="3142"><STRONG data-start="3109" data-end="3133">Portnox or ClearPass</STRONG> for NAC,</P> </LI> <LI data-start="3143" data-end="3225"> <P data-start="3145" data-end="3225">Check Point Identity Awareness + Harmony Endpoint (for posture and integration),</P> </LI> <LI data-start="3226" data-end="3309"> <P data-start="3228" data-end="3309">Use <STRONG data-start="3232" data-end="3266">RADIUS authentication on Spark</STRONG> + Identity Awareness to pull NAC metadata.</P> </LI> </UL> </DIV> </DIV> </DIV> </DIV> </DIV> </DIV> Fri, 01 Aug 2025 22:41:50 GMT the_rock 2025-08-01T22:41:50Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/NAC-solution-or-third-party-integration/m-p/254411#M13004 <P>Good morning.<BR />Do you know if there is a NAC solution in Checkpoint? And is there good integration with a third party to make a better proposal for some Spark 1800s?</P> Fri, 01 Aug 2025 16:11:13 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/NAC-solution-or-third-party-integration/m-p/254411#M13004 heracliosanchez 2025-08-01T16:11:13Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/NAC-solution-or-third-party-integration/m-p/254419#M13005 <P>FWIW, straight from our "friend", chatgpt <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P> <P>Andy</P> <P>************************************************</P> <H6 class="sr-only">ChatGPT said:</H6> <DIV class="text-base my-auto mx-auto pb-10 [--thread-content-margin:--spacing(4)] @[37rem]:[--thread-content-margin:--spacing(6)] @[72rem]:[--thread-content-margin:--spacing(16)] px-(--thread-content-margin)"> <DIV class="[--thread-content-max-width:32rem] @[34rem]:[--thread-content-max-width:40rem] @[64rem]:[--thread-content-max-width:48rem] mx-auto max-w-(--thread-content-max-width) flex-1 group/turn-messages focus-visible:outline-hidden relative flex w-full min-w-0 flex-col agent-turn" tabindex="-1"> <DIV class="flex max-w-full flex-col grow"> <DIV class="min-h-8 text-message relative flex w-full flex-col items-end gap-2 text-start break-words whitespace-normal [.text-message+&amp;]:mt-5" dir="auto" data-message-author-role="assistant" data-message-id="721caa58-83c8-4626-8123-4fe1c87248e6" data-message-model-slug="gpt-4o"> <DIV class="flex w-full flex-col gap-1 empty:hidden first:pt-[3px]"> <DIV class="markdown prose dark:prose-invert w-full break-words dark markdown-new-styling"> <P data-start="0" data-end="322">Yes, Check Point <STRONG data-start="17" data-end="77">does not have a traditional NAC (Network Access Control)</STRONG> solution like Cisco ISE, Aruba ClearPass, or FortiNAC. However, Check Point offers <STRONG data-start="161" data-end="218">some endpoint and network access control capabilities</STRONG> through its broader security portfolio and does support <STRONG data-start="275" data-end="321">integration with third-party NAC solutions</STRONG>.</P> <H3 data-start="324" data-end="368"><span class="lia-unicode-emoji" title=":locked_with_key:">🔐</span> What Check Point Provides (Directly):</H3> <OL data-start="369" data-end="926"> <LI data-start="369" data-end="601"> <P data-start="372" data-end="401"><STRONG data-start="372" data-end="399">Identity Awareness (IA)</STRONG></P> <UL data-start="405" data-end="601"> <LI data-start="405" data-end="489"> <P data-start="407" data-end="489">Core feature on Check Point gateways (including Spark appliances like the 1800).</P> </LI> <LI data-start="493" data-end="566"> <P data-start="495" data-end="566">Allows user-based policies by integrating with AD, LDAP, RADIUS, etc.</P> </LI> <LI data-start="570" data-end="601"> <P data-start="572" data-end="601">Can map IPs to users/devices.</P> </LI> </UL> </LI> <LI data-start="603" data-end="798"> <P data-start="606" data-end="646"><STRONG data-start="606" data-end="644">Harmony Endpoint / Harmony Connect</STRONG></P> <UL data-start="650" data-end="798"> <LI data-start="650" data-end="701"> <P data-start="652" data-end="701">Endpoint control, posture checks, and compliance.</P> </LI> <LI data-start="705" data-end="798"> <P data-start="707" data-end="798">Not true NAC but helps control what devices/users can access what, based on endpoint state.</P> </LI> </UL> </LI> <LI data-start="800" data-end="926"> <P data-start="803" data-end="847"><STRONG data-start="803" data-end="845">IoT Protect / Asset Management for IoT</STRONG></P> <UL data-start="851" data-end="926"> <LI data-start="851" data-end="926"> <P data-start="853" data-end="926">Can fingerprint and control IoT assets (but again, not a full NAC suite).</P> </LI> </UL> </LI> </OL> <HR data-start="928" data-end="931" /> <H3 data-start="933" data-end="998"><span class="lia-unicode-emoji" title=":white_heavy_check_mark:">✅</span> Third-Party NAC Integrations (More Complete NAC Capability)</H3> <P data-start="1000" data-end="1116">You can enhance NAC capabilities on Spark 1800s by <STRONG data-start="1051" data-end="1109">integrating Check Point with third-party NAC solutions</STRONG>, like:</P> <DIV class="_tableContainer_16hzy_1"> <DIV class="_tableWrapper_16hzy_14 group flex w-fit flex-col-reverse" tabindex="-1"> <TABLE class="w-fit min-w-(--thread-content-width)" data-start="1118" data-end="1849"> <THEAD data-start="1118" data-end="1164"> <TR data-start="1118" data-end="1164"> <TH data-start="1118" data-end="1133" data-col-size="sm">NAC Solution</TH> <TH data-start="1133" data-end="1155" data-col-size="sm">Integration Quality</TH> <TH data-start="1155" data-end="1164" data-col-size="lg">Notes</TH> </TR> </THEAD> <TBODY data-start="1212" data-end="1849"> <TR data-start="1212" data-end="1356"> <TD data-start="1212" data-end="1228" data-col-size="sm"><STRONG data-start="1214" data-end="1227">Cisco ISE</STRONG></TD> <TD data-col-size="sm" data-start="1228" data-end="1235">Good</TD> <TD data-col-size="lg" data-start="1235" data-end="1356">Use RADIUS integration + pxGrid (for sharing user/device context). Identity Awareness can pull user context from ISE.</TD> </TR> <TR data-start="1357" data-end="1495"> <TD data-start="1357" data-end="1379" data-col-size="sm"><STRONG data-start="1359" data-end="1378">Aruba ClearPass</STRONG></TD> <TD data-col-size="sm" data-start="1379" data-end="1386">Good</TD> <TD data-col-size="lg" data-start="1386" data-end="1495">Similar to Cisco ISE; supports RADIUS and TACACS. Check Point can consume context via Identity Awareness.</TD> </TR> <TR data-start="1496" data-end="1626"> <TD data-start="1496" data-end="1510" data-col-size="sm"><STRONG data-start="1498" data-end="1509">Portnox</STRONG></TD> <TD data-col-size="sm" data-start="1510" data-end="1521">Moderate</TD> <TD data-col-size="lg" data-start="1521" data-end="1626">Cloud-native NAC. Integrates via RADIUS. Useful in SMB/midmarket where Spark appliances are deployed.</TD> </TR> <TR data-start="1627" data-end="1748"> <TD data-start="1627" data-end="1654" data-col-size="sm"><STRONG data-start="1629" data-end="1653">Forescout CounterACT</STRONG></TD> <TD data-col-size="sm" data-start="1654" data-end="1661">Good</TD> <TD data-col-size="lg" data-start="1661" data-end="1748">Passive &amp; agentless. Can tag and enforce on devices. Integrates via API and RADIUS.</TD> </TR> <TR data-start="1749" data-end="1849"> <TD data-start="1749" data-end="1764" data-col-size="sm"><STRONG data-start="1751" data-end="1763">FortiNAC</STRONG></TD> <TD data-col-size="sm" data-start="1764" data-end="1772">Basic</TD> <TD data-col-size="lg" data-start="1772" data-end="1849">Not commonly integrated with Check Point, but possible via RADIUS and logs.</TD> </TR> </TBODY> </TABLE> <DIV class="sticky end-(--thread-content-margin) h-0 self-end select-none"> <DIV class="absolute end-0 flex items-end">&nbsp;</DIV> </DIV> </DIV> </DIV> <HR data-start="1851" data-end="1854" /> <H3 data-start="1856" data-end="1894"><span class="lia-unicode-emoji" title=":wrench:">🔧</span> How Integration Typically Works</H3> <OL data-start="1896" data-end="2470"> <LI data-start="1896" data-end="2059"> <P data-start="1899" data-end="1926"><STRONG data-start="1899" data-end="1924">RADIUS Authentication</STRONG></P> <UL data-start="1930" data-end="2059"> <LI data-start="1930" data-end="1973"> <P data-start="1932" data-end="1973">The NAC solution acts as RADIUS server.</P> </LI> <LI data-start="1977" data-end="2024"> <P data-start="1979" data-end="2024">Spark 1800 authenticates users via the NAC.</P> </LI> <LI data-start="2028" data-end="2059"> <P data-start="2030" data-end="2059">NAC enforces access policies.</P> </LI> </UL> </LI> <LI data-start="2061" data-end="2268"> <P data-start="2064" data-end="2096"><STRONG data-start="2064" data-end="2094">Syslog/API Context Sharing</STRONG></P> <UL data-start="2100" data-end="2268"> <LI data-start="2100" data-end="2177"> <P data-start="2102" data-end="2177">Some NACs send user/IP/device metadata to Check Point via syslog or APIs.</P> </LI> <LI data-start="2181" data-end="2268"> <P data-start="2183" data-end="2268">Check Point’s Identity Awareness consumes that metadata to apply user-aware policies.</P> </LI> </UL> </LI> <LI data-start="2270" data-end="2470"> <P data-start="2273" data-end="2311"><STRONG data-start="2273" data-end="2309">Posture Check + Quarantine VLANs</STRONG></P> <UL data-start="2315" data-end="2470"> <LI data-start="2315" data-end="2394"> <P data-start="2317" data-end="2394">NAC can isolate non-compliant devices before they reach the Spark firewall.</P> </LI> <LI data-start="2398" data-end="2470"> <P data-start="2400" data-end="2470">Spark then enforces firewall policies after NAC authorizes the device.</P> </LI> </UL> </LI> </OL> <HR data-start="2472" data-end="2475" /> <H3 data-start="2477" data-end="2507"><span class="lia-unicode-emoji" title=":package:">📦</span> For Spark 1800 Use Case</H3> <P data-start="2509" data-end="2671">Given that Spark appliances are <STRONG data-start="2541" data-end="2565">branch/SOHO-oriented</STRONG>, heavy-duty NACs like ISE or ClearPass might be overkill unless you already use them elsewhere. Consider:</P> <UL data-start="2673" data-end="3002"> <LI data-start="2673" data-end="2729"> <P data-start="2675" data-end="2729"><STRONG data-start="2675" data-end="2692">Portnox CLEAR</STRONG> – Cloud NAC, scalable, SMB-friendly.</P> </LI> <LI data-start="2730" data-end="2799"> <P data-start="2732" data-end="2799"><STRONG data-start="2732" data-end="2764">Aruba ClearPass OnGuard Lite</STRONG> – Lightweight posture/NAC control.</P> </LI> <LI data-start="2800" data-end="2879"> <P data-start="2802" data-end="2879"><STRONG data-start="2802" data-end="2815">Cisco ISE</STRONG> – Only if enterprise-wide and you need strong endpoint posture.</P> </LI> <LI data-start="2880" data-end="3002"> <P data-start="2882" data-end="3002"><STRONG data-start="2882" data-end="2916">Check Point + Harmony Endpoint</STRONG> – If you're also using Harmony Mobile or Endpoint, posture can be partially enforced.</P> </LI> </UL> <HR data-start="3004" data-end="3007" /> <H3 data-start="3009" data-end="3039">🧠 Recommendation Strategy</H3> <P data-start="3041" data-end="3106">If you want a <STRONG data-start="3055" data-end="3096">light NAC enhancement for Spark 1800s</STRONG>, propose:</P> <UL data-start="3107" data-end="3309"> <LI data-start="3107" data-end="3142"> <P data-start="3109" data-end="3142"><STRONG data-start="3109" data-end="3133">Portnox or ClearPass</STRONG> for NAC,</P> </LI> <LI data-start="3143" data-end="3225"> <P data-start="3145" data-end="3225">Check Point Identity Awareness + Harmony Endpoint (for posture and integration),</P> </LI> <LI data-start="3226" data-end="3309"> <P data-start="3228" data-end="3309">Use <STRONG data-start="3232" data-end="3266">RADIUS authentication on Spark</STRONG> + Identity Awareness to pull NAC metadata.</P> </LI> </UL> </DIV> </DIV> </DIV> </DIV> </DIV> </DIV> Fri, 01 Aug 2025 22:41:50 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/NAC-solution-or-third-party-integration/m-p/254419#M13005 the_rock 2025-08-01T22:41:50Z https://community.checkpoint.com/t5/Spark-Firewall-SMB/NAC-solution-or-third-party-integration/m-p/254420#M13006 <P>Mac-filtering &amp; 802.1x are covered here in addition to the use of Endpoint / Identity Awareness etc.</P> <P><A href="https://sc1.checkpoint.com/documents/SMB_R81.10.X/AdminGuides_Centrally_Managed/EN/Content/Topics/Configuring-MAC-Filtering.htm" target="_blank">https://sc1.checkpoint.com/documents/SMB_R81.10.X/AdminGuides_Centrally_Managed/EN/Content/Topics/Configuring-MAC-Filtering.htm</A></P> Fri, 01 Aug 2025 23:58:21 GMT https://community.checkpoint.com/t5/Spark-Firewall-SMB/NAC-solution-or-third-party-integration/m-p/254420#M13006 Chris_Atkinson 2025-08-01T23:58:21Z