This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Markus_Marquard
Contributor
‎2018-10-16 08:57 AM

Identity Awareness in-depth explanation?

Hi,

I wonder is there any in-depth explanation available of Identity Awareness - especially in respect how PDP and PEP work together, how the Identity Sharing actually works?

When you use pdp/pep commands, you have some output, but is somewhere explained what it means? Eg. what about the "network to PDP mapping table" and the "network registrations table"?

To have documentation of this would make troubleshooting IA issues much easier.

Thanks

Markus

2 Replies
Royi_Priov
Employee
Employee
‎2018-10-17 12:10 AM

Hi Markus,

I would recommend starting with Identity Awareness admin guide

R80.10 guide:

Identity Awareness R80.10 Administration Guide 

Your questions are regarding Identity Sharing and I suggest reading more about it.

In few words, Identity Awareness is divided into 3 main entities:

  1. Identity Source - responsible to acquire the identity information from an external resource.
  2. PDP - responsible to communicate with the identity source, performs LDAP query to get the identity group membership, access roles matching and sharing with PEP.
  3. PEP - responsible to the identity enforcement part.

The protocol which transfer identities between PDP to PEP is the "Identity Sharing".

Thanks,

Royi Priov

Team Leader, Identity Awareness R&D.

Thanks,
Royi Priov
R&D Group manager, Infinity Identity
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events