Hi Checkmates,
I am using Checkpoint Infrastructure and we want to implement Identity Awareness for the VPN access. The design is to use security groups created on Active Directory.
My concern is that we will use security groups that contain both the Identity of the user and the Machine ID of the user. The reason for this is that we want to use the same security group for the Identity Awareness on the Checkpoint Firewall and the Machine Authentication on Cisco ISE.
1) I want to ask you if Checkpoint can operate with security groups that contain both Identity and Machine ID(personal computer) of the user.
2) Do you know which is the first value that Checkpoint will inspect inside a security group(The Identity ID or the Machine ID);
Thank you!!