- Products
- Learn
- Local User Groups
- Partners
-
More
Celebrate the New Year
With CheckMates!
Value of Security
Vendor Self-Awareness
Join Us for CPX 360
23-24 February 2021
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
How to Remediate Endpoint & VPN
Issues (in versions E81.10 or earlier)
Mobile Security
Buyer's Guide Out Now
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Hi,
Possibly a daft question, but can anyone confirm if IA works against Azure AD as opposed to 'normal' AD? This is for an org that won't have any on prem AD at the end of the implementation.
I've had a look through the deployment guide for the version we would be implementing but it doesn't specifically mention Azure as being OK and I understand from our cloud architects that it's a bit different to AD as I know it.
Thanks in advance.
A.
Hi @adamhi ,
In R80.40, you can use SAML integration with AzureAD for authentication and autorization.
However, in the IDA picker (when you create access roles), you will need to represent the AzureAD objects (users/machines/groups) manually as "Identity Tag" objects.
In R81, the integration of AzureAD in IDA picker will be available, where you can create your AzureAD object and select the objects from AAD same way as you do it on regular AD.
It will be available for EA via R81 EA program. Please contact your local SE for more details.
@Royi_Priov this is still in EA, right?
Hi @adamhi ,
In R80.40, you can use SAML integration with AzureAD for authentication and autorization.
However, in the IDA picker (when you create access roles), you will need to represent the AzureAD objects (users/machines/groups) manually as "Identity Tag" objects.
In R81, the integration of AzureAD in IDA picker will be available, where you can create your AzureAD object and select the objects from AAD same way as you do it on regular AD.
It will be available for EA via R81 EA program. Please contact your local SE for more details.
Thanks gents, much appreciated.
This isn't going to be needed until Q2 2021, so I'm not sure we need to look into EA. I'll let the hierarchy know that it is feasible given current tech stack.
A
Hi @adamhi , by that time you will be able to use the GA of this feature (as part of R81).
Good luck 🙂
Hi, just the manager needs to use the R80.40 to work with SAML? Or the gateways too?
Thanks!
This requires R80.40+ gateways.
Hi @Martins
I will clarify:
Both features requires both SmartCenter and GW to be in this version.
Hi @Royi_Priov ,
Thank you for clarify.
Can I use SAML with 3rd party (MFA) as a Identity provider to autenticate the VPN ?
Thanks.
VPN clients currently do not support SAML authentication.
This is planned for a later release.
R81 IDA admin guide has two videos regarding SAML and Azure AD configuration. (The SAML video was available in R80.40 admin guide.)
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY