This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Christian_Koehl
Collaborator
Collaborator
‎2024-11-13 05:44 AM
Jump to solution

Identity Broker

Dear Check Mates

I have a some questions regarding IDA with Broker function.

My enviornment is R81.20 with actual JHFs. The management site is an MDM and the gateway site is a VSX Gateway Cluster.


I one of the management domain is a virtuall system "ida-gateway-publisher" which collects identities. There is on other function on this gateway. This gateway is the broker-publisher.

There are seven other managment domains. In every one is a VSX gateway working as broker-subscriber.


Do I need to activate the check box für "Get identieties from Identity Broker" for the gateway "ida-gateway-publisher"?
For me the discribtion sounds like it needs only to be checked, if it as Identity Broker Subscriber.


If it must be checked, do I need a certificate and must this certificate read / imported by the "BrokerCertFetcher" command?

 

Broker.jpg

 

Any Idea / any hint's?

Many thanks and best regards,

Christian

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2024-11-13 08:22 AM
Jump to solution

As far as I know, you only need to check that box if you are actually receiving identities from Identity Broker, not publishing them.
It's also not explicitly mentioned in the documentation for configuring a publisher, though it is for a subscriber: https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_IdentityAwareness_AdminGuide...

View solution in original post

1 Reply
PhoneBoy
Admin
Admin
‎2024-11-13 08:22 AM
Jump to solution

As far as I know, you only need to check that box if you are actually receiving identities from Identity Broker, not publishing them.
It's also not explicitly mentioned in the documentation for configuring a publisher, though it is for a subscriber: https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_IdentityAwareness_AdminGuide...

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events