This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.

Reject

Preferences

ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ Sign In

Products
Learn
Local User Groups
Partners
- Welcome Partners!
More

Products
Learn
Local User Groups
- Upcoming Events
- Americas
- EMEA
  - Czech Republic and Slovakia
  - Denmark
  - Netherlands
  - Germany
  - Sweden
  - United Kingdom and Ireland
  - France
  - Spain
  - Norway
  - Ukraine
  - Baltics and Finland
  - Greece
  - Portugal
  - Austria
  - Kazakhstan and CIS
  - Switzerland
  - Romania
  - Turkey
  - Belarus
  - Belgium & Luxembourg
  - Russia
  - Poland
  - Georgia
  - DACH - Germany, Austria and Switzerland
  - Iberia
  - Africa
  - Adriatics Region
  - Eastern Africa
  - Israel
  - Nordics
  - Middle East and Africa
  - Balkans
  - Italy
  - Bulgaria
  - Cyprus
- APAC
  - Korea
  - Mongolia
  - Bangalore
  - Greater China
  - Australia/New Zealand
  - Philippines
  - Japan
  - Singapore
  - India
  - Thailand
  - Taiwan
  - Hong Kong
  - Indonesia
Partners
- Welcome Partners!
More
ABOUT CHECKMATES & FAQ
- About CheckMates & FAQ
- Community Guidelines
Sign In
Leaderboard
Events

Step Into the Future of
AI-Powered Cyber Security

The State of Ransomware Q1 2026
Key Trends and Their Impact

AI Security Masters E8:
Claude Mythos: New Era in Cyber Security

Blueprint Architecture for Securing
The AI Factory & AI Data Center

Learn More!

Call For Papers
Your Expertise. Our Stage

Learn More!

CheckMates Go:
CheckMates Fest

Listen Now

Turn on suggestions

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Showing results for

Search instead for

Did you mean:

Who rated this post

cancel

Turn on suggestions

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Showing results for

Search instead for

Did you mean:

dehaasm

Collaborator

‎2023-03-29 04:36 AM

Mark as New
Bookmark
Subscribe
Mute
Subscribe to RSS Feed
Permalink
Print
Report Inappropriate Content

Identity awareness collector changes user identity for same IP while connecting to RDP

Hi All we have something strange with Identity Awareness collector installed on server, let me explain;

A client with IP 10.0.0.1 (example) connects to the gateway and the Idenitity awareness collector identifies the user as nick. When the same user/client IP established a RDP connection to external server 192.168.1.1 (example) and logs into that remote server as nick-admin the gateway receives an identity update from the identity awareness collector indicating that 10.0.0.1 is nick-admin which is obviously not correct. We would expect the external server IP 192.168.1.1 to be nick-admin and the 10.0.0.1 to remain nick.

How is this possible that the IA collector is identifying the user incorrectly on the laptop?

note: this issue is easy to reproduce and I wonder if we need to open TAC case and/or understand if there is somehing we need to adjust on the IA collector?

0 Kudos

(1)

Back to post

Who rated this post

Jimmy_Noel

Participant

Rating date: ‎2024-03-06

About CheckMates

Getting Started & FAQ
Community Guidelines

Learn Check Point

Check Point for Beginners
Check Point Trivia
CheckFlix Videos

Advanced Learning

Check Point Security Masters
Tip of the Week
TechTalks
Training and Certification

Resources

CheckMates Toolbox
Developers (Code Hub)
Product Announcements
Upcoming Events

Non-English Discussions

Español
French
Japanese
Português
Russian
Chinese

YOU DESERVE THE BEST SECURITY

We’re Social. Follow Us