Dameon Welch-Abernathy

Identity Collector is now GA

Discussion created by Dameon Welch-Abernathy Moderator on May 4, 2017
Latest reply on Dec 11, 2018 by Royi Priov
Branched to a new discussion

Check Point Identity Collector is a Windows-based application which collects information about identities and their associated IP addresses, and sends it to the Check Point Firewalls for identity enforcement. The identities are collected from the following servers:


  • Microsoft Active Directory Domain Controllers.
  • Cisco Identity Services Engine (ISE) Servers, versions 2.0, 2.1 and 2.2 - see sk108235.


Identity Collector Key Benefits over Standard AD Query

  • Reduces the load on the Security Gateway - the agent is doing the queries instead of the Security Gateway.
  • Reduces the load on the DCs - the native Windows API used consumes less resources.
  • The Identity Collector requires no administrator or administrator-like permissions. Only permission required is read-only access to the domain security logs.
  • One Identity Collector can serve multiple gateways, even from different CMA.


Identity Collector will be part of R80.10 GA. It can also be utilized on R77.30 and R77.20 with a hotfix that can be obtained through the TAC.


For more details: Identity Collector Technical Overview