- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
This feature is available for R80.10 Gateways and above.
The new Identity Tag object gives you tag-based identification in your Access Control Policy.
Supported tag sources:
Step 1: Create a new Identity Tag in SmartConsole
Step 2: Create an Access Role object and select this Identity Tag
Step 3: Use this Access Role object in your Access Control Policy.
Step 4: Publish your changes, and Install Policy.
Tell us what you think about this new feature in the comments below.
Wow cool! When's this going to be available for chassis?
Sorry can you elaborate on that? Is this something Management Server tag orchestration can solve?
Not exactly but thanks anyways Tomer! We are eagerly awaiting for R80 on chassis so that might resolve quite a few challenges
Hi Kaspars,
We can offer you to join our R80.20SP EA (R80.20 for Scalable Platform) program.
If you are interested, please contact me to discuss the details.
Nice post, if users want a deeper view of our integration with Cisco ISE, see this tech brief on Check Point and Cisco Context Aware Security.
Hi Tomer,
Is any additional configuration required on GW/MGMT/Identity Collector for the SGT-to-IP mapping to show up in pdp database? I'm having a little trouble with this scenario... I managed to connect ISE to Identity Collector and I'm receiving AD User to IP mapping but SGT-to-IP just doesn't seem to work for me. Maybe there's something wrong with the configuration ISE side though...
Maybe there's some extended documentation on the CheckPoint-ISE integration?
Hi Tomer,
Do I understand this correct if I say the the Data Center object is used to retrive SGT's from ISE and Identity Collector is used for population the SGT's on Check Point?
@elie wrote:
Hi
Just to be sure the feature is indeed working on R80.10 Gateways?
Thanks
This feature is available for R80.10 Gateways and above.
Old thread but I'm taking my chances...
Looking at this and reading the SmartConsole R81 Help I struggle to figure out how to use this through the IA API.
According to the SmartConsole R81 Help I should be able to define "A custom tag (defined on a third party product) acquired through the Check Point Identity Web API." but when I look at the IA API I find no reference to a tag...
How do I add an IP-address through the IA API that match my defined tag?
Cheers
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY