TABLE OF CONTENTS Using Check Point NGX, you can control the traffic coming into or going out of your networks. A good definition of your networks, hosts, gateways, and services allows you to have granular control of traffic through the Security Gateway. However, there are times when you will need or want to authenticate specific users who are accessing your resources.
For example, an administrator might have to download privileged files using a restricted user s workstation, and would need to be granted special privileges for a specific amount of time. Networks that use DHCP with different classes of users in the same network would need to authenticate privileged users to grant them access to the resources they need. Enterprises might have a need for registering in the log the specific user accessing a specific Web site.
With authentication, Check Point NGX s features are greatly expanded and complement already strong security with the ability to implement security on a per user basis. Once you understand how NGX Authentication works, you will probably find many uses for it in your environment.
Check Point NGX works based on the information it has to permit or deny a connection. The firewall has no knowledge of which user is logged into a Microsoft Active Directory, or if a user is moving among different machines. To be able to authenticate a particular user that is crossing the firewall, it needs additional information to match the user and the connection. The main topic of this chapter addresses...
