The ADLOG function receives the AD log event information from the Domain Controllers. The ADLOG function is part of the Identity Awareness feature that enablesthe Security Gateway to identify users and machines in the network and enforce Access Control policy rules based on their identities. The ADLOG function uses the AD Query (ADQ) method to connect to the Active Directory Domain Controllers using WMI and subscribe to receive Security Event logs that are generated when users perform login. The ADLOG function then extracts the user and machine information that maps to an IP address from the event logs and sends it to the PEP function, which enforces the policy based on the identity information.
[:, 1: Identity Awareness AD Query - Check Point Software, 2: Identity Logging - Frequently Asked Questions - Check Point Software, 3: Support, Support Requests, Training … - Check Point Software, ]
Submit