05-20-2016 09:21 AM
Hi Folks,
Do we have any guides on integrating Checkpoint with pxGrid for identity awareness?
Thanks
Solved! Go to Solution.
05-20-2016 09:48 AM
Hey Jason, Viktor,
Currently working on this, will send out a draft when completed.
Thanks,
John
05-20-2016 09:28 AM
Forwarded to SME to respond
05-20-2016 09:48 AM
Hey Jason, Viktor,
Currently working on this, will send out a draft when completed.
Thanks,
John
08-25-2016 02:30 PM
Hi,
Are we any closer on this ?
We have a workshop with a large Danish government service - that is looking into integration ISE and Checkpoint (primarily for SGT use) via PxGrid.
Can anyone help with documentation and list over things that might not work ?
Best regards
Tue
08-25-2016 10:20 PM
Hey Tue,
Checkpoint is still in the process of pxGrid certification, there is no official code available. I am expecting a beta build next week. When i have more details i will follow-up with you. In the meanwhile, what version of ISE are they using?
Thanks,
John
08-25-2016 11:24 PM
Hi John,
Thank you so much..
At the moment the customer is using 2.0.1 for their remaining ISE installation - but an upgrade to 2.1 is not unlikely.
I would really like to know more when something is available.
br
Tue
08-26-2016 12:50 AM
09-13-2016 07:36 AM
Hi John,
Also interested in information around this if possible?
I have customer were we are looking in to segmentation right now and Trustsec would be the way to go if it is feasible to use with Check Point.
Cheers
09-13-2016 08:26 AM
11-23-2016 05:33 PM
Hi John,
Is there any development on this yet. I have customer where he is trying to integrate checkpoint and pxgrid.
Checkpoint doesnt show any username from the pxgrid service.
Thanks
Ronnie
11-23-2016 06:57 PM
Hey Ronnie,
Checkpoint is still in development. They do not have a productional product yet.
Thanks,
John
12-30-2016 01:47 AM
Hi Rockey,
I have function testing integration in my lab. I can see idenity from ISE in my Check Point firewall.
[Expert@POC-ISE:0]# pdp monitor user Tomas
Session: 0c4cf14f
Session UUID: {0C46EB3F-088B-5EB5-4025-FE390781F2AA}
Ip: 172.32.255.18
Users:
Tomas@domain.lab{5133fbce}
Groups: ad_user_Tomas;All Users
Roles: Access-Tomas
Client Type: Identity Collector (Cisco ISE)
Authentication Method: Trust
Connect Time: Fri Dec 30 10:01:09 2016
Next Reauthentication: Fri Dec 30 10:31:39 2016
Next Connectivity Check: -
Packet Tagging Status: Not Active
Published Gateways: Local
I can see indentity in SmartViewTracker and I can use Access-role in firewall rules.
Regards,
Tomas
12-30-2016 01:56 AM
Hi Tomas,
Is that done with PxGrid ?
If not - how so ?
Do you have some documentation ?
best regards and a happy new year.
Tue
12-30-2016 02:35 AM
Hi Tue Frei,
Yes, I am using PxGrind connection to ISE server. I use Check Point application Identity Collector. This collector is connected to ISE and Check Point firewall.
Here is documentation: http://dl3.checkpoint.com/paid/1e/1ea10fa512567972a7aea14df4df90a3/CP_R77.30Hotfix_IdentityCollector_ReleaseNotes.pdf?Ha…
I dont't know is it officialy supported from Check Point. I tried write on Check Point support.
Best Regards,
Tomas
12-30-2016 04:23 PM
Hi Tomas,
Checkpoint is in the process of being pxGrid certified, I am working on the documentation details. When i have these available I will let you know.
Thanks,
John
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: