<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Identity Awareness &#8211; Thegioifirewall</title>
	<atom:link href="https://thegioifirewall.com/tag/identity-awareness/feed/" rel="self" type="application/rss+xml" />
	<link>https://thegioifirewall.com</link>
	<description>Tường lửa bảo vệ doanh nghiệp, trung tâm thông tin và giá cả</description>
	<lastBuildDate>Thu, 23 Nov 2023 04:51:14 +0000</lastBuildDate>
	<language>vi</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>

<image>
	<url>https://thegioifirewall.com/wp-content/uploads/vacif_icon-150x150.png</url>
	<title>Identity Awareness &#8211; Thegioifirewall</title>
	<link>https://thegioifirewall.com</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>CHECKPOINT FIREWALL R81.20: HƯỚNG DẪN CẤU HÌNH ĐỒNG BỘ USER AD LÊN CHECKPOINT FIREWALL.</title>
		<link>https://thegioifirewall.com/checkpoint-firewall-r81-20-huong-dan-cau-hinh-dong-bo-user-ad-len-checkpoint-firewall/</link>
					<comments>https://thegioifirewall.com/checkpoint-firewall-r81-20-huong-dan-cau-hinh-dong-bo-user-ad-len-checkpoint-firewall/#respond</comments>
		
		<dc:creator><![CDATA[John]]></dc:creator>
		<pubDate>Thu, 23 Nov 2023 04:51:13 +0000</pubDate>
				<category><![CDATA[Checkpoint Firewall]]></category>
		<category><![CDATA[Checkpoint Firewall R81.20]]></category>
		<category><![CDATA[ĐỒNG BỘ USER AD LÊN CHECKPOINT FIREWALL.]]></category>
		<category><![CDATA[Identity Awareness]]></category>
		<guid isPermaLink="false">https://thegioifirewall.com/?p=18291</guid>

					<description><![CDATA[Checkpoint Firewall là một giải pháp tường lửa (firewall) mạng và bảo mật mạng phát triển bởi Check Point Software Technologies, một trong những công ty hàng đầu trong lĩnh vực bảo mật mạng. Giải pháp này được thiết kế để bảo vệ các mạng doanh nghiệp và tổ chức khỏi các mối đe dọa [&#8230;]]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Checkpoint Firewall là một giải pháp tường lửa (firewall) mạng và bảo mật mạng phát triển bởi Check Point Software Technologies, một trong những công ty hàng đầu trong lĩnh vực bảo mật mạng. Giải pháp này được thiết kế để bảo vệ các mạng doanh nghiệp và tổ chức khỏi các mối đe dọa trực tuyến bằng cách kiểm soát và quản lý lưu lượng mạng.</p>



<p class="wp-block-paragraph"><strong>1.Sơ đồ mạng</strong></p>


<div class="wp-block-image">
<figure class="aligncenter"><img fetchpriority="high" decoding="async" width="654" height="429" src="https://thegioifirewall.com/wp-content/uploads/image-5650.png" alt="" class="wp-image-18183" srcset="https://thegioifirewall.com/wp-content/uploads/image-5650.png 654w, https://thegioifirewall.com/wp-content/uploads/image-5650-300x197.png 300w" sizes="(max-width: 654px) 100vw, 654px" /></figure>
</div>


<p class="wp-block-paragraph">Identity Awareness là một tính năng quan trọng trong Check Point Firewall, cho phép nhận biết và quản lý quyền truy cập mạng dựa trên thông tin về người dùng, nhóm người dùng, hoặc các đối tượng người dùng khác. Điều này cho phép tường lửa nhận dạng người dùng cụ thể hoặc nhóm người dùng và áp dụng các quy tắc bảo mật theo từng cá nhân hoặc nhóm.</p>



<p class="wp-block-paragraph">Bằng cách kết hợp thông tin từ nhiều nguồn như Active Directory, LDAP hoặc các hệ thống xác thực khác, Identity Awareness giúp tạo ra một hồ sơ chi tiết về người dùng và nhóm người dùng. Điều này cho phép quản trị viên xác định và kiểm soát quyền truy cập mạng, quản lý chính sách bảo mật dựa trên danh tính cụ thể của từng người dùng hoặc nhóm.</p>



<p class="wp-block-paragraph">Trong bài viết hôm nay mình sẽ hướng dẫn các bạn cấu hình đồng bộ user từ AD lên Checkpoint Firewall.</p>



<p class="wp-block-paragraph"><strong>2. Các bước cấu hình</strong></p>



<p class="wp-block-paragraph"><strong>Bước 1: Cấu hình Policy kết nối SmartConsle với AD</strong></p>



<p class="wp-block-paragraph"><strong>Bước 2: Cấu hình tạo LDAP Account Unit.</strong></p>



<p class="wp-block-paragraph"><strong>Bước 3: Cấu hình các Access Role cho user/group AD.</strong></p>



<p class="wp-block-paragraph"><strong>3. Hướng dẫn cấu hình.</strong></p>



<p class="wp-block-paragraph"><strong>Bước 1: Cấu hình Policy kết nối SmartConsle với AD</strong></p>



<p class="wp-block-paragraph">Trong bài hướng dẫn này mình có tạo 1<strong> OU là HCM,</strong> với 3 group gồm: <strong>IT, Sale, Marketing. </strong>Với 3 user nằm trong group bao gồm: <strong>John (IT), Kate (Sale), Mark (Marketing)</strong>.</p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img decoding="async" width="975" height="602" src="https://thegioifirewall.com/wp-content/uploads/image-5711.png" alt="" class="wp-image-18292" style="aspect-ratio:1.6196013289036544;width:646px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5711.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5711-300x185.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5711-768x474.png 768w" sizes="(max-width: 975px) 100vw, 975px" /></figure>
</div>

<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img decoding="async" width="975" height="590" src="https://thegioifirewall.com/wp-content/uploads/image-5712.png" alt="" class="wp-image-18293" style="aspect-ratio:1.652542372881356;width:646px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5712.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5712-300x182.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5712-768x465.png 768w" sizes="(max-width: 975px) 100vw, 975px" /></figure>
</div>


<p class="wp-block-paragraph">Đầu tiện ban cần tạo policy để cho phép kết nối từ <strong>SmartConsole đi đên AD</strong> và ngược lại.</p>



<p class="wp-block-paragraph"><strong>Settings các thông số như sau:</strong></p>



<p class="wp-block-paragraph"><strong>Name:</strong>&nbsp;Đặt tên cho rule</p>



<p class="wp-block-paragraph"><strong>Source</strong>: Chọn <strong>IP MGMT, IP PC (đang cài đặt SmartConsloe), IP của AD</strong></p>



<p class="wp-block-paragraph"><strong>Destination: </strong>chọn Any</p>



<p class="wp-block-paragraph"><strong>VPN:</strong>&nbsp;Any</p>



<p class="wp-block-paragraph"><strong>Service &amp; Application: </strong>chọn any</p>



<p class="wp-block-paragraph"><strong>Action: </strong>Action</p>



<p class="wp-block-paragraph"><strong>Track:</strong>&nbsp;chọn&nbsp;<strong>Log</strong></p>



<p class="wp-block-paragraph"><strong>Install On:</strong>&nbsp;chọn tên Hostname Checkpoint Firewall.</p>


<div class="wp-block-image">
<figure class="aligncenter size-full"><img loading="lazy" decoding="async" width="975" height="306" src="https://thegioifirewall.com/wp-content/uploads/image-5713.png" alt="" class="wp-image-18294" srcset="https://thegioifirewall.com/wp-content/uploads/image-5713.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5713-300x94.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5713-768x241.png 768w" sizes="auto, (max-width: 975px) 100vw, 975px" /></figure>
</div>


<p class="wp-block-paragraph"><strong>Bước 2: Cấu hình tạo LDAP Account Unit.</strong></p>



<p class="wp-block-paragraph">Trên giao diện <strong>SmartConsole > New > More > User/Identity > LDAP Account Unit</strong>.</p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="595" height="622" src="https://thegioifirewall.com/wp-content/uploads/image-5714.png" alt="" class="wp-image-18295" style="aspect-ratio:0.9565916398713826;width:465px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5714.png 595w, https://thegioifirewall.com/wp-content/uploads/image-5714-287x300.png 287w" sizes="auto, (max-width: 595px) 100vw, 595px" /></figure>
</div>


<p class="wp-block-paragraph"><strong>Setting các thông số sau:</strong></p>



<p class="wp-block-paragraph"><strong>Name: </strong>Đặt tên cho LDAP Account</p>



<p class="wp-block-paragraph"><strong>Profile:</strong> Chọn <strong>Microsoft AD</strong></p>



<p class="wp-block-paragraph"><strong>Domain:</strong> Điền tên domain trên AD. Ex:<strong> vcf.local</strong></p>



<p class="wp-block-paragraph"><strong>Account Unit Usage:</strong> chọn <strong>Active Directory Query.</strong></p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="595" height="836" src="https://thegioifirewall.com/wp-content/uploads/image-5715.png" alt="" class="wp-image-18296" style="aspect-ratio:0.7117224880382775;width:405px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5715.png 595w, https://thegioifirewall.com/wp-content/uploads/image-5715-214x300.png 214w" sizes="auto, (max-width: 595px) 100vw, 595px" /></figure>
</div>


<p class="wp-block-paragraph">Chuyển qua tab <strong>Servers > Add.</strong></p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="592" height="839" src="https://thegioifirewall.com/wp-content/uploads/image-5716.png" alt="" class="wp-image-18297" style="aspect-ratio:0.7056019070321812;width:406px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5716.png 592w, https://thegioifirewall.com/wp-content/uploads/image-5716-212x300.png 212w" sizes="auto, (max-width: 592px) 100vw, 592px" /></figure>
</div>


<p class="wp-block-paragraph"><strong>Setting các thông số sau:</strong></p>



<p class="wp-block-paragraph"><strong>Host:</strong> Chọn host AD.</p>



<p class="wp-block-paragraph"><strong>Port:</strong> 389</p>



<p class="wp-block-paragraph"><strong>Username:</strong> Bạn có thể dùng quyền Administrator.</p>



<p class="wp-block-paragraph"><strong>Login DN:</strong> Bạn nhập <strong>&#8220;CN=Administrator,CN=Users, DC=vcf,DC=local&#8221;.</strong></p>



<p class="wp-block-paragraph"><strong>Password và confirm password: </strong>Nhập password của user <strong>adminnistrator</strong></p>



<p class="wp-block-paragraph">Click <strong>Ok.</strong></p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="502" height="664" src="https://thegioifirewall.com/wp-content/uploads/image-5717.png" alt="" class="wp-image-18298" style="aspect-ratio:0.7560240963855421;width:408px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5717.png 502w, https://thegioifirewall.com/wp-content/uploads/image-5717-227x300.png 227w" sizes="auto, (max-width: 502px) 100vw, 502px" /></figure>
</div>

<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="584" height="769" src="https://thegioifirewall.com/wp-content/uploads/image-5718.png" alt="" class="wp-image-18299" style="aspect-ratio:0.7594278283485045;width:424px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5718.png 584w, https://thegioifirewall.com/wp-content/uploads/image-5718-228x300.png 228w" sizes="auto, (max-width: 584px) 100vw, 584px" /></figure>
</div>


<p class="wp-block-paragraph">Bạn chuyển qua tab <strong>Object Management: </strong></p>



<p class="wp-block-paragraph">Server connect: Chọn host AD</p>



<p class="wp-block-paragraph">Click <strong>Fetch branches.</strong></p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="594" height="839" src="https://thegioifirewall.com/wp-content/uploads/image-5719.png" alt="" class="wp-image-18300" style="aspect-ratio:0.7079856972586412;width:410px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5719.png 594w, https://thegioifirewall.com/wp-content/uploads/image-5719-212x300.png 212w" sizes="auto, (max-width: 594px) 100vw, 594px" /></figure>
</div>

<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="492" height="687" src="https://thegioifirewall.com/wp-content/uploads/image-5720.png" alt="" class="wp-image-18301" style="aspect-ratio:0.7161572052401747;width:396px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5720.png 492w, https://thegioifirewall.com/wp-content/uploads/image-5720-215x300.png 215w" sizes="auto, (max-width: 492px) 100vw, 492px" /></figure>
</div>


<p class="wp-block-paragraph">Khi xuất hiện mục <strong>&#8220;DC=vcf,DC=local&#8221;</strong> là đã <strong>Fetch branches</strong> thành công. Click Ok.</p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="594" height="839" src="https://thegioifirewall.com/wp-content/uploads/image-5721.png" alt="" class="wp-image-18302" style="aspect-ratio:0.7079856972586412;width:416px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5721.png 594w, https://thegioifirewall.com/wp-content/uploads/image-5721-212x300.png 212w" sizes="auto, (max-width: 594px) 100vw, 594px" /></figure>
</div>


<p class="wp-block-paragraph">Sau cùng click <strong>Publish > Install Policy.</strong></p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="975" height="506" src="https://thegioifirewall.com/wp-content/uploads/image-5722.png" alt="" class="wp-image-18303" style="aspect-ratio:1.9268774703557312;width:624px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5722.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5722-300x156.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5722-768x399.png 768w" sizes="auto, (max-width: 975px) 100vw, 975px" /></figure>
</div>

<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="975" height="624" src="https://thegioifirewall.com/wp-content/uploads/image-5723.png" alt="" class="wp-image-18304" style="aspect-ratio:1.5625;width:632px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5723.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5723-300x192.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5723-768x492.png 768w" sizes="auto, (max-width: 975px) 100vw, 975px" /></figure>
</div>

<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="672" height="798" src="https://thegioifirewall.com/wp-content/uploads/image-5724.png" alt="" class="wp-image-18305" style="aspect-ratio:0.8421052631578947;width:426px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5724.png 672w, https://thegioifirewall.com/wp-content/uploads/image-5724-253x300.png 253w" sizes="auto, (max-width: 672px) 100vw, 672px" /></figure>
</div>


<p class="wp-block-paragraph"><strong>Bước 3: Cấu hình các Access Role cho user/group AD.</strong></p>



<p class="wp-block-paragraph">Trên giao diện <strong>SmartConsole > New > More ></strong> <strong>User/Identity > Access Role.</strong></p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="850" height="867" src="https://thegioifirewall.com/wp-content/uploads/image-5725.png" alt="" class="wp-image-18306" style="aspect-ratio:0.9803921568627451;width:450px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5725.png 850w, https://thegioifirewall.com/wp-content/uploads/image-5725-294x300.png 294w, https://thegioifirewall.com/wp-content/uploads/image-5725-768x783.png 768w" sizes="auto, (max-width: 850px) 100vw, 850px" /></figure>
</div>


<p class="wp-block-paragraph">Bạn đặt tên cho Group. Ex: <strong>Group_IT.</strong></p>



<p class="wp-block-paragraph"><strong>User > Specific users/groups > click &#8220;+&#8221; icon >search &#8220;IT&#8221; > Click chọn group &#8220;IT&#8221;.</strong></p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="975" height="546" src="https://thegioifirewall.com/wp-content/uploads/image-5726.png" alt="" class="wp-image-18307" style="aspect-ratio:1.7857142857142858;width:616px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5726.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5726-300x168.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5726-768x430.png 768w" sizes="auto, (max-width: 975px) 100vw, 975px" /></figure>
</div>


<p class="wp-block-paragraph">Bạn tiếp tục tạo các <strong>Access Role</strong> khác như: <strong>Group_Sale, Group_Marketing.</strong></p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="975" height="540" src="https://thegioifirewall.com/wp-content/uploads/image-5727.png" alt="" class="wp-image-18308" style="aspect-ratio:1.8055555555555556;width:622px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5727.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5727-300x166.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5727-768x425.png 768w" sizes="auto, (max-width: 975px) 100vw, 975px" /></figure>
</div>

<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="975" height="539" src="https://thegioifirewall.com/wp-content/uploads/image-5728.png" alt="" class="wp-image-18309" style="aspect-ratio:1.8089053803339519;width:630px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5728.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5728-300x166.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5728-768x425.png 768w" sizes="auto, (max-width: 975px) 100vw, 975px" /></figure>
</div>


<p class="wp-block-paragraph">Cuối cùng bạn click <strong>Publish > Install Policy.</strong></p>


<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="975" height="476" src="https://thegioifirewall.com/wp-content/uploads/image-5729.png" alt="" class="wp-image-18310" style="aspect-ratio:2.0483193277310923;width:642px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5729.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5729-300x146.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5729-768x375.png 768w" sizes="auto, (max-width: 975px) 100vw, 975px" /></figure>
</div>

<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="975" height="620" src="https://thegioifirewall.com/wp-content/uploads/image-5730.png" alt="" class="wp-image-18311" style="aspect-ratio:1.5725806451612903;width:656px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5730.png 975w, https://thegioifirewall.com/wp-content/uploads/image-5730-300x191.png 300w, https://thegioifirewall.com/wp-content/uploads/image-5730-768x488.png 768w" sizes="auto, (max-width: 975px) 100vw, 975px" /></figure>
</div>


<p class="wp-block-paragraph">Bạn có thể kiểm tra các Access Role vừa tạo.</p>


<div class="wp-block-image">
<figure class="aligncenter size-full"><img loading="lazy" decoding="async" width="556" height="330" src="https://thegioifirewall.com/wp-content/uploads/image-5731.png" alt="" class="wp-image-18312" srcset="https://thegioifirewall.com/wp-content/uploads/image-5731.png 556w, https://thegioifirewall.com/wp-content/uploads/image-5731-300x178.png 300w" sizes="auto, (max-width: 556px) 100vw, 556px" /></figure>
</div>

<div class="wp-block-image">
<figure class="aligncenter size-full is-resized"><img loading="lazy" decoding="async" width="522" height="400" src="https://thegioifirewall.com/wp-content/uploads/image-5732.png" alt="" class="wp-image-18313" style="aspect-ratio:1.305;width:288px;height:auto" srcset="https://thegioifirewall.com/wp-content/uploads/image-5732.png 522w, https://thegioifirewall.com/wp-content/uploads/image-5732-300x230.png 300w" sizes="auto, (max-width: 522px) 100vw, 522px" /></figure>
</div>


<p class="wp-block-paragraph"></p>
]]></content:encoded>
					
					<wfw:commentRss>https://thegioifirewall.com/checkpoint-firewall-r81-20-huong-dan-cau-hinh-dong-bo-user-ad-len-checkpoint-firewall/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
	</channel>
</rss>
