What object type would you use to grant network access to an LDAP user group?
What object type would you use to grant network access to an LDAP user group?
To grant network access to an LDAP user group, the appropriate object type to use is an Access Role. Access Role objects allow administrators to configure network access based on various criteria such as networks, users and user groups, and computers and computer groups. Access Roles are designed to work with Identity Awareness in Check Point environments, facilitating the inclusion of LDAP user groups in access control policies, thereby enabling network access.
Correct answer is C Access Roles Access Role objects let you configure network access according to: Networks Users and user groups Computers and computer groups Remote Access VPN clients (supported for Security Gateways R80.10 and higher) After you activate the Identity AwarenessClosed Software BladeClosed, you can create access role objects and use them in the Source and Destination columns of Access Control Policy rules. For more information, see the R81.20 Identity Awareness Administration Guide. Adding Access Roles Important - Before you add Active Directory users, machines, or groups to an Access Role, make sure there is LDAP connectivity between the Security Management ServerClosed and the AD Server that holds the management directory. The management directory is defined on the Objects Management tab in the Properties window of the LDAP Account Unit.