An administrator wishes to enable Identity Awareness on the Check Point firewalls. However, they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?
Browser-Based Authentication is the best fit for an environment where users may use either company-issued or personal laptops that the administrator cannot manage. This method does not require any software to be installed on the users' devices and works through a Captive Portal, where users can authenticate through a web browser using their username and password. This approach is suitable for both managed and unmanaged devices, providing flexibility and ensuring that identity awareness can be enforced without needing direct control over the user devices.
Correct, Browser-Based Authentication - Captive Portal Unidentified users log in with a user name and password in a Captive Portal. After authentication, the user clicks a link to go to the destination address. Recommended Usage Deployment Considerations Identity based enforcement for non-AD users (non-Windows and guest users) You can require deployment of Endpoint Identity Agents Used for identity enforcement (not intended for logging purposes).
Correct Captive portal would be ideal be used here
correct