The user identity service provides Kaspersky NGFW with information about the users and user groups connected to the solution, which makes it possible to configure Kaspersky NGFW policies and rules for individual users and user groups. The service automatically determines which user owns a particular IP address on the network, and sends this information to the firewall to have it apply access policies based on credentials.
If the firewall policy specifies a group of users instead of an individual account, the system expands this group by getting a complete list of all its users, including nested groups. The current IP address is determined for each of these users, after which the current set of "user - IP address" correspondences is formed. This set is used when making decisions to allow or block traffic in accordance with the configured security rules.
The user identity service includes the following components:
Files for deploying the components of the user identity service are included in the Kaspersky NGFW distribution kit.
Interaction with the components of the user identity service is performed via the REST API over HTTPS.