Sarbanes-Oxley Act of 2002 (SOX) Solution

Implementation: DS5.4

COBIT Control Objective	Check Point Solution
DS5.4 User Account Management Address requesting, establishing, issuing, suspending, modifying and closing user accounts and related user privileges with a set of user account management procedures. Perform regular management review of all accounts and related privileges.	Check Point management tools allow administrators to create policies, including the mapping and assignment of groups (of users and endpoints) to resources. All Check Point products can log and report user access across Check Point gateways as well as log and report administrator changes on Check Point systems. Organizations can view this data in SmartViewTracker and in reports from Eventia Reporter. Authentication is an essential part of all Check Point solutions, including Check Point VPN solutions, as well as user authentication for VPN-1. VPN-1 supports multiple databases for authentication, including an internal database, Microsoft Active Directory, or OPSEC-certified LDAP and RADIUS databases. Check Point VARs, SIs, and business partners can provide consulting services to help an organization define an ID program that can assign users with unique IDs for use with Check Point solutions.

COBIT Control Objective

Check Point Solution

DS5.4 User Account Management

Address requesting, establishing, issuing, suspending, modifying and closing user accounts and related user privileges with a set of user account management procedures.
Perform regular management review of all accounts and related privileges.

Check Point management tools allow administrators to create policies, including the mapping and assignment of groups (of users and endpoints) to resources. All Check Point products can log and report user access across Check Point gateways as well as log and report administrator changes on Check Point systems. Organizations can view this data in SmartViewTracker and in reports from Eventia Reporter.

Authentication is an essential part of all Check Point solutions, including Check Point VPN solutions, as well as user authentication for VPN-1. VPN-1 supports multiple databases for authentication, including an internal database, Microsoft Active Directory, or OPSEC-certified LDAP and RADIUS databases.

Check Point VARs, SIs, and business partners can provide consulting services to help an organization define an ID program that can assign users with unique IDs for use with Check Point solutions.

Go to Check Point Product Info:

Return to Implementation