An often overlooked element of Check Point Identity Awareness is the ability to not only match an identity using an Access Role to capture users, devices and networks, but actually to also match which type of Remote Access Agent the users is connecting into your network via.

This may come in handy if you need more restrictive policies for remote users when using the more traditional connectivity VPN methods offered by Check Point today.

Alternatively using Check Point Harmony SASE (FKA Perimeter 81)  is a more modern take on least privilege access management for remote workers and third-party contractors to access your systems.