CheckPoint Identity Awareness is awesome. The integration with a domain controller or LDAP protocol to grant access over the user name that can be selected from the active directory to have more dynamic control over your LAN environment and not just pass through the IP address
