Integrate Third Party Mobile Threat Defense (Sophos) with Microsoft Intune.

Views:

 In this blog we will show you how to integrate third party mobile threat defense with Microsoft Endpoint Manager and how it works.

You can create compliance policy based on Sophos Mobile Threat Defense and if the device is non compliant you can block access of company resources like Teams, Exchange Online, Sharepoint etc. using conditional access policy.

Use Sophos Mobile with Intune - Intune on Azure | Microsoft Docs

Integrate Your Sophos Mobile with Microsoft Intune:

Login to your Sophos Portal using Admin Credential. Go to Mobile.


From Mobile, Go to Setup>Sophos Setup.


From Sophos Setup, Go to Intune MTD.


Click on Bind


Now you have to approve using Microsoft 365 global admin credential. If you are not signed in, sign in with your global administrator account in Microsoft 365 portal in the same browser.


After approving save the settings in Sophos Mobile.


Go to Tenant Administration>Connectors and tokens>Mobile Threat Defense. You can see that already 1 active connection. That means sophos is already integrated with Microsoft Intune. 



Installing Sophos Intercept X for Mobile in Android and iOS

Now you need to install the Sophos mobile antivirus application in iOS and Android from Intune. If the application is in personal profile it will not work. So we need to install the application in Work profile.



Creating compliance policy for mobile threat defense

Now we are creating compliance policy for android devices. From Devices>Android>Compliance Policy, Click on create policy.

Select the Platform and Policy Type.


Give a name and description and click on Next


From Compliance settings click on Device Health. Select your required device threat level. And assign the policy to a user group.
For more details: Create a Mobile Threat Defense (MTD) device compliance policy with Microsoft Intune - Microsoft Intune | Microsoft Docs


Creating Conditional Access Policy for blocking the access of company resource:

With the help of conditional access policy you can block your company resources if any malware is detected in your work profile.

To create a conditional access policy go to Devices>Conditional Access Policy. Click on New.
1. Give a Name of the policy.
2. Select the users/groups to whom you want to apply the policy.
3. Select cloud app (Teams, Onedrive, Sharepoint, Exchange Online etc.)



From Grant option select Require Device to be marked as compliant.


Create the policy by selecting enabling policy On


























Comments

Post a Comment

Popular posts from this blog

Corporate Device Identifier (Approve Mobile Device by Serial Number)

Image
Corporate device identifiers is a option by which admin can approve mobile devices to be enrolled in Intune. A device can not be enrolled without an entry of a serial number in Intune portal. This feature helps administrator to monitor and manage efficiently which device are getting enrolled. In this blog we will discuss on how to enable corporate device identifiers in personally owned work profile devices. First, we need to restrict enrolling mobile device work profile by end user. From Devices, go to Enroll Devices. Select Device type restriction from Create restriction. Write down the name and description, click on Next. Block the personally owned device enrollment for Android and iOS, Click Next. Assign a User group for this restriction policy. Click on Next. Click on Create. Now we need to create corporate device identifier. We need to add serial number for the device which we want to approve for enrollment. From Devices> Enroll Devices> Corporate Device Identifier> Add
Read more