New Capability for ONP: Conditional Access

Document created by Pamela S. Lee Employee on May 7, 2018
Version 1Show Document
  • View in full screen mode

When a compromised device accesses corporate resources, data is immediately at risk.

The Conditional Access feature allows an organization to automatically control access to corporate resources by compromised devices.

As a result, if a device is exposed to an attack, access to corporate networks or any on-premise and cloud apps will be controlled.

The enforcement of this policy is independent of Unified Endpoint Management (UEM) solutions.

 

Enabling Conditional Access

  1. Navigate to Settings > Policy Settings > On-device Network Protection.
  2. Under "Conditional Access" section, enter in an IP address with bitmask or a FQDN hostname into the Network Address field.
  3. Click "Add".

 

Conditional Access In Action

User Experience

The user experience is similar on iOS and Android.

  1. When the user's device is at high risk, they will see a reminder in SandBlast Mobile Protect that Corporate Access is Blocked.
  2. If the user tries to access a restricted corporate asset via a browser or an app such as mail, they will receive an in-app notification pop-up.

 

ONP Conditional Access - Administrator's Dashboard View

  1. Navigating to Events & Alerts, the Administrator can see the On-device Network Protection event.
1 person found this helpful

Attachments

    Outcomes