https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147031#M795 <P>Don't believe so, can you please share the reference to this ?</P> <P>(Rogue WiFi is certainly a trigger for a change in device risk however.)</P> Mon, 25 Apr 2022 23:53:05 GMT Chris_Atkinson 2022-04-25T23:53:05Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/146172#M777 <P>Looking at integrating Harmony Mobile product to a <SPAN>Azure AD and using the risk profiles created by the HM product to prevent&nbsp;access&nbsp;to exchange servers from mobile devices that are above a certain risk threshold.</SPAN></P><P>Main intent is to provide BYOD users access to exchange and block if their device is displaying any security risk flags. I know the easy answer is to integrate with an MDM solution but this cant be done on BYOD devices.</P><P>Has anyone had any experience of this or the joys of cyber essentials plus assessments.</P><P>Many thanks for your help.</P> Wed, 13 Apr 2022 08:47:15 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/146172#M777 Kronos 2022-04-13T08:47:15Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147002#M791 <P>Have you experimented with Conditional Access settings for "High" risk devices?</P> <P><SPAN>Go to&nbsp;</SPAN><SPAN class="Menu_Options">Policy<SPAN>&nbsp;</SPAN></SPAN><SPAN>&gt; select&nbsp;</SPAN><SPAN class="Menu_Options">Policy Profile</SPAN><SPAN>&nbsp;&gt;&nbsp;</SPAN><SPAN class="Menu_Options">On-device Network Protection</SPAN><SPAN>&nbsp;&gt;&nbsp;</SPAN><SPAN class="Menu_Options">Content Inspection</SPAN><SPAN>&nbsp;&gt;</SPAN><SPAN class="Menu_Options"><SPAN>&nbsp;</SPAN>Conditional Access</SPAN></P> Mon, 25 Apr 2022 15:16:29 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147002#M791 Chris_Atkinson 2022-04-25T15:16:29Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147013#M792 <P>Thank you</P><P>I am now getting the following alert on the mobile.</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Kronos_2-1650904123215.png" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/16181iA4B3FD2C449D45D7/image-size/medium?v=v2&amp;px=400" role="button" title="Kronos_2-1650904123215.png" alt="Kronos_2-1650904123215.png" /></span></P><P>Screen shot from my admin portal attached below but i can still access my corporate outlook from my device.</P> Mon, 25 Apr 2022 16:33:14 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147013#M792 Kronos 2022-04-25T16:33:14Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147029#M793 <P>Unfortunately the screenshot doesn't show in what way On-device Network Protection (ONP) is currently enabled?</P> <P>It's located just above the portion of the screen captured...</P> <P>Also depending upon if HTTPs inspection is used you may need to specify the corresponding IP addresses.</P> Mon, 25 Apr 2022 23:47:50 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147029#M793 Chris_Atkinson 2022-04-25T23:47:50Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147030#M794 <P>I believe admin guide indicates that conditional access is only for blocking access to domains if you connect to rogue wifi.</P> Mon, 25 Apr 2022 23:27:27 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147030#M794 the_rock 2022-04-25T23:27:27Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147031#M795 <P>Don't believe so, can you please share the reference to this ?</P> <P>(Rogue WiFi is certainly a trigger for a change in device risk however.)</P> Mon, 25 Apr 2022 23:53:05 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147031#M795 Chris_Atkinson 2022-04-25T23:53:05Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147033#M796 <P><A href="https://downloads.checkpoint.com/fileserver/SOURCE/direct/ID/108826/FILE/CP_Harmony_Mobile_AdminGuide.pdf" target="_blank">https://downloads.checkpoint.com/fileserver/SOURCE/direct/ID/108826/FILE/CP_Harmony_Mobile_AdminGuide.pdf</A></P> Mon, 25 Apr 2022 23:38:40 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147033#M796 the_rock 2022-04-25T23:38:40Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147034#M797 <P>Thanks Im aware of the documentation location, but I cannot see the linkage between rogue wifi and conditional access therein&nbsp;</P> Mon, 25 Apr 2022 23:47:12 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147034#M797 Chris_Atkinson 2022-04-25T23:47:12Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147035#M798 <P>O, sorry, thats what we were told via TAC case when asking about rogue wi-fi / conditional access.</P> Mon, 25 Apr 2022 23:48:38 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147035#M798 the_rock 2022-04-25T23:48:38Z https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147036#M799 <P>Unless I misunderstood something about it...reading the guide again, it would seem its more related to blocking access regardless of rogue wi-fi...</P> Mon, 25 Apr 2022 23:59:11 GMT https://community.checkpoint.com/t5/Mobile/Harmony-Mobile-BYOD-exchange-enforcement/m-p/147036#M799 the_rock 2022-04-25T23:59:11Z