- CheckMates
- :
- Products
- :
- Harmony
- :
- Mobile
- :
- Re: Harmony Mobile BYOD exchange enforcement
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Harmony Mobile BYOD exchange enforcement
Looking at integrating Harmony Mobile product to a Azure AD and using the risk profiles created by the HM product to prevent access to exchange servers from mobile devices that are above a certain risk threshold.
Main intent is to provide BYOD users access to exchange and block if their device is displaying any security risk flags. I know the easy answer is to integrate with an MDM solution but this cant be done on BYOD devices.
Has anyone had any experience of this or the joys of cyber essentials plus assessments.
Many thanks for your help.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you experimented with Conditional Access settings for "High" risk devices?
Go to Policy > select Policy Profile > On-device Network Protection > Content Inspection > Conditional Access
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you
I am now getting the following alert on the mobile.
Screen shot from my admin portal attached below but i can still access my corporate outlook from my device.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unfortunately the screenshot doesn't show in what way On-device Network Protection (ONP) is currently enabled?
It's located just above the portion of the screen captured...
Also depending upon if HTTPs inspection is used you may need to specify the corresponding IP addresses.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I believe admin guide indicates that conditional access is only for blocking access to domains if you connect to rogue wifi.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Don't believe so, can you please share the reference to this ?
(Rogue WiFi is certainly a trigger for a change in device risk however.)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Im aware of the documentation location, but I cannot see the linkage between rogue wifi and conditional access therein
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
O, sorry, thats what we were told via TAC case when asking about rogue wi-fi / conditional access.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unless I misunderstood something about it...reading the guide again, it would seem its more related to blocking access regardless of rogue wi-fi...