This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ian_Flood
Participant
‎2017-08-30 08:37 AM

Sandblast mobile and MS Intune

Has anyone got MS Intune and Sandblast mobile working correctly?

My setup seems to be properly setup but once Sandblast is installed on my iOS devices, they will report as non compliant in intune.

In the company portal app, it reports that the device does not meet  a mobile policy and to open sandblast to resolve the issue but when sandblast app opens it does not report anything wrong.

If I remove sandblast the device becomes compliant again.

The sandblast portal shows the devices as connected and no issues.

Intune reports the sandblast connector as active and in sync.

0 Kudos
5 Replies
Pamela_S__Lee
Employee Alumnus
Employee Alumnus
‎2017-08-30 10:32 AM

Hello Ian,

With the device actively syncing to SandBlast Mobile Dashboard, open the device details by clicking on the device id.

Go to the severity pulldown menu and select all. Are there any warnings in that area? If so, are they sufficient to company policy to be flagged? If not, then go back into MS Intune Portal and navigate to Device compliance > Policies and select the policy that you want to edit. Under Properties > Settings, select the appropriate MTD level. They are: Secured, Low, Medium, and High.

 The definitions are as follows:

   Secured:  This is the most secure. The device cannot have any threats present and still access company                         resources. If any threats are found, the device is evaluated as non-compliant.

Low:        The device is compliant if only low level threats are present. Anything higher puts the device in a non-compliant status.

Medium:  The device is compliant if the threats found on the device are low or medium level. If high level threats are detected, the device is determined as non-compliant.

High:       This is the least secure. This allows all threat levels, and uses Mobile Threat Defense for reporting purposes only. Devices are required to have the MTD app activated with this setting.

Select the setting that is most appropriate, I would suggest trying Low.

Best Regards!

Pam

0 Kudos
Daniel_Dor
Employee Alumnus
Employee Alumnus
‎2017-08-30 10:42 PM

Hi Ian, how are you?

1. What guide did you use to setup the entire environment? Did you use all the steps?

2. In building this environment,  missing one of the steps can create such issues.

D

0 Kudos
Ian_Flood
Participant
‎2017-08-31 03:34 AM

Thanks for the replies. 

My setup was done following Microsoft documentation and all steps were followed.

Set up the Check Point SandBlast integration with Intune - Intune on Azure | Microsoft Docs 

I have also changed my MTP policy from 'Secured' down to 'Low' then to 'Medium' and finally 'High' my device always reports as non compliant.

Nothing is reported in the SB portal and annoyingly in Intune my device shows as non compliant but when I look at the device compliance policies they all show as green.

If I remove SBM from my device, it instantly becomes compliant again.

0 Kudos
Pamela_S__Lee
Employee Alumnus
Employee Alumnus
‎2017-08-31 02:41 PM
In response to Ian_Flood

Ian, can you please contact me offline so that I can help you troubleshoot?

pslee@checkpoint.com

I would like to know the OS, OS version, Device Manufacturer/Model.

Ping me and perhaps we can organize a quick chat.

Thank you!

Pam

Ian_Flood
Participant
‎2017-09-01 01:42 AM

Thank you for replying.

I stripped the whole thing out and started again and now it seems to be working, at least on my device, i'll try a couple more and hopefully all is now good.

Upcoming Events

    Sort by:
    CheckMates Events