I have a scenario thats difficult to resolve with this, at least I havent found an answer. If we have unsanctioned applications as a default but we need an exception, we have to create tags. e.g. a specific user has access to wetransfer. That works fine, but if they need access to another service e.g. dropbox you cannot apply both tags to that user/device you have to create a NEW tag that encompasses both requirements. This means managing exceptions becomes exponential depending on the combinations of resources that specific individuals may need. Administrative nightmare. Are you aware of any simple way to provide exceptions? it was much easier in sophos
So unsanctioned websites configured using the cloud app catalog are only blocked when the devices are also onboarded to Defender for Endpoint? In others words when Defender for Endpoint is not in place the catalog will do nothing?
What I was surprised to see about the cloud catalog, is that it also contains cloud apps from reputable security companies (I think it was either Checkpoint or Trend Micro), but that they did not get a "great score" at all in the catalog. Not sure how much of an issue that would be (I also only just started using Defender for Endpoint so I barely know anything about it for now, we have an E5 license but considering we have a very small IT team it'll probably take years to go through all our E5 products :-) ).
Microsoft investigates all of those apps the same way.. plus: the scoring mechanism is allowed to be changed by you. for example: if you do not care about SOX, but do care about ISO.. you can discard Sox and make ISO more important. that will affect the score for that app.
What about the other way around? How to grant access to a website only for a handful of users or even a single user but blocked for everyone else? I have tried Device Groups but I would assume there's a way of restricting the access only for users and not for machines which can be swapped unassigned for the target users at any given moment.
I have joined my pc directly to intune but web content filtering is not working on that pc but a vm is also added but it is Azure AD joined. My pc is in workgroup is that the reason why web content filtering is not apply to my pc
for the web content filter to work, the device must be onboarded to Microsoft Defender for Endpoint. I have videos on my channel that explains how to do that.
I tagged some apps as unsanctioned but it’s blocking for Edge browser only. Could I know please how to block for Chrome?
I have a scenario thats difficult to resolve with this, at least I havent found an answer. If we have unsanctioned applications as a default but we need an exception, we have to create tags. e.g. a specific user has access to wetransfer. That works fine, but if they need access to another service e.g. dropbox you cannot apply both tags to that user/device you have to create a NEW tag that encompasses both requirements. This means managing exceptions becomes exponential depending on the combinations of resources that specific individuals may need. Administrative nightmare. Are you aware of any simple way to provide exceptions? it was much easier in sophos
Hoi Alex opgenomen in het mooie Evoluon Eindhoven op donderdag ochtend ? Nogmaals bedankt voor de sc-200 cursus deze week..
ja idd!!
haha yep
So unsanctioned websites configured using the cloud app catalog are only blocked when the devices are also onboarded to Defender for Endpoint? In others words when Defender for Endpoint is not in place the catalog will do nothing?
That is correct… defender for cloud apps does not have its own client
yes that is true
What I was surprised to see about the cloud catalog, is that it also contains cloud apps from reputable security companies (I think it was either Checkpoint or Trend Micro), but that they did not get a "great score" at all in the catalog. Not sure how much of an issue that would be (I also only just started using Defender for Endpoint so I barely know anything about it for now, we have an E5 license but considering we have a very small IT team it'll probably take years to go through all our E5 products :-) ).
Microsoft investigates all of those apps the same way.. plus: the scoring mechanism is allowed to be changed by you. for example: if you do not care about SOX, but do care about ISO.. you can discard Sox and make ISO more important. that will affect the score for that app.
What about the other way around? How to grant access to a website only for a handful of users or even a single user but blocked for everyone else? I have tried Device Groups but I would assume there's a way of restricting the access only for users and not for machines which can be swapped unassigned for the target users at any given moment.
my first guess would be Defender for CloudApps.. you can create policies there. no super sure though.
you could sancton web apps, and create a policy to unsanction all others.
I have joined my pc directly to intune but web content filtering is not working on that pc but a vm is also added but it is Azure AD joined. My pc is in workgroup is that the reason why web content filtering is not apply to my pc
for the web content filter to work, the device must be onboarded to Microsoft Defender for Endpoint. I have videos on my channel that explains how to do that.