deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-18 08:17:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update android-intune.md

Browse Source
This commit is contained in:
Shravan Thota 2020-12-06 23:33:50 +05:30 committed by GitHub
parent 6283c7c232
commit 70c86ca87a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 39 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
windows/security/threat-protection/microsoft-defender-atp/android-intune.md
View File

@ -244,6 +244,45 @@ the *Required* section \> **Add group,** selecting the user group and click
above. Then select **Review + Save** and then **Save** again to commence above. Then select **Review + Save** and then **Save** again to commence
assignment. assignment.
### Auto Setup of Always-on VPN
Defender for Endpoint supports Device configuration policies for managed devices via Intune. This capability can be leveraged to **Auto setup of Always-on VPN** on Android Enterprise enrolled devices, so the end user does not need to setup VPN service while onboarding.
1. On **Devices** Page go to **Configuration Profiles** > **Create Profile** > **Platform** > **Android Enterprise**
Select **Device restrictions** under one of the following, based on your device enrollment type
- **Fully Managed, Dedicated, and Corporate-Owned Work Profile**
- **Personally-Owned Work Profile**
Select **Create**
> ![Image of devices configuration profile create](images/1autosetupofvpn.png)
2. **Configuration Settings**
Provide **Name** and **Description** to uniquely identify the configuration profile.
> ![Image of devices configuration profile Name and Description](images/2autosetupofvpn.png)
3. Select **Connectivity** and configure VPN
- Enable **Always-on VPN**
Setup a VPN client in the work profile to automatically connect and reconnect to the VPN whenever possible. Only one VPN client can be configured for always-on VPN on a given device, so be sure to have no more than one always-on VPN policy deployed to a single device.
- Select **Custom** in VPN client dropdown list
Custom VPN in this case is Defender for Endpoint VPN which is used to provide the Web Protection feature.
>[!NOTE]
>Microsoft Defender ATP app must be installed on users device, in order to functioning of auto setup of this VPN.
- Enter **Package ID** of the Microsoft Defender ATP app in Google Play store. For the Defender app URL https://play.google.com/store/apps/details?id=com.microsoft.scmx, Package ID is **com.microsoft.scmx**
- **Lockdown mode** Not configured (Default)
> ![Image of devices configuration profile enable Always-on VPN](images/3autosetupofvpn.png)
4. **Assignment**
In the**Assignments**page, select the user group to which this app config policy would be assigned to. Click**Select groups** to includeand selecting the applicable group and then click**Next**. The group selected here is usually the same group to which you would assign Microsoft Defender for Endpoint Android app.
> ![Image of devices configuration profile Assignment](images/4autosetupofvpn.png)
5. In the **Review + Create** page that comes up next, review all the information and then select **Create**.
The device configuration profile is now assigned to the selected user group.
> ![Image of devices configuration profile Review and Create](images/5autosetupofvpn.png)
## Complete onboarding and check status ## Complete onboarding and check status
1. Confirm the installation status of Microsoft Defender for Endpoint for Android by 1. Confirm the installation status of Microsoft Defender for Endpoint for Android by