deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-29 13:47:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

udpate ca

Browse Source
This commit is contained in:
Joey Caparas 2018-04-13 14:43:19 -07:00
parent 5dc354355b
commit d9da60e256
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md
View File

@ -38,13 +38,14 @@ The implementation of conditional access in Windows Defender ATP is based on Mic
The compliance policy is used with conditional access to allow only devices that fulfill one or more device compliance policy rules to access applications. The compliance policy is used with conditional access to allow only devices that fulfill one or more device compliance policy rules to access applications.
## Understand the conditional access flow ## Understand the conditional access flow
Conditional access is put in place so that when a threat is seen on a device, access to sensitive content is blocked until the threat is remediated.
When a device is found to be at high risk, the signal is communicated to Intune. When a device is found to be at high risk, the signal is communicated to Intune.
In Intune, a device compliance policy is used in conjunction with Azure AD conditional access to block access to applications. In parallel, an automated investigation and remediation process is launched. In Intune, a device compliance policy is used in conjunction with Azure AD conditional access to block access to applications. In parallel, an automated investigation and remediation process is launched.
A user can still use the device while the automated investigation and remediation is taking place, but access to enterprise data is blocked until the threat is fully remediated. A user can still use the device while the automated investigation and remediation is taking place, but access to enterprise data is blocked until the threat is fully remediated.
To resolve the high risk found on a device, you'll need to return the device to a compliant state. A device returns to a compliant state when there is no risk seen on it. To resolve the high risk found on a device, you'll need to return the device to a compliant state. A device returns to a compliant state when there is no risk seen on it.
There are two ways to address a risk: through manual remediation or automated remediation. There are two ways to address a risk: through manual remediation or automated remediation.