deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-23 22:33:41 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
Files
a14099a5ca12a13caea6207f8452ecd14c299b7d
windows-itpro-docs/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md
Daniel Simpson 80ee9a3138 Merge branch 'master' into lsaldanha-4620497-batch9
2021-02-16 12:13:17 -08:00

5.6 KiB
Raw Blame History

title, ms.reviewer, description, keywords, search.product, search.appverid, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, ms.author, author, ms.localizationpriority, manager, audience, ms.collection, ms.topic, ms.technology
title ms.reviewer description keywords search.product search.appverid ms.prod ms.mktglfcycl ms.sitesec ms.pagetype ms.author author ms.localizationpriority manager audience ms.collection ms.topic ms.technology
Configure Microsoft Defender ATP for iOS features Describes how to deploy Microsoft Defender ATP for iOS features microsoft, defender, atp, ios, configure, features, ios eADQiWindows 10XVcnh met150 m365-security deploy library security macapara mjcaparas medium dansimp ITPro
m365-security-compliance
m365initiative-defender-endpoint
conceptual mde

Configure Microsoft Defender for Endpoint for iOS features

[!INCLUDE Microsoft 365 Defender rebranding]

Applies to:

Want to experience Defender for Endpoint? Sign up for a free trial.

Note

Defender for Endpoint for iOS would use a VPN in order to provide the Web Protection feature. This is not a regular VPN and is a local/self-looping VPN that does not take traffic outside the device.

Conditional Access with Defender for Endpoint for iOS

Microsoft Defender for Endpoint for iOS along with Microsoft Intune and Azure Active Directory enables enforcing Device compliance and Conditional Access policies based on device risk levels. Defender for Endpoint is a Mobile Threat Defense (MTD) solution that you can deploy to leverage this capability via Intune.

For more information about how to set up Conditional Access with Defender for Endpoint for iOS, see Defender for Endpoint and Intune.

Web Protection and VPN

By default, Defender for Endpoint for iOS includes and enables the web protection feature. Web protection helps to secure devices against web threats and protect users from phishing attacks. Defender for Endpoint for iOS uses a VPN in order to provide this protection. Please note this is a local VPN and unlike traditional VPN, network traffic is not sent outside the device.

While enabled by default, there might be some cases that require you to disable VPN. For example, you want to run some apps that do not work when a VPN is configured. In such cases, you can choose to disable VPN from the app on the device by following the steps below:

  1. On your iOS device, open the Settings app, click or tap General and then VPN.

  2. Click or tap the "i" button for Microsoft Defender ATP.

  3. Toggle off Connect On Demand to disable VPN.

    [!div class="mx-imgBorder"] VPN config connect on demand

Note

Web Protection will not be available when VPN is disabled. To re-enable Web Protection, open the Microsoft Defender for Endpoint app on the device and click or tap Start VPN.

Co-existence of multiple VPN profiles

Apple iOS does not support multiple device-wide VPNs to be active simultaneously. While multiple VPN profiles can exist on the device, only one VPN can be active at a time.

Configure compliance policy against jailbroken devices

To protect corporate data from being accessed on jailbroken iOS devices, we recommend that you set up the following compliance policy on Intune.

Note

At this time Microsoft Defender for Endpoint for iOS does not provide protection against jailbreak scenarios. If used on a jailbroken device, then in specific scenarios data that is used by the application like your corporate email id and corporate profile picture (if available) can be exposed locally

Follow the steps below to create a compliance policy against jailbroken devices.

  1. In Microsoft Endpoint Manager admin center, go to Devices -> Compliance policies -> Create Policy. Select "iOS/iPadOS" as platform and click Create.

    [!div class="mx-imgBorder"] Create Policy

  2. Specify a name of the policy, for example "Compliance Policy for Jailbreak".

  3. In the compliance settings page, click to expand Device Health section and click Block for Jailbroken devices field.

    [!div class="mx-imgBorder"] Policy Settings

  4. In the Action for noncompliance section, select the actions as per your requirements and select Next.

    [!div class="mx-imgBorder"] Policy Actions

  5. In the Assignments section, select the user groups that you want to include for this policy and then select Next.

  6. In the Review+Create section, verify that all the information entered is correct and then select Create.

Configure custom indicators

Defender for Endpoint for iOS enables admins to configure custom indicators on iOS devices as well. For more information on how to configure custom indicators, see Manage indicators.

Note

Defender for Endpoint for iOS supports creating custom indicators only for IP addresses and URLs/domains.

Report unsafe site

Phishing websites impersonate trustworthy websites for the purpose of obtaining your personal or financial information. Visit the Provide feedback about network protection page if you want to report a website that could be a phishing site.