First published on CloudBlogs on Aug, 10 2016
Howdy folks, Today, I am super excited to announce the Preview of device-based policies for Azure AD Conditional Access! These policies help you stay in control of your organization's data by restricting access to enterprise managed devices. Policies can be applied on a per-application basis to require that devices be managed by your company and be correctly configured . The new capability supports iOS, Android, Windows 10 Anniversary Update, Windows 7 and Windows 8.1. This release, in conjunction with the per app MFA and location based rules , offer organizations the a robust and flexible tools for protecting resource, taking into account both the user and their device when an application is accessed. And one more cool thing! It works with EVERY application that authenticates using Azure AD. That means Office 365, Azure and Microsoft CRM as well as all the apps in our app gallery, including thousands of apps like ServiceNow, Salesforce.com & Concur, plus on-premises applications published through the Azure AD Application Proxy. Please note: Conditional Access is a feature of Azure AD Premium. Getting Started To set these policies is easy. On the Azure Management Portal, select the application you want to protect. Under the 'configure' tab you will find the control to enable device base access rules.
Howdy folks, Today, I am super excited to announce the Preview of device-based policies for Azure AD Conditional Access! These policies help you stay in control of your organization's data by restricting access to enterprise managed devices. Policies can be applied on a per-application basis to require that devices be managed by your company and be correctly configured . The new capability supports iOS, Android, Windows 10 Anniversary Update, Windows 7 and Windows 8.1. This release, in conjunction with the per app MFA and location based rules , offer organizations the a robust and flexible tools for protecting resource, taking into account both the user and their device when an application is accessed. And one more cool thing! It works with EVERY application that authenticates using Azure AD. That means Office 365, Azure and Microsoft CRM as well as all the apps in our app gallery, including thousands of apps like ServiceNow, Salesforce.com & Concur, plus on-premises applications published through the Azure AD Application Proxy. Please note: Conditional Access is a feature of Azure AD Premium. Getting Started To set these policies is easy. On the Azure Management Portal, select the application you want to protect. Under the 'configure' tab you will find the control to enable device base access rules.
- Windows domain joined devices (in on-premises Active Directory) can be easily registered with Azure AD in an automatic manner. This includes both Windows 10 and down-level Windows devices.
- iOS and Android devices are registered with Azure AD when they get enrolled into Microsoft Intune, our MDM service.
- Windows 10 Azure AD joined devices are registered upon join to Azure AD.
- Windows 10 personal devices (BYOD) are registered when the work account is added to Windows.
- Microsoft Office 365 Exchange Online
- Microsoft Office 365 SharePoint Online
- Dynamics CRM
- Microsoft Office 365 Yammer
- All of the 2,600+ SaaS applications from the Azure AD application gallery
- On-premises apps registered with Azure AD Application Proxy
- LOB apps registered with Azure AD
Updated Jul 24, 2020
Version 6.0Alex Simons (AZURE)
Microsoft
Joined May 01, 2017
Microsoft Entra Blog
Stay informed on how to secure access for workforce, customer, and workload identities, from anywhere, to multicloud and on-premises resources, with comprehensive identity and network access solutions.