Forum Discussion
iOS Filtering with Defender Endpoint According to App
Greetings,
I'm looking to replicate the following, only with Intune and Defender for Endpoint:
https://kb.smoothwall.com/hc/en-us/articles/6401257533980-Limiting-access-to-in-app-browsers-on-iPad
My first question is if this is possible? I'm administrating supervised iPads and iPhones for a small entity, and we are in need of filtering the in-app browsers differently than we do Safari. The goal is to specify Defender as a Third-Party Plugin in a profile, and specify exceptions to that profile by bundle ID (ie, Safari). So I'm wondering if Defender can be configured to allow a whitelist of URL's? If so, that's where my knowledge is coming up short.
I'm learning as I go on this; I hope I'm making sense. Thanks.
3 Replies
Hi JedediahB
I think it’s better for you to stay with Defender only, you can block specific domains under Defender for Endpoint portal - settings -> Rules and click on indicator - tab -> URLs/Domains.
Here is a good guide:
https://jeffreyappel.nl/deploy-microsoft-defender-for-endpoint-on-ios-devices/amp/
There is a native way to block domains (Safari Only) under Intune - Configuration Profile - Feature
https://learn.microsoft.com/en-us/mem/intune/configuration/ios-device-features-settings#web-content-filter
Hope this helps!Moe
Thanks, Moe! Those are helpful links. However, I'm past those steps. But I'm probably not being specific enough. I would like to
- Install a mobileconfig that instructs Defender to allow only a whitelist of URLs
- But specify Safari as exempted from that profile/whitelist.
This is possible, in general, when specifying a third-party content filter in Apple Configurator. Using this method, it allows you to exempt certain apps from the filter. I'm wondering if it's possible to specify Defender as that third-party app . . .
Thanks.
- Got it now! I don’t think it’s available in Defender as 3rd part plug-in. Have you tried it?
Moe
