Forum Discussion
MDATP & Cloud App Security Integration
Hi Dan Michelson . Is MDATP integration with MCAS still not supported with proxies?
"If the endpoint device is behind a forward proxy, traffic data will not be visible to Microsoft Defender ATP and hence will not be included in Cloud Discovery reports"
https://docs.microsoft.com/en-us/cloud-app-security/wdatp-integration#how-to-integrate-microsoft-defender-atp-with-cloud-app-security
We have MDATP deployed, network protection in audit mode endabled, MCAS integration enabled. We don't see any traffic to some known cloud apps this way. Though the apps do appear in MDATP Advanced Hunting they don't make it to MCAS.
In parallel we have some proxy log forwarding. The apps that MDATP doesn't forward to MCAS appear via MCAS log collector. The integration seems unreliable when theres proxies. The data is in MDATP but it's not forwared to MCAS correctly.