Forum Discussion
Exclude Users or Devices
is there any way to perform this? Why is this feature not added from get-go? such a pain and will cause the product not to be used now...
- The only option available to override MCAS unsanctioned apps, is to create custom network indicators in MDE.
This override can only be assigned to MDE device groups though, so if you want to limit this to specific users, these users will need to have personally assigned devices (as in devices not shared with other users).
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/web-protection-overview?view=o365-worldwide- thanks for the reply - I'll give it a go.
Such a shame there isn't an exclusion area in Cloud Security.. makes me wonder if anyone trialed or feedback was even conducted with real world business operations in mind.Yes, I am pretty sure it is a functionality many people want.
In this case, MCAS does not have forward proxy functionality in itself, so it only supplies list of unsanctioned Apps(URLs), and it is then up to the solution that does the blocking (MDE, SWGs etc) to manage the targets and actions to take (to block or warn, who or what to target/override).
MDE does not have any functionality to target specific users, only device groups, so targeted overrides is quite limited at the moment.
If more complex policy management is a must, you would have to look at SWGs such as Zscaler Internet Access, which also works with MCAS cloud discovery and can do automatic blocking.
