Home

Azure AD Application Proxy Conditional Access possible with 3rd Party MDM (AirWatch)?

%3CLINGO-SUB%20id%3D%22lingo-sub-103809%22%20slang%3D%22en-US%22%3EAzure%20AD%20Application%20Proxy%20Conditional%20Access%20possible%20with%203rd%20Party%20MDM%20(AirWatch)%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-103809%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EIs%20it%20possible%20to%20create%20a%20conditional%20access%20policy%20in%20Azure%20AD%20Application%20Proxy%20that%20will%20check%20if%20a%20mobile%20device%20is%20enrolled%20in%20a%203rd%20party%20MDM%20solution%2C%20like%20AirWatch%3F%20Is%20something%20like%20this%20possible%20or%20do%20I%20need%20a%20different%20solution%3F%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-103809%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EConditional%20Access%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-106471%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Application%20Proxy%20Conditional%20Access%20possible%20with%203rd%20Party%20MDM%20(AirWatch)%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-106471%22%20slang%3D%22en-US%22%3E%3CP%3EI%20do%20have%20a%20similar%20requirement%20too%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThere%20are%20a%20few%20things%20that%20I%20need%20some%20clarification%20on%3B%3C%2FP%3E%3CP%3EThe%20end%20goal%20here%20is%20to%20have%20MFA%20prompts%20for%20internal%2Fexternal%20users%20who%20try%20access%20SPO%2FODB%20from%20outside%20of%20trusted%20networks%2C%20regardless%20of%20the%20devices%20being%20managed%2Funmanaged.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFor%20Device%20management%20(MDM)%20there%20is%20Airwatch%20in%20place%20already%20that%20has%20all%20the%20managed%20devices%20registered.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20are%20intending%20to%20use%20Azure%20Conditional%20access%20control%20for%20this%20scenario%20but%20the%20documentation%20says%20that%20the%20MDM%20used%20for%20this%20is%20Intune%2C%20my%20question%20is%20can%20the%20current%20MDM%20Airwatch%20be%20used%20to%20feed%20information%20to%20Azure%20AD%20policies%20about%20a%20device%20being%20compliant%20or%20not%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20is%20what%20we%20intend%20to%20apply%20to%20control%20access%20from%20unmanaged%20devices%20that%20are%20not%20on%20the%20network.%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-conditional-access-technical-reference%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-conditional-access-technical-reference%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Brandon Segermeister
New Contributor

Is it possible to create a conditional access policy in Azure AD Application Proxy that will check if a mobile device is enrolled in a 3rd party MDM solution, like AirWatch? Is something like this possible or do I need a different solution?

1 Reply

I do have a similar requirement too; 

 

 

There are a few things that I need some clarification on;

The end goal here is to have MFA prompts for internal/external users who try access SPO/ODB from outside of trusted networks, regardless of the devices being managed/unmanaged.

 

 

 

For Device management (MDM) there is Airwatch in place already that has all the managed devices registered.

 

We are intending to use Azure Conditional access control for this scenario but the documentation says that the MDM used for this is Intune, my question is can the current MDM Airwatch be used to feed information to Azure AD policies about a device being compliant or not?

 

This is what we intend to apply to control access from unmanaged devices that are not on the network.

https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-technica...

 

 

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
9 Replies