cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MCAS pre and post authentication

dario_r
Copper Contributor

‎Apr 10 2019 12:31 PM

‎Apr 10 2019 12:31 PM

MCAS pre and post authentication

Hi guys,

I've got a couple of questions related to the authentication flow and when MCAS takes actions:
1. As far as I understand, all the proxy sessions get applied AFTER the user authentication and AFTER the Conditional Access policies: is this correct?
2. Is there any scenario where MCAS can do actions (policies, alarms, etc...) before the user authentication? If not, is it correct to assume that to use MCAS the users must be logged to Azure AD?

Many thanks,
Dario

Labels:
3,228 Views
1 Like
7 Replies
Reply
7 Replies
Niv Goldenberg

‎Apr 11 2019 07:55 AM

‎Apr 11 2019 07:55 AM

Re: MCAS pre and post authentication

Hi Dario,

 

1. Correct. MCAS apply the session controls after authentication and initial risk assessment of the session.

2. Is there a specific pre-authentication scenario you have in mind?
In general, as a CASB, MCAS focus on the user activity within the apps, hence, after the authentication.

 

Thanks,

Niv

0 Likes
Reply
dario_r

‎Apr 11 2019 08:06 AM

‎Apr 11 2019 08:06 AM

Re: MCAS pre and post authentication

Hi Niv,

First of all, thanks for the answer.

 

Related to point 2, I would like to know which are the controls or the capabilities I can use pre-authentication. 

 

Thanks,

Dario

0 Likes
Reply
dario_r

‎Apr 15 2019 05:43 AM

‎Apr 15 2019 05:43 AM

Re: MCAS pre and post authentication

@Niv Goldenbergany news please?

0 Likes
Reply
Niv Goldenberg

‎Apr 15 2019 08:39 AM

‎Apr 15 2019 08:39 AM

Re: MCAS pre and post authentication

The pre-authentication controls you can use are the control provided by AAD. 

0 Likes
Reply
dario_r

‎Apr 15 2019 08:44 AM

‎Apr 15 2019 08:44 AM

Re: MCAS pre and post authentication

@Niv GoldenbergThanks. Azure AD does not provide pre-auth access afaik, the conditional access gets applied after the authentication.

If i'm wrong please tell me which controls can do AAD pre-auth.

 

Many thanks!

Dario

0 Likes
Reply
Niv Goldenberg

‎Apr 15 2019 08:48 AM

‎Apr 15 2019 08:48 AM

Re: MCAS pre and post authentication

The controls are applied during the authentication.

0 Likes
Reply
dario_r

‎Apr 15 2019 08:49 AM

‎Apr 15 2019 08:49 AM

Re: MCAS pre and post authentication

@Niv Goldenbergok, I see, it means I have to provide the password before anything happen.

 

Many thanks,

Dario

0 Likes
Reply