Apr 10 2019 12:31 PM
Hi guys,
I've got a couple of questions related to the authentication flow and when MCAS takes actions:
1. As far as I understand, all the proxy sessions get applied AFTER the user authentication and AFTER the Conditional Access policies: is this correct?
2. Is there any scenario where MCAS can do actions (policies, alarms, etc...) before the user authentication? If not, is it correct to assume that to use MCAS the users must be logged to Azure AD?
Many thanks,
Dario
Apr 11 2019 07:55 AM
Hi Dario,
1. Correct. MCAS apply the session controls after authentication and initial risk assessment of the session.
2. Is there a specific pre-authentication scenario you have in mind?
In general, as a CASB, MCAS focus on the user activity within the apps, hence, after the authentication.
Thanks,
Niv
Apr 11 2019 08:06 AM
Hi Niv,
First of all, thanks for the answer.
Related to point 2, I would like to know which are the controls or the capabilities I can use pre-authentication.
Thanks,
Dario
Apr 15 2019 08:39 AM
The pre-authentication controls you can use are the control provided by AAD.
Apr 15 2019 08:44 AM
@Niv GoldenbergThanks. Azure AD does not provide pre-auth access afaik, the conditional access gets applied after the authentication.
If i'm wrong please tell me which controls can do AAD pre-auth.
Many thanks!
Dario
Apr 15 2019 08:48 AM
The controls are applied during the authentication.
Apr 15 2019 08:49 AM
@Niv Goldenbergok, I see, it means I have to provide the password before anything happen.
Many thanks,
Dario