Question on web protection with Defender for Android

%3CLINGO-SUB%20id%3D%22lingo-sub-1983738%22%20slang%3D%22en-US%22%3EQuestion%20on%20web%20protection%20with%20Defender%20for%20Android%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1983738%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20planning%20a%20rollout%20of%20Defender%20for%20Android%20using%20Intune%20(aka%20Endpoint%20Manager)%20and%20enabling%20Web%20Protection.%20The%20app%20will%20be%20installed%20in%20the%20Enterprise%20Workspace%20with%20permissions%20so%20it%20can%20scan%20Personal%20and%20Work%20space.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20question%20is%20does%20Web%20Protection%20only%20apply%20to%20web%20sites%20accessed%20using%20the%20Edge%20browser%20also%20installed%20in%20Work%20space%20or%20does%20the%26nbsp%3BDefender%20for%20Android%20also%20inspect%20web%20browsing%20from%20Chrome%20and%20other%20browsers%20installed%20in%20User%20partition%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1983738%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAndroid%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EDefender%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1989140%22%20slang%3D%22en-US%22%3ERe%3A%20Question%20on%20web%20protection%20with%20Defender%20for%20Android%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1989140%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Calum_L1%2C%3CBR%20%2F%3E%3CBR%20%2F%3EWeb%20protection%20spreads%20across%20all%20the%20network%20traffic%20originating%20from%20your%20Android%20device%20when%20you%20allow%20it%20for%20both%20profiles.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20you%20want%20to%20disable%20it%20for%20your%20personal%20profile%2C%20please%20take%20a%20look%20here%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Fprotect%2Fadvanced-threat-protection-manage-android%23configure-web-protection-on-devices-that-run-android%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Fprotect%2Fadvanced-threat-protection-manage-android%23configure-web-protection-on-devices-that-run-android%3C%2FA%3E%3C%2FP%3E%3CP%3EYou%20will%20find%20the%20information%20under%26nbsp%3B%3CSTRONG%3EAndroid%20Enterprise%20Personally-Owned%20Work%20Profile%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EThe%20way%20it%20works%20is%20by%20setting%20up%20a%20%22dummy%22%20VPN%20connection%20which%20tunnels%20all%20your%20traffic%20through%20the%20installed%20Defender%20for%20Android%20application.%3CBR%20%2F%3E%3CBR%20%2F%3EThis%20way%20all%20traffic%20will%20be%20monitored%20by%20Defender%20for%20Android.%3CBR%20%2F%3E%3CBR%20%2F%3EPlease%20note%20for%20privacy%20concerns%20that%20the%20traffic%20will%20never%20be%20send%20through%20any%20cloud%20web%20based%20server%20but%20only%20through%20the%20installed%20app.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

I'm planning a rollout of Defender for Android using Intune (aka Endpoint Manager) and enabling Web Protection. The app will be installed in the Enterprise Workspace with permissions so it can scan Personal and Work space.

 

My question is does Web Protection only apply to web sites accessed using the Edge browser also installed in Work space or does the Defender for Android also inspect web browsing from Chrome and other browsers installed in User partition?

1 Reply

Hi Calum_L1,

Web protection spreads across all the network traffic originating from your Android device when you allow it for both profiles.

 

If you want to disable it for your personal profile, please take a look here:

https://docs.microsoft.com/en-us/mem/intune/protect/advanced-threat-protection-manage-android#config...

You will find the information under Android Enterprise Personally-Owned Work Profile


The way it works is by setting up a "dummy" VPN connection which tunnels all your traffic through the installed Defender for Android application.

This way all traffic will be monitored by Defender for Android.

Please note for privacy concerns that the traffic will never be send through any cloud web based server but only through the installed app.