Integrate Check Point SandBlast Mobile with Intune

Complete the following steps to integrate the Check Point SandBlast Mobile Threat Defense solution with Intune.

Note

This Mobile Threat Defense vendor is not supported for unenrolled devices.

Before you begin

The instructions in this article are done in the Check Point SandBlast Mobile console.

Before starting the process of integrating Check Point SandBlast Mobile with Intune, make sure you have the following:

  • Microsoft Intune subscription

  • Azure Active Directory admin credentials to grant the following permissions:

    • Sign in and read user profile

    • Access the directory as the signed-in user

    • Read directory data

    • Send device information to Intune

  • Admin credentials to access Check Point SandBlast Mobile MTD console.

Check Point SandBlast app authorization

The Check Point SandBlast app authorization process consists of the following:

  • Allow the Check Point SandBlast Mobile service to communicate information related to device health state back to Intune.

  • CheckPoint SandBlast Mobile syncs with Azure AD Enrollment Group membership to populate its device‚Äôs database.

  • Allow Check Point SandBlast admin console to use Azure AD Single Sign On (SSO).

  • Allow the Check Point SandBlast Mobile app to sign in using Azure AD SSO.

To set up Check Point SandBlast Mobile integration

  1. Go to Check Point SandBlast Mobile MTD console and sign in with your credentials.

  2. Click on the Settings tab.

  3. Choose Device management, then Settings.

  4. Choose Microsoft Intune from the MDM Service drop-down list.

  5. Once you set Microsoft Intune as the MDM Service, the Microsoft Intune Configuration window pops up, choose the Add to my organization for each device platform: iOS, Android and Windows to authorize Check Point SandBlast Mobile to communicate with Intune and Azure AD.

    Image showing Check Point MTD Intune configuration

    Important

    You must add all device platforms to proceed to the next step.

  6. Choose Accept to authorize the Check Point SandBlast Mobile app to communicate with Intune and Azure Active Directory.

  7. Once you enabled all device platforms, you need to enter the Azure AD security group.

  8. Choose Verify, once the Azure AD security group is successfully verified, choose Save.

Next steps