Integrate Sophos Mobile with Intune
Complete the following steps to integrate the Sophos Mobile Threat Defense solution with Intune.
This Mobile Threat Defense vendor is not supported for unenrolled devices.
Before you begin
Before starting the process of integrating Sophos Mobile with Intune, make sure you have the following:
- Microsoft Intune subscription
- Azure Active Directory admin credentials to grant the following permissions:
- Sign in and read user profile
- Access the directory as the signed-in user
- Read directory data
- Send device information to Intune
- Admin credentials to access the Sophos Mobile admin console.
Sophos Mobile app authorization
The Sophos Mobile app authorization process follows:
- Allow the Sophos Mobile service to communicate information related to device health state back to Intune.
- Sophos Mobile syncs with Azure AD Enrollment Group membership to populate its device's database.
- Allow the Sophos Mobile admin console to use Azure AD Single Sign On (SSO).
- Allow the Sophos Mobile app to sign in using Azure AD SSO.
To set up Sophos Mobile integration
Sign in to the Azure portal, go Intune > Device compliance > Mobile Threat Defense > and select Add.
On the Add Connector page, use the dropdown and select Sophos. And then select Create.
Select the link Open the Sophos admin console.
Sign in to the Sophos admin console with your Sophos credentials.
Go to Mobile > Settings > Setup > Sophos setup.
On the Sophos setup page, select the Intune MTD tab.
Select Bind, and then select Yes. Sophos connects to Intune and requires you to sign in to your Intune subscription.
In the Microsoft Intune authentication window, enter your Intune credentials and Accept the permissions request for Sophos Mobile Thread Defense.
On the Sophos setup page, select Save to complete the configuration for Intune:
When the message Successful Integration appears, integration is complete.
In the Intune console, Sophos is now available.