Microsoft Defender for Endpoint on iOS

Applies to:

Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.

Microsoft Defender for Endpoint on iOS offers protection against phishing and unsafe network connections from websites, emails, and apps. All alerts will be available through a single pane of glass in the Microsoft Defender Security Center. The portal gives security teams a centralized view of threats on iOS devices along with other platforms.

Caution

Running other third-party endpoint protection products alongside Defender for Endpoint on iOS is likely to cause performance problems and unpredictable system errors.

Pre-requisites

For End Users

  • Microsoft Defender for Endpoint license assigned to the end user(s) of the app. See Microsoft Defender for Endpoint licensing requirements.

  • For enrolled devices:

    • Device(s) are enrolled via the Intune Company Portal app to enforce Intune device compliance policies. This requires the end user to be assigned a Microsoft Intune license.
    • Intune Company Portal app can be downloaded from the Apple App Store.

    Note

    Apple does not allow redirecting users to download other apps from the app store so this step needs to be done by the user before onboarding to Microsoft Defender for Endpoint app.)

    • Device(s) are registered with Azure Active Directory. This requires the end user to be signed in through Microsoft Authenticator app.
  • For unenrolled devices: Device(s) are registered with Azure Active Directory. This requires the end user to be signed in through Microsoft Authenticator app.

  • For more information on how to assign licenses, see Assign licenses to users.

For Administrators

  • Access to the Microsoft Defender Security Center portal.

  • Access to Microsoft Endpoint Manager admin center, to:

    • Deploy the app to enrolled user groups in your organization.

    • Configure Microsoft Defender for Endpoint risk signals in app protection policy (MAM)

      Note

      • Microsoft Defender for Endpoint now extends protection to an organization’s data within a managed application for those who aren’t using mobile device management (MDM) but are using Intune to manage mobile applications. It also extends this support to customers who use other enterprise mobility management solutions, while still using Intune for mobile application management (MAM).
      • In addition, Microsoft Defender for Endpoint already supports devices that are enrolled using Intune mobile device management (MDM).

System Requirements

Installation instructions

Deployment of Microsoft Defender for Endpoint on iOS can be done via Microsoft Endpoint Manager (MEM) and both supervised and unsupervised devices are supported. End-users can also directly install the app from the Apple app store.

Resources

Next steps