Skycure 移动威胁防御连接器Skycure Mobile Threat Defense connector

适用于:经典门户中的 IntuneApplies to: Intune in the classic portal
在寻找有关 Azure 门户中 Intune 的文档吗?Looking for documentation about Intune in the Azure portal? 请转到此处Go here.

可根据 Skycure 给出的风险评估,使用条件访问控制移动设备对公司资源的访问,Skycure 是与 Microsoft Intune 集成的移动威胁防御解决方案。You can control mobile device access to corporate resources using conditional access based on risk assessment conducted by Skycure, a mobile threat defense solution that integrates with Microsoft Intune. 风险评估基于从运行 Skycure 的设备收集的遥测,包括:Risk is assessed based on telemetry collected from devices running Skycure, including:

  • 物理防御Physical defense

  • 网络防御Network defense

  • 应用程序防御Application defense

  • 漏洞防御Vulnerabilities defense

可以基于通过 Intune 设备符合性策略启动的 Skycure 风险评估配置条件访问策略,从而根据检测到的威胁允许或阻止不符合要求的设备访问公司资源。You can configure conditional access policies based on Skycure risk assessment enabled through Intune device compliance policies, which you can use to allow or block non-compliant devices to access corporate resources based on detected threats.

Intune 和 Skycure 如何帮助你保护公司资源?How do Intune and Skycure help protect your company resources?

适用于 Android 或 iOS 的 Skycure 移动应用可捕获文件系统、网络堆栈以及设备和应用程序遥测(如果有),然后将其发送到 Skycure 云服务,评估设备的移动威胁风险。Skycure mobile app for Android or iOS captures file system, network stack, device and application telemetry where available, then sends it to the Skycure cloud service to assess the device's risk for mobile threats.

Intune 设备符合性策略包括基于 Skycure 风险评估的 Skycure 移动威胁防御规则。The Intune device compliance policy includes a rule for Skycure mobile threat defense, which is based on the Skycure risk assessment. 启用此规则后,Intune 将评估设备是否符合已启用的策略。When this rule is enabled, Intune evaluates device compliance with the policy that you enabled.

如果发现设备不符合策略,将阻止对 Exchange Online 和 SharePoint Online 等资源的访问。If the device is found non-compliant, access to resources like Exchange Online and SharePoint Online are blocked. 被阻止的设备上的用户可从 Skycure 移动应用接收指导来解决此问题,并重新获得对公司资源的访问权限。Users on blocked devices receive guidance from the Skycure mobile app to resolve the issue and regain access to corporate resources.

Intune 支持与 Skycure 集成的两种模式:Intune supports two modes of integration with Skycure:

  • 基本设置为只读模式,Intune 中的设备在该模式下对 Skycure 可见。Basic setup which is a read only mode that allows Skycure visibility for devices in Intune.

  • 完全集成允许 Skycure 向 Intune 报告设备风险和安全事件的详细信息。Full integration which allows Skycure to report device risk and security incident details to Intune.

示例方案Sample scenarios

以下是一些常见方案:Here are some common scenarios:

基于来自恶意应用的威胁来控制访问Control access based on threats from malicious apps

在设备上检测到恶意应用(如恶意软件)时,可阻止设备,直到解除威胁:When malicious apps such as malware are detected on devices, you can block devices until the threat is resolved:

  • 连接到公司电子邮件Connecting to corporate e-mail

  • 使用 OneDrive for Work 应用同步企业文件Syncing corporate files with the OneDrive for Work app

  • 访问公司应用Accessing company apps

检测到恶意应用时对其进行阻止:Block when malicious apps are detected:

检测到恶意应用

威胁解除后授予访问权限:Access granted on remediation:

检测到恶意应用,授予访问权限

基于对网络的威胁来控制访问Control access based on threat to network

检测中间人等网络威胁,并基于设备风险保护对 WiFi 网络的访问。Detect threats like Man-in-the-middle in network, and protect access to Wi-Fi networks based on the device risk.

阻止通过 Wi-Fi 访问网络:Block network access through Wi-Fi:

阻止通过 Wi-Fi 访问网络

威胁解除后授予访问权限:Access granted on remediation:

威胁解除后授予访问权限

基于对网络的威胁来控制对 SharePoint Online 的访问Control access to SharePoint Online based on threat to network

检测中间人等网络威胁,根据设备风险阻止公司文件的同步。Detect threats like Man-in-the-middle in network, and prevent synchronization of corporate files based on the device risk.

检测到网络威胁时阻止 SharePoint Online:Block SharePoint Online when network threats are detected:

检测到网络威胁时阻止 SharePoint Online

威胁解除后授予访问权限:Access granted on remediation:

Sharepoint 的威胁解除后授予访问权限示例

受支持的平台Supported platforms

  • Android 4.1 及更高版本Android 4.1 and later

  • iOS 8 及更高版本iOS 8 and later

先决条件Pre-requisites

  • Azure Active Directory PremiumAzure Active Directory Premium

  • Microsoft Intune 订阅Microsoft Intune subscription

  • Skycure 移动威胁防御订阅Skycure Mobile Threat Defense subscription

有关详细信息,请参阅 Skycure 网站For more information, check Skycure website.

后续步骤Next steps

以下是将 Intune 与 Skycure 集成需要完成的步骤:Here are the steps you need to complete to integrate Intune with Skycure:

  1. 配置 Skycure 以使用 Azure Active Directory 单一登录 (SS)Configure Skycure to use Azure Active Directory Single Sign On (SS)

  2. 下载 Skycure iOS 应用配置策略Download Skycure iOS app configuration policy

  3. 添加 Skycure 应用、Microsoft Authenticator 和 iOS 应用配置策略Add Skycure apps, Microsoft Authenticator and iOS app configuration policy

  4. 部署 Skycure 应用、Microsoft Authenticator 和 iOS 应用配置策略Deploy Skycure apps, Microsoft Authenticator and iOS app configuration policy

  5. 使用 Intune 设置 Skycure 集成Set up Skycure integration with Intune

  6. 在 Intune 中启用 Skycure 移动威胁防御Enable Skycure Mobile Threat Defense in Intune

  7. 在 Intune 中创建 Skycure 移动威胁防御符合性策略Create Skycure Mobile Threat Defense compliance policy in Intune