準備應用程式保護原則的企業營運應用程式Prepare line-of-business apps for app protection policies

適用於︰IntuneApplies to: Intune
本主題適用於 Azure 入口網站和傳統入口網站中的 Intune。This topic applies to Intune in both the Azure portal and the classic portal.

您可以使用 Intune App Wrapping Tool 或 Intune App SDK,讓應用程式使用應用程式保護原則。You can enable your apps to use app protection policies by using either the Intune App Wrapping Tool or the Intune App SDK. 使用這項資訊可了解這兩種方法和其使用時機。Use this information to learn about these two methods and when to use them.

Intune App Wrapping ToolIntune App Wrapping Tool

App Wrapping Tool 主要用於內部企業營運 (LOB) 應用程式。The App Wrapping Tool is used primarily for internal line-of-business (LOB) apps. 此工具是可建立應用程式包裝函式的命令列應用程式,因而可讓 Intune 應用程式保護原則管理應用程式。The tool is a command-line application that creates a wrapper around the app, which then allows the app to be managed by an Intune app protection policy.

您不需要原始程式碼即可使用工具,但需要簽署認證。You don't need the source code to use the tool, but you do need signing credentials. 如需簽署認證的詳細資訊,請參閱 Intune 部落格For more about signing credentials, see the Intune blog. 如需 App Wrapping Tool 文件,請參閱 Android App Wrapping TooliOS App Wrapping ToolFor the App Wrapping Tool documentation, see Android App Wrapping Tool and iOS App Wrapping Tool.

應用程式包裝工具支援 Apple App Store 或 Google Play 商店中的應用程式。The App Wrapping Tool does not support apps in the Apple App Store or Google Play Store. 它也不支援某些需要開發人員整合的功能 (請參閱下列的功能比較表)。It also doesn't support certain features that require developer integration (see the following feature comparison table).

如需 Intune 中未註冊裝置上應用程式保護原則之 App Wrapping Tool 的詳細資訊,請參閱保護未在 Microsoft Intune 註冊之裝置上的企業營運應用程式和資料For more information about the App Wrapping Tool for app protection policies on devices that are not enrolled in Intune, see Protect line-of-business apps and data on devices not enrolled in Microsoft Intune.

使用 App Wrapping Tool 的原因Reasons to use the App Wrapping Tool

  • 您的應用程式沒有內建資料保護功能Your app does not have built-in data protection features
  • 您的應用程式很簡單Your app is simple
  • 您的應用程式部署於內部Your app is deployed internally
  • 您沒有 App 原始程式碼的存取權限You don't have access to the app's source code
  • 您未開發應用程式You didn't develop the app
  • 您的應用程式具有最低的使用者驗證體驗Your app has minimal user authentication experiences

支援的應用程式開發平台Supported app development platforms

App Wrapping ToolApp Wrapping Tool XamarinXamarin CordovaCordova
iOSiOS Yes Yes
AndroidAndroid No Yes

Intune App SDKIntune App SDK

App SDK 的設計主要是針對 Apple App Store 或 Google Play Store 中具有應用程式並想要可以使用 Intune 管理應用程式的客戶。The App SDK is designed mainly for customers who have apps in the Apple App Store or Google Play Store, and want to be able to manage the apps with Intune. 不過,任何應用程式都可以利用 SDK 的整合,即使它是企業營運應用程式也是一樣。However, any app can take advantage of integrating the SDK, even line-of-business apps.

若要深入了解 SDK,請參閱概觀To learn more about the SDK, see the Overview. 若要開始使用 SDK,請參閱開始使用 Microsoft Intune App SDKTo get started with the SDK, see Getting Started With the Microsoft Intune App SDK.

使用 SDK 的理由Reasons to use the SDK

  • 您的應用程式沒有內建資料保護功能Your app does not have built-in data protection features
  • 您的應用程式很複雜且包含許多體驗Your app is complex and contains many experiences
  • 您的應用程式部署在公開應用程式商店 (例如 Google Play 或 Apple 的 App Store)Your app is deployed on a public app store such as Google Play or Apple's App Store
  • 您是應用程式開發人員並且擁有使用 SDK 的技術背景You are an app developer and have the technical background to use the SDK
  • 您的應用程式有其他的 SDK 整合Your app has other SDK integrations
  • 您的應用程式經常更新Your app is frequently updated

支援的應用程式開發平台Supported app development platforms

Intune App SDKIntune App SDK XamarinXamarin CordovaCordova
iOSiOS 是,使用 Intune App SDK Xamarin 元件Yes – use the Intune App SDK Xamarin Component. 是,使用 Intune App SDK Cordova 外掛程式Yes – use the Intune App SDK Cordova Plugin.
AndroidAndroid 是,使用 Intune App SDK Xamarin 元件Yes - use the Intune App SDK Xamarin Component. 是,使用 Intune App SDK Cordova 外掛程式Yes – use the Intune App SDK Cordova Plugin.

功能比較Feature comparison

此表格列出您可以用於 App SDK 和 App Wrapping Tool 的設定。This table lists the settings that you can use for the App SDK and App Wrapping Tool.

注意

只有在使用 Intune 獨立版或 Intune (含 Configuration Manager) 時,才能使用 App Wrapping Tool。The App Wrapping Tool can be used with Intune standalone or Intune with Configuration Manager.

功能Feature App SDKApp SDK App Wrapping ToolApp Wrapping Tool
限制要在公司管理的瀏覽器中顯示網頁內容Restrict web content to display in a corporate managed browser XX XX
禁止 Android、iTunes 或 iCloud 備份Prevent Android, iTunes, or iCloud backups XX XX
允許應用程式將資料傳送到其他應用程式Allow app to transfer data to other apps XX XX
允許應用程式接收來自其他應用程式的資料Allow app to receive data from other apps XX XX
限制利用其他應用程式剪下、複製及貼上Restrict cut, copy, and paste with other apps XX XX
需要簡單的 PIN 碼才能存取Require simple PIN for access XX XX
將內建應用程式 PIN 取代為 Intune PINReplace built-in app PIN with Intune PIN XX
指定 PIN 重設之前的嘗試次數Specify the number of attempts before PIN reset XX XX
允許指紋而非 PINAllow fingerprint instead of PIN XX XX
需要公司認證才能存取Require corporate credentials for access XX XX
封鎖受管理的應用程式在已進行 JB 或 Root 破解的裝置上執行Block managed apps from running on jailbroken or rooted devices XX XX
加密應用程式資料Encrypt app data XX XX
在指定的分鐘數之後重新檢查存取需求Recheck the access requirements after a specified number of minutes XX XX
指定離線寬限期Specify the offline grace period XX XX
封鎖螢幕擷取 (僅限 Android)Block screen capture (Android only) XX XX
不註冊裝置的 MAM 支援Support for MAM without device enrollment XX XX
完整抹除Full Wipe XX XX
選擇性抹除Selective Wipe
注意:對於 iOS,移除管理設定檔時,也會移除應用程式。Note: For iOS, when the management profile is removed, the app is also removed.
XX
避免「另存新檔」Prevent “Save as” XX
目標應用程式組態Targeted Application Configuration XX
支援多重身分識別Support for Multi-Identity XX
可自訂樣式Customizable Style XX

後續步驟Next steps

若要深入了解應用程式保護原則和 Intune,請參閱下列主題:To learn more about app protection policies and Intune, see the following topics: