Lookout Mobile Threat Defense 連接器與 IntuneLookout Mobile Threat Defense connector with Intune

您可以根據由 Lookout (一個與 Microsoft Intune 整合的 Mobile Threat Defense 解決方案) 所進行的風險評估,來控制行動裝置對公司資源的存取。You can control mobile device access to corporate resources based on risk assessment conducted by Lookout, a Mobile Threat Defense solution integrated with Microsoft Intune. 風險評估是根據 Lookout 服務收集自裝置的遙測,包括︰Risk is assessed based on telemetry collected from devices by the Lookout service including:

  • 作業系統漏洞Operating system vulnerabilities
  • 安裝的惡意應用程式Malicious apps installed
  • 惡意網路設定檔Malicious network profiles

您可以根據透過 Intune 合規性原則所啟用的 Lookout 風險評估,來設定條件式存取原則。You can configure conditional access policies based on Lookout's risk assessment enabled through Intune compliance policies. 設定可讓您根據偵測到的威脅來允許或封鎖不符合規範的裝置。Settings let you allow or block non-compliant devices based on detected threats.

Intune 和 Lookout Mobile Threat Defense 如何協助保護公司資源?How do Intune and Lookout Mobile Threat Defense help protect company resources?

已在行動裝置上安裝和執行 Lookout 行動應用程式 (Lookout for Work)。Lookout’s mobile app, Lookout for work, is installed and run on mobile devices. 這個應用程式可擷取檔案系統、網路堆疊,以及裝置和應用程式遙測 (如果可用),然後將其傳送至 Lookout 雲端服務,以評估裝置威脅的裝置風險。This app captures file system, network stack, and device and application telemetry where available, then sends it to the Lookout cloud service to assess the device's risk for mobile threats. 您可以在 Lookout 主控台中變更威脅的風險層級分類,以符合您的需求。You can change risk level classifications for threats in the Lookout console to suit your requirements.

Intune 中的合規性原則包含根據 Lookout 風險評估的 Lookout Mobile Threat Defense 規則。The compliance policy in Intune includes a rule for Lookout Mobile Threat Defense based on Lookout risk assessment. 啟用此規則時,Intune 會評估裝置是否符合您啟用的原則。When this rule is enabled, Intune evaluates device compliance with the policy that you enabled.

如果發現裝置不符合規範,則可以封鎖對 Exchange Online 和 SharePoint Online 這類資源的存取。If the device is found non-compliant, access to resources like Exchange Online and SharePoint Online can blocked. 已封鎖裝置上的使用者會收到解決此問題並重新取得存取權的步驟。Users on blocked devices receive a steps to resolve the issue and regain access. 指引是從 Lookout for Work 應用程式來啟動。Guidance is launched from the Lookout for work app.

支援的平台Supported platforms

在 Intune 中註冊時,Lookout 支援下列平台︰The following platforms are supported for Lookout when enrolled in Intune:

  • Android 4.1 和更新版本Android 4.1 and later
  • iOS 8 和更新版本如需平台和語言支援的其他資訊,請前往 Lookout 網站iOS 8 and later For additional information about platform and language support, visit the Lookout website.

必要條件Prerequisites

  • Microsoft Intune 訂閱Microsoft Intune subscription
  • Azure Active DirectoryAzure Active Directory
  • Lookout Mobile Endpoint Security 企業訂閱Lookout Mobile Endpoint Security enterprise subscription

如需詳細資訊,請參閱 Lookout Mobile Endpoint SecurityFor more information, see Lookout Mobile Endpoint Security

範例案例Sample scenarios

以下是搭配 Intune 使用 Lookout Mobile Threat Defense 時的常見案例。Here are the common scenarios when using Lookout Mobile Threat Defense with Intune.

根據惡意應用程式的威脅來控制存取權Control access based on threats from malicious apps

在裝置上偵測到惡意應用程式 (例如惡意程式碼) 時,您可以在解決威脅之後封鎖裝置執行下列作業︰When malicious apps such as malware are detected on devices, you can block devices from the following until the threat is resolved:

  • 連線到公司電子郵件Connecting to corporate e-mail
  • 使用 OneDrive for Work 應用程式來同步處理公司檔案Syncing corporate files with the OneDrive for Work app
  • 存取公司應用程式Accessing company apps

於偵測到惡意應用程式時進行封鎖:Block when malicious apps are detected:

此圖表顯示,當裝置因為其中的惡意應用程式導致判定為不符合規範時,條件式存取原則會封鎖存取

補救後授與存取:Access granted on remediation:

圖中顯示條件式存取原則在補救後判斷裝置為相容時授與存取權

根據網路威脅來控制存取權Control access based on threat to network

偵測到攔截式攻擊等網路威脅,並根據裝置風險保護 Wi-Fi 網路的存取。Detect threats to your network such as man-in-the-middle attacks and protect access to WiFi networks based on the device risk.

封鎖透過 Wi-Fi 的網路存取:Block network access through WiFi:

此圖表顯示,條件式存取依據網路威脅來封鎖 WiFi 的存取

修復後允許存取:Access granted on remediation:

圖中顯示條件式存取在補救威脅之後允許存取

根據網路威脅來控制 SharePoint Online 的存取權Control access to SharePoint Online based on threat to network

偵測到攔截式攻擊等網路威脅,並根據裝置風險防止同步處理公司檔案。Detect threats to your network such as Man-in-the-middle attacks, and prevent synchronization of corporate files based on the device risk.

偵測到網路威脅時封鎖 SharePoint Online:Block SharePoint Online when network threats are detected:

圖中顯示條件式存取根據威脅偵測封鎖對 SharePoint Online 的裝置存取

補救後授與存取:Access granted on remediation:

圖中顯示條件式存取在補救網路威脅之後允許存取

後續步驟Next steps

以下是為了實作此解決方案所必須執行的主要步驟:Here are the main steps you must do to implement this solution:

  1. 設定 Lookout 整合Set up your Lookout integration
  2. 在 Intune 中啟用 Lookout Mobile Threat DefenseEnable Lookout Mobile Threat Defense in Intune
  3. 新增並指派 Lookout for Work 應用程式Add and assign the Lookout for Work app
  4. 設定 Lookout 裝置合規性原則Configure Lookout device compliance policy
若要提交意見反應,請前往 Intune Feedback