Skycure Mobile Threat Defense 連接器Skycure Mobile Threat Defense connector

您可以根據由 Skycure (一個與 Microsoft Intune 整合的 Mobile Threat Defense 解決方案) 所進行的風險評估,使用條件式存取來控制行動裝置對公司資源的存取。You can control mobile device access to corporate resources using conditional access based on risk assessment conducted by Skycure, a mobile threat defense solution that integrates with Microsoft Intune. 風險評估以收集自執行 Skycure 裝置的遙測作為基礎,包括︰Risk is assessed based on telemetry collected from devices running Skycure, including:

  • 實體防禦Physical defense

  • 網路防禦Network defense

  • 應用程式防禦Application defense

  • 弱點防禦Vulnerabilities defense

您可以根據透過 Intune 裝置合規性原則啟用的 Skycure 風險評估,設定條件式存取原則。透過該原則,您可以根據偵測到的威脅來允許或封鎖不符合規範的裝置存取公司資源。You can configure conditional access policies based on Skycure risk assessment enabled through Intune device compliance policies, which you can use to allow or block non-compliant devices to access corporate resources based on detected threats.

Intune 和 Skycure 如何協助保護您的公司資源?How do Intune and Skycure help protect your company resources?

適用於 Android 或 iOS 的 Skycure 行動應用程式可擷取檔案系統、網路堆疊,裝置和應用程式遙測 (如果可用),然後將它傳送至 Skycure 雲端服務,以評估裝置的行動威脅風險。Skycure mobile app for Android or iOS captures file system, network stack, device and application telemetry where available, then sends it to the Skycure cloud service to assess the device's risk for mobile threats.

Intune 裝置合規性原則包含以 Skycure 風險評估為基礎的 Skycure Mobile Threat Defense 規則。The Intune device compliance policy includes a rule for Skycure Mobile Threat Defense, which is based on the Skycure risk assessment. 啟用此規則時,Intune 會評估裝置是否符合您啟用的原則。When this rule is enabled, Intune evaluates device compliance with the policy that you enabled.

如果發現裝置不符合規範,則會封鎖對 Exchange Online 和 SharePoint Online 這類資源的存取。If the device is found non-compliant, access to resources like Exchange Online and SharePoint Online are blocked. 已封鎖裝置上的使用者會從 Skycure 行動應用程式收到指導方針,以解決問題並重新取得公司資源的存取權。Users on blocked devices receive guidance from the Skycure mobile app to resolve the issue and regain access to corporate resources.

Intune 支援兩種與 Skycure 整合的模式:Intune supports two modes of integration with Skycure:

  • 「基本設定」是唯讀模式,允許 Intune 中的裝置看見 Skycure。Basic setup which is a read only mode that allows Skycure visibility for devices in Intune.

  • 「完整整合」可讓 Skycure 向 Intune 報告裝置風險和安全性事件詳細資料。Full integration which allows Skycure to report device risk and security incident details to Intune.

範例案例Sample scenarios

以下是一些常見的案例:Here are some common scenarios:

根據惡意應用程式的威脅來控制存取權Control access based on threats from malicious apps

在裝置上偵測到惡意應用程式 (例如惡意程式碼) 時,您可以封鎖裝置,直到解決威脅為止︰When malicious apps such as malware are detected on devices, you can block devices until the threat is resolved:

  • 連線到公司電子郵件Connecting to corporate e-mail

  • 使用 OneDrive for Work 應用程式來同步處理公司檔案Syncing corporate files with the OneDrive for Work app

  • 存取公司應用程式Accessing company apps

於偵測到惡意應用程式時進行封鎖:Block when malicious apps are detected:

偵測到惡意應用程式

補救後授與存取:Access granted on remediation:

偵測到惡意應用程式後授與存取

根據網路威脅來控制存取權Control access based on threat to network

偵測網路中的「攔截式攻擊」等威脅,並根據裝置風險保護對 Wi-Fi 網路的存取。Detect threats like Man-in-the-middle in network, and protect access to Wi-Fi networks based on the device risk.

封鎖透過 Wi-Fi 的網路存取︰Block network access through Wi-Fi:

封鎖透過 Wi-Fi 的網路存取

補救後授與存取:Access granted on remediation:

補救後授與存取

根據網路威脅來控制 SharePoint Online 的存取權Control access to SharePoint Online based on threat to network

偵測網路中的「攔截式攻擊」等威脅,並根據裝置風險防止對公司檔案進行同步處理。Detect threats like Man-in-the-middle in network, and prevent synchronization of corporate files based on the device risk.

偵測到網路威脅時封鎖 SharePoint Online:Block SharePoint Online when network threats are detected:

偵測到網路威脅時封鎖 SharePoint Online

補救後授與存取:Access granted on remediation:

Sharepoint 的補救後授與存取範例

支援的平台Supported platforms

  • Android 4.1 和更新版本Android 4.1 and later

  • iOS 8 和更新版本iOS 8 and later

必要條件Pre-requisites

  • Azure Active Directory PremiumAzure Active Directory Premium

  • Microsoft Intune 訂閱Microsoft Intune subscription

  • Skycure Mobile Threat Defense 訂閱Skycure Mobile Threat Defense subscription

如需詳細資訊,請參閱 Skycure 網站 (英文)For more information, check Skycure website.

後續步驟Next steps

以下是整合 Intune 與 Skycure 所需完成的步驟:Here are the steps you need to complete to integrate Intune with Skycure: