| title | titleSuffix | description | keywords | author | ms.author | manager | ms.date | ms.topic | ms.service | ms.localizationpriority | ms.technology | ms.assetid | ms.reviewer | ms.suite | search.appverid | ms.custom | ms.collection |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Lookout MTD connector with Microsoft Intune |
Microsoft Intune |
Learn about integrating Intune with Lookout Mobile Threat Defense (MTD) to control mobile device access to your corporate resources. |
brenduns |
brenduns |
dougeby |
06/11/2019 |
conceptual |
microsoft-intune |
high |
3a730a5d-2a90-42b0-aa28-aadfc7a18788 |
davera |
ems |
MET150 |
intune-azure |
M365-identity-device-management |
You can control mobile device access to corporate resources based on risk assessment conducted by Lookout, a Mobile Threat Defense solution integrated with Microsoft Intune. Risk is assessed based on telemetry collected from devices by the Lookout service including:
- Operating system vulnerabilities
- Malicious apps installed
- Malicious network profiles
You can configure Conditional Access policies based on Lookout's risk assessment enabled through Intune compliance policies. Settings let you allow or block noncompliant devices based on detected threats.
Lookout’s mobile app, Lookout for work, is installed and run on mobile devices. This app captures file system, network stack, and device and application telemetry where available, then sends it to the Lookout cloud service to assess the device's risk for mobile threats. You can change risk level classifications for threats in the Lookout console to suit your requirements.
The compliance policy in Intune includes a rule for Lookout Mobile Threat Defense based on Lookout risk assessment. When this rule is enabled, Intune evaluates device compliance with the policy that you enabled.
If the device is found noncompliant, access to resources like Exchange Online and SharePoint Online can be blocked. Users on blocked devices receive steps to resolve the issue and regain access. Guidance is launched from the Lookout for work app.
The following platforms are supported for Lookout when enrolled in Intune:
- Android 4.1 and later
- iOS 8 and later
For additional information about platform and language support, visit the Lookout website.
- Lookout Mobile Endpoint Security enterprise subscription
- Microsoft Intune subscription
- Azure Active Directory Premium
- Enterprise Mobility and Security (EMS) E3 or E5, with licenses assigned to users.
For more information, see Lookout Mobile Endpoint Security
Here are the common scenarios when using Mobile Endpoint Security with Intune.
When malicious apps such as malware are detected on devices, you can block devices from the following until the threat is resolved:
- Connecting to corporate e-mail
- Syncing corporate files with the OneDrive for Work app
- Accessing company apps
Block when malicious apps are detected:
Access granted on remediation:
Detect threats to your network such as man-in-the-middle attacks and protect access to WiFi networks based on the device risk.
Block network access through WiFi:
Access granted on remediation:
Detect threats to your network such as Man-in-the-middle attacks, and prevent synchronization of corporate files based on the device risk.
Block SharePoint Online when network threats are detected:
Access granted on remediation:
Here are the main steps you must do to implement this solution: