MCAS | Conditional Access App Control | Block download on Untrusted Devices
Рет қаралды 6,899
Күн бұрын
@nadeerbabu872 3 жыл бұрын
Thanks, good content 👍
@soydlm8658 4 жыл бұрын
the session control rules that you explain in the last two videos. Is it applicable for the heavy outlook client or only for web access?
@ConceptsWork 4 жыл бұрын
The session rules are for browser based sessions only.
@soydlm8658 4 жыл бұрын
@@ConceptsWork Thanks, If I need to block the outlook client on unmanaged computers, could it be done with a conditional access rule?
@ehabgalal9181 Жыл бұрын
Hi, We have LOB APP that has redirect url for ios and android and we don’t have web. Does the MCAS can work with it
@SupertecRacing 3 жыл бұрын
Is there a way to block access to the portal on all untrusted devices such as personal machines and only allow on AZ hybrid joined machines?
@ConceptsWork 3 жыл бұрын
Use conditional Access policies.
@ishwariyaiyer5381 3 жыл бұрын
Is it possible to allow edit but block download using MCAS
@ConceptsWork 3 жыл бұрын
Users will be able to edit documents with online applications.
@ishwariyaiyer5381 3 жыл бұрын
Thank you for your reply. Also what’s the difference between block save option and allow edit doc in AIP with custom permissions and block download in MCAS
@ConceptsWork 3 жыл бұрын
When you assign a permission through AIP, its a doc level permission, but when you enable a control in MCAS, like wise block download, any type of information from that particular session will be blocked.
@Obayd 3 жыл бұрын
Hi first of all i like to say this is briallant video and was very helpful. I am having an issue though when I create this block policy from unmanaged devcies for any O365 apps it still allows me to download from Onedrive on edge chromium browser and also I can download from Teams desktop app. This on my personal windows 10 suface laptop. The policy however blocks me downloading from Outlook (OWA) in Edge chromium browser. Also it blocks download from onedrive and outlook (OWA) when using Google chrome from the same surface laptop. i cant understand why it allows me to download files from Onedrive web portal on the new edge browser and also on the teams desktop app. Any help on this is much appreciated. Many Thanks
@ConceptsWork 3 жыл бұрын
Thanks for sharing this observation, to begin with Conditional access app control is only applied to browser based session, it is not applicable for rich client. If you want to block rich client's, create a CA policy to block rich clients on unmanaged devices. For the other issues where the access is provided to just one browser and for every other browser policy is working as expected. I would suggest take a fiddler trace and see, if the traffic is getting routed to MCAS endpoints.
@Obayd 3 жыл бұрын
@@ConceptsWork hi thanks for the reply it is not routing through MCAS when I open OneDrive in edge chromium web browser as it doesn’t show the page where it says you are being monitored. Also on the url I can see the traffic is not directed via MCAS. But when I open Outlook in edge chromium browser on the same device I can see traffic is being routed via mcas as I get the page to say you are being monitored and can see on the url that I have been directed through MCAS. I can try fiddler but I think I know what the answer will be when seeing how the traffic is routing in edge chromium browser when opening OneDrive via the web. Let me know your thoughts and your help is much appreciated.
@Bitukumar19918 4 жыл бұрын
Sir, I need some information regarding the Azure Active Directory. One of my client requirement. They want to implement an NTP server in Azure Active Directory. Is this possible or not?
@ConceptsWork 4 жыл бұрын
Feel free to reach me at learnconceptswork@gmail.com
@amanjha2289 4 жыл бұрын
bro please make video on azure atp pleeese
@maciejdiakow6231 4 жыл бұрын
Great job :) Maybe a video regarding DLP ? :)
@ConceptsWork 4 жыл бұрын
Great suggestion!
@amitmanolkar Жыл бұрын
What about the apps that are not listed in the connected apps? What can be done there and how?
@ConceptsWork Жыл бұрын
Application's authentication must be done with Azure AD. If the application is doesn't have IDP as Azure AD, then conditional access app control will not work.
@amitmanolkar Жыл бұрын
@@ConceptsWork what all can be done with data residing in such application?
@ConceptsWork Жыл бұрын
Where ever you have hosted application.
@ronald0122 4 жыл бұрын
what license do you need for cloud app security
@ConceptsWork 4 жыл бұрын
License - query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2NXYO Getting started with MCAS - kzbin.info/www/bejne/mZ7GpHytgMdgY6M
@ronald0122 4 жыл бұрын
@@ConceptsWork thanks to bad i only have E3 and EMS. great work. love your videos.
@asithahttp 4 жыл бұрын
very familiar voice, may i know the name of the speaker ?
@amitbahuguna3270 2 жыл бұрын
can i get ppt of this video
Concepts Work
Рет қаралды 10 М.
THẾ GIỚI 24H
Рет қаралды 10 МЛН
Microsoft Mechanics
Рет қаралды 11 М.
Intune Training
Рет қаралды 20 М.
Concepts Work
Рет қаралды 8 М.
Pavan Kumar
Рет қаралды 3,5 М.
THẾ GIỚI 24H
Рет қаралды 10 МЛН