How to setup Defender for Cloud Apps Session Control
Вставка
- Опубліковано 6 сер 2024
- Welcome to Doug Does Tech! In this video, Doug takes you step-by-step through setting up session control policies and conditional access in Microsoft Defender for Cloud Apps. If you're looking to enhance security and control access to your organization's cloud applications, this guide is for you.
We'll start with a demo of session control, showing you how users on unmanaged devices can access Web Based resources and encounter conditional access policies that prevent the download of data.
Then, Doug guides you through setting up Defender for Cloud Apps sessions, configuring conditional access policies, and onboarding Microsoft 365 apps.
Finally, we'll delve into creating custom session control policies tailored to your organization's specific needs.
Don't forget to like, share, and subscribe for more tech tutorials and cybersecurity tips from Doug Does Tech!
00:00 Introduction
00:21 Demo of Session Control
02:43 Setting up Defender Cloud Apps Session
04:10 Setup Conditional Access Session controls
05:59 Onboard M365 Session Control
09:34 Custom Session Control Policy
14:06 Onboard Custom App - Наука та технологія
Good Stuff! Keep doing all the MS Security stuff.
Thanks a bunch for this Video, Really you explain very well
Thank you for this video, it was really helpful. I was struggling to find an end-to-end guide in a single video/article. Appreciate this 🙂
Thank you very much for these videos, it has been really helpful. You are one of the best instructor I watch. Thanks again.
Hey so glad it was helpful! and thank you for the compliment!
Good to see you're back to making videos.
Me fue de mucha utilidad, gracias! Nuevo suscriptor
I haven't been able to get Device Exclusions to work in the CA policy. When trying to exclude Compliant devices, specifically, the Conditional Access App Control policy is applied regardless. As a result, I'm getting stumped trying to allow downloads from Exchange Online on compliant devices. We're not hybrid and it's looking the only solution is going to be with certificates. Have you seen this issue?
If you are using chome make sure you have the Microsoft sso extension installed. Also make sure you are signed into the machine as an entra if user.(not a local machine user) if none of those work check the dsregcmd status.
Hi,
What is the value of adding the admin user in onboarding page ?
I don’t have one configured and I was able to onboarding the app
Many times you don’t need it. But if something doesn’t go right or work you have some of the diagnostic tools you need to fix the app. learn.microsoft.com/en-us/defender-cloud-apps/proxy-deployment-any-app
@@DougDoesTech Thank you for your clarification. One more point please
We have custom mobile app that using azure ad for authentication. We have tried to onboard it to MCAS but it seems it didn’t
So, is the MCAS support only web not mobile app
As far as I know session policy’s like blocking download can only be applied to web based sessions. You can use access policy to control access to mobile and desktop apps. But it won’t do the block download type controls.