MCAS | Conditional Access App Control | Block download on Untrusted Devices
Вставка
- Опубліковано 31 жов 2020
- #Microsoft #CASB #Microsoft_Cloud_App_Security #ConditionalAccessAppControl
What is CASB?
What is Microsoft Cloud app Security?
Conditional Access App Control
Session Control Policy - Block download on Untrusted Devices
What is Microsoft Cloud app Security? • What is Microsoft Clou...
Getting Started with Microsoft Cloud App Security? • Getting Started with M...
Microsoft Cloud app security | Shadow IT Discovery • Microsoft Cloud App Se...
Microsoft Cloud app Security | All the setting covered in less that 30 minutes • Microsoft Cloud App Se...
Microsoft Cloud app Security | Conditional Access App Control • Microsoft Cloud App Se...
MCAS | Conditional Access App Control | Session Policy - Block Cut/Copy/Paste • MCAS | Conditional Acc...
MCAS | Conditional Access App Control | Block download on Untrusted Devices • MCAS | Conditional Acc...
MCAS | Block download based on Real Time Content Inspection • MCAS | Block download ...
Microsoft Article - docs.microsoft.com/en-us/clou...
docs.microsoft.com/en-us/clou...
Regards,
ConceptsWork - Наука та технологія
Thanks, good content 👍
Hi,
We have LOB APP that has redirect url for ios and android and we don’t have web. Does the MCAS can work with it
the session control rules that you explain in the last two videos. Is it applicable for the heavy outlook client or only for web access?
The session rules are for browser based sessions only.
@@ConceptsWork Thanks, If I need to block the outlook client on unmanaged computers, could it be done with a conditional access rule?
Great job :) Maybe a video regarding DLP ? :)
Great suggestion!
Is there a way to block access to the portal on all untrusted devices such as personal machines and only allow on AZ hybrid joined machines?
Use conditional Access policies.
Sir, I need some information regarding the Azure Active Directory.
One of my client requirement. They want to implement an NTP server in Azure Active Directory. Is this possible or not?
Feel free to reach me at learnconceptswork@gmail.com
bro please make video on azure atp pleeese
Hi first of all i like to say this is briallant video and was very helpful. I am having an issue though when I create this block policy from unmanaged devcies for any O365 apps it still allows me to download from Onedrive on edge chromium browser and also I can download from Teams desktop app. This on my personal windows 10 suface laptop.
The policy however blocks me downloading from Outlook (OWA) in Edge chromium browser. Also it blocks download from onedrive and outlook (OWA) when using Google chrome from the same surface laptop.
i cant understand why it allows me to download files from Onedrive web portal on the new edge browser and also on the teams desktop app. Any help on this is much appreciated.
Many Thanks
Thanks for sharing this observation, to begin with Conditional access app control is only applied to browser based session, it is not applicable for rich client. If you want to block rich client's, create a CA policy to block rich clients on unmanaged devices.
For the other issues where the access is provided to just one browser and for every other browser policy is working as expected.
I would suggest take a fiddler trace and see, if the traffic is getting routed to MCAS endpoints.
@@ConceptsWork hi thanks for the reply it is not routing through MCAS when I open OneDrive in edge chromium web browser as it doesn’t show the page where it says you are being monitored. Also on the url I can see the traffic is not directed via MCAS. But when I open Outlook in edge chromium browser on the same device I can see traffic is being routed via mcas as I get the page to say you are being monitored and can see on the url that I have been directed through MCAS.
I can try fiddler but I think I know what the answer will be when seeing how the traffic is routing in edge chromium browser when opening OneDrive via the web.
Let me know your thoughts and your help is much appreciated.
very familiar voice, may i know the name of the speaker ?
can i get ppt of this video
Is it possible to allow edit but block download using MCAS
Users will be able to edit documents with online applications.
Thank you for your reply. Also what’s the difference between block save option and allow edit doc in AIP with custom permissions and block download in MCAS
When you assign a permission through AIP, its a doc level permission, but when you enable a control in MCAS, like wise block download, any type of information from that particular session will be blocked.
what license do you need for cloud app security
License - query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2NXYO
Getting started with MCAS - ua-cam.com/video/cmcsIwKb--A/v-deo.html
@@ConceptsWork thanks to bad i only have E3 and EMS. great work. love your videos.
What about the apps that are not listed in the connected apps? What can be done there and how?
Application's authentication must be done with Azure AD. If the application is doesn't have IDP as Azure AD, then conditional access app control will not work.
@@ConceptsWork what all can be done with data residing in such application?
Where ever you have hosted application.