The last part of the blog series is showing you how Lookout Mobile Threat Protection is used in a hybrid environment, so when Intune is connected with Configuration Manager. The devices are managed from Configuration Manager using Intune as the middle tier.
Support for Lookout Mobile Threat Protection has been added to Configuration Manager 1610, so be sure that you update to this version if you want to use the integration with Configuration Manager.
In the new version 1702 some nice dashboards and threat information has been added to the Configuration Manager console.
Configuring the Lookout Integration is done partly in Configuration Manager and partly in Microsoft Intune. If you follow the next steps you should be able to protect your iOS and Android devices in a Hybrid scenario :).
Follow the guidelines fromblog number 3.
- Setting up the groups
- Activating integration
After the Lookout and Intune side is configured, conditional access in Intune is in place and the application Lookout for Work has been deployed and configured like described inblog 4 (Admin experience,blog 5 (end user experience) andblog 6 (iOS experience).
In addition to the earlier blogs we need to create an Application Configuration Policy in Configuration Manager when deploying the iOS version of Lookout for Work. The App Configuration Policy can be created in Application Management > App Configuring Policies node in the Software Library Workspace.
Configure the Mobile App Configuration to support iOS
After creating the policy we can deploy the Lookout for Work App as Required to our users that need to have Lookout for Work. When deploying the iOS version we need to use the App configuration policy.
Associate the App Configuration Policy while deploying the application
For Android we can just deploy the version which is available in the Google Play store.
Next we need to create a compliance policy in the Compliance Settings -> Compliance Policies node of the Assets and Compliance workspace and deploy it to the users that need to comply to the policy.
Configure the Compliance Policy
So when a you are all set to go and protect our devices via Configuration Manager.
Configuration Manager 1702 offers some nice features which allows you to see if your devices are protected and are secure. In version 1702 threat information at the device level and a nice dashboard are added to the Configuration Manager console.
At the device level you are able to see what threat is active and what level the threat is. This is currently not possible with the Intune standalone integration.
Threat information at device level
Get an overview about the device threat protection status of all of your devices.
Nice dashboard with the
This concludes my series about Lookout MTP and the integration with Intune and Configuration Manager.
Looking back at the series of blogs and using Lookout together with Intune learns me that Mobile Threat Protection is a must when managing and supporting bring your own devices or choose your own devices. Lookout helps you to secure your iOS and Android devices, today we learned again how a Mobile Threat Protection solution is able to help you protect your devices and its data.
We discovered scammers manipulating Mobile Safari pop ups in a scareware campaign. New iOS update fixes the issue: https://t.co/ym3kxT8Oy8
— Lookout (@Lookout) March 27, 2017