checkpoint-sandblast-mobile-mobile-threat-defense-connector.md

title	titleSuffix	description	keywords	author	ms.author	manager	ms.date	ms.topic	ms.service	ms.localizationpriority	ms.technology	ms.assetid	ms.reviewer	ms.suite	search.appverid	ms.custom	ms.collection
Set up Check Point SandBlast MTD	Microsoft Intune	Learn about integrating Intune with Check Point SandBlast Mobile Threat Defense to control mobile device access to your corporate resources.		brenduns	brenduns	dougeby	07/03/2017	conceptual	microsoft-intune	high		706a4228-9bdf-41e0-b8d1-64c923dd2d2b	heenamac	ems	MET150	intune-azure; seodec18	M365-identity-device-management

Check Point SandBlast Mobile Threat Defense connector with Intune

You can control mobile device access to corporate resources using Conditional Access based on risk assessment conducted by Check Point SandBlast Mobile, a mobile threat defense solution that integrates with Microsoft Intune. Risk is assessed based on telemetry collected from devices running the Check Point SandBlast Mobile app.

You can configure Conditional Access policies based on Check Point SandBlast Mobile risk assessment enabled through Intune device compliance policies, which you can use to allow or block noncompliant devices to access corporate resources based on detected threats.

How do Intune and Check Point SandBlast Mobile help protect your company resources?

Check Point Sandblast Mobile app for Android and iOS captures file system, network stack, device and application telemetry where available, then sends the telemetry data to the Check Point SandBlast cloud service to assess the device's risk for mobile threats.

The Intune device compliance policy includes a rule for Check Point SandBlast Mobile Threat Defense, which is based on the Check Point SandBlast risk assessment. When this rule is enabled, Intune evaluates device compliance with the policy that you enabled. If the device is found noncompliant, users are blocked access to corporate resources like Exchange Online and SharePoint Online. Users also receive guidance from the Check Point SandBlast mobile app installed in their devices to resolve the issue and regain access to corporate resources.

Here are some common scenarios:

Control access based on threats from malicious apps

When malicious apps such as malware are detected on devices, you can block devices until the threat is resolved:

• Connecting to corporate e-mail

• Syncing corporate files with the OneDrive for Work app

• Accessing company apps

Block when malicious apps are detected:

Access granted on remediation:

Control access based on threat to network

Detect threats like Man-in-the-middle in network, and protect access to Wi-Fi networks based on the device risk.

Block network access through Wi-Fi:

Access granted on remediation:

Control access to SharePoint Online based on threat to network

Detect threats like Man-in-the-middle in network, and prevent synchronization of corporate files based on the device risk.

Block SharePoint Online when network threats are detected:

Access granted on remediation:

Supported platforms

• Android 4.1 and later

• iOS 8 and later

Pre-requisites

• Azure Active Directory Premium

• Microsoft Intune subscription

• Check Point SandBlast Mobile Threat Defense subscription

  • See CheckPoint SandBlast website for more information.

Next steps

• Integrate CheckPoint SandBlast with Intune

• Set up CheckPoint SandBlast Mobile app

• Create CheckPoint SandBlast Mobile device compliance policy

• Enable CheckPoint SandBlast Mobile MTD connector