未加星标

Intune and Lookout: how to integrate?

字体大小 | |
[系统(windows) 所属分类 系统(windows) | 发布者 店小二04 | 时间 2016 | 作者 红领巾 ] 0人收藏点击收藏

Intune and Lookout: how to integrate?
In the last two blogs we looked at the global overview and the architecture of the solution. In this blog I want to go a bit deeper and have a look how to integrate the two services with each other.

Like said, the Lookout service is currently hosted on Amazon Web Services and Microsoft Intune is hosted on Microsoft Intune.

First of all the feature needs to be available in your Microsoft Intune tenant to be able to get the integration between Microsoft Intune and Lookout to work. When you look in the Admin workspace of the Intune Console, you see a node called Third Party Service Integration with Lookout Status like shown below. The integration is available since the September update of Microsoft Intune.


Intune and Lookout: how to integrate?

Integration has been added during the September update

Setting up Groups

But first let’s prepare the enablement of the integration creating three Azure AD security groups, those groups can be created in your local Active Directory or directly in Azure AD. The following groups need to be created;

Group name Purpose Mandatory Lookout Administrators All Administrators for the Lookout Service Yes Lookout Restricted Administrators Restricted Admin access to the Lookout service No Lookout Users All users that need Lookout for Work (enrollment group) Yes

When using Lookout Administrators and Lookout Restricted Administrators, you need to supply the object ID of the Azure AD group to the support desk of Lookout. This can be done as follows.

Go to the new Azure Portal (https://portal.azure.com) and click Azure Active Directory . Click in the Quick Tasks Find Group and look for the Lookout groups you created. To get the Object ID, click the groups one by one and look for the Object ID in the Overview > Essentials section like shown below.


Intune and Lookout: how to integrate?

Get the object id

After the configuration of the groups is done by Lookout, you need to add your Tenant Global Admin in the Lookout Administrators to be able to configure the connection between Lookout MTP and Microsoft Intune.

Activating integration

The next step is to accept consent for allowing Lookout MTP to get access to Microsoft Intune, Lookout MTP needs to have access to the following;

Send device threat information to Microsoft Intune Read directory data (Azure AD) Access your organization’s directory

Login with the Azure AD Global Admin to https://aad.lookout.com/les?action=consent and accept the consent like shown below.


Intune and Lookout: how to integrate?

Accept the consent

After the consent has been accepted the connector can be setup in the console of Lookout MTP. So login to the Lookout MTP console via http://aad.lookout.com and browse to System > Connectors. Click Add Connector and choose Intune as shown below.


Intune and Lookout: how to integrate?

After selecting Intune the connector needs to be created. This can be done by clicking on Create Connector like shown in the figure below.


Intune and Lookout: how to integrate?

The discovery of users and their devices is done based on enrollment groups. This can be one or more Azure AD group, in this example we only use one group (Lookout Users). After the connector has been created click Enrollment Management and supply the display name of the Azure AD group like shown below in the figure.


Intune and Lookout: how to integrate?

Click Save Changes.

Next we need to enable the connection in the Microsoft Intune console. Browse in the Microsoft Intune console to Admin > Third Party Service Integration > Lookout Status. Enable the Connect with Lookout MTP switch and look at the status to be changing from Provisioned to Active.


Intune and Lookout: how to integrate?

In the next blog we will have a look at the administrative experience, remember to be able to use the integration of Lookout with Intune you need a separate Lookout MTP license.

Stay tuned!

Want to see the integration in action?
Intune and Lookout: how to integrate?

At IT/Dev Connections (10/10 10/13)I will show the same during at our full day Microsoft Enterprise Mobility +Security workshop ; How You Can Digitally Transform Any Organization on Monday ! Be sure to join Kenny Buntinx, Tim De Keukelaere and me in Las Vegas, there are still tickets available !

Other blogs in this series:

本文系统(windows)相关术语:三级网络技术 计算机三级网络技术 网络技术基础 计算机网络技术

分页:12
转载请注明
本文标题:Intune and Lookout: how to integrate?
本站链接:http://www.codesec.net/view/482376.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 系统(windows) | 评论(0) | 阅读(32)