To address the increasingly complex and risk-prone environment created by the hybrid workplace, Microsoft has created a new mobile network protection feature in Defender for Endpoint that helps organizations identify, assess, and remediate endpoint weaknesses with the help of robust threat intelligence.
Today Microsoft announced that users can now benefit from this new feature on both Android and iOS platforms with Microsoft Defender for Endpoint.
This feature will provide:
- Protection against rogue Wi-Fi-related threats and rogue hardware like pineapple devices
- Notifications when a Wi-Fi-related threat is detected
- An in-app guided experience to connect to secure networks
- Remediation options to change networks when a network is determined as unsecure or suspicious
- A medium priority alert when a suspicious network is detected, and an informational alert when an open network is detected.
How to configure mobile network protection:
This feature provides flexibility for admins on Android by offering the following admin controls:
- Enable and disable the Network Protection feature
- Trust flow for allow-listing certificates on Android
How to test out the mobile network protection:
- Upon successful login, users need to grant pre-existing onboarding permissions storage and allow notification permission to enable for Endpoint to notify them when a threat is found.
- Upon successful onboarding, users will see a new card and a tab labeled “Network Protection”. If Wi-Fi is OFF – In-app messaging will guide users to turn on the Wi-Fi from within the app. Once the Wi-Fi has been enabled, the Wi-Fi networks are scanned for threats and the scan results determine the device state
Note: for more information on the iOS configuration, please reference the documentation.
- Users need to enable location permissions; this enables Defender for Endpoint to scan their networks and alert the users when there are WIFI-related threats. If the location permissions are denied by the user, Defender for Endpoint will only be able to provide limited protection against network threats and will only protect the users from rogue certificates.
- Once the app is installed on the device, users will see a new card and a tab labeled “Network Protection”.
- If Wi-Fi is OFF – In-app messaging will guide users to turn on the Wi-Fi from within the app. Once the Wi-Fi has been enabled, the Wi-Fi networks are scanned for threats and the scan results determine the device state.
Note: for more information on the Android configuration, please reference the documentation.
Microsoft strongly recommends enabling location permissions on Android devices. This setting can help protect against network-related threats.