Check Health of Client before Connecting to Windows 365

Check Health of Client before Connecting to Windows 365
1

Upvotes

Upvote

 Aug 13 2021
3 Comments (3 New)
Needs more info

Sometimes user might attempt to connect to Windows 365 from an unsafe client and this pose a risk of leak of credential and data, there is a need for a policy to check health of client and check the following:

  • Firewall is on
  • Anti-Malware is on
  • Anti-Malware is update
  • Windows is update

If above conditions are true, then permit connection, otherwise, prevent connection and start a task to solve these issues and once it has been solved, then permit connection. Administrator could enable this policy for Windows 365 which are sensitive to ensure users are connecting from a safe device. This policy is only applicable for Windows and it won't permit user to connect from unsupported device (e.g. MacOS or Linux) for the first phase of this project (may be take into consideration in the future).

Comments
Microsoft

Hey @Reza_Ameri
You should be able to enforce this using Conditional Access (in Windows 365 Business, if you have AAD P1 License) or using a combination of Conditional Access and Device Compliance policy (in MEM) in Windows 365 Enterprise. Have you tried either path? 
Let us know if you have any issues there! 

Status changed to: Needs more info
 
Valued Contributor

Hi @ankurbiswas95 thank you for the clarification.

I am familiar with the Conditional Access but I am not sure whether it is possible to specifically ask it to check the device health for the following:

 

  • Firewall is on
  • Anti-Malware is on
  • Anti-Malware is update
  • Windows is update

I am aware we are able to check Device compliance but not sure about above policies. If such rules exist, would you mind share me the location of policies. If not , it sounds like a good feedback for Azure team.

Similar Ideas
No similar ideas
www.000webhost.com