Educause Security Discussion mailing list archives
Re: Enterprise Mobility Management - Intune MDM and MAM
From: "Ladwig, John M" <John.Ladwig () MINNSTATE EDU>
Date: Tue, 1 May 2018 17:27:43 +0000
More re: IPv6 – DA may break if the client is attached to a dual-stack (IPv4 and IPv6) network and your head-end (or the path to it) isn’t. DA client isn’t (or wasn’t, at least) smart enough to tunnel 6 in 4 if it has a 6 network locally. MSFT is ending development on DA, I learned today, though it remains supported. The new recommendation (which may not cover your use cases) is Always On VPN: https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/vpn-map-da From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Nicholas Garigliano Sent: Tuesday, May 01, 2018 12:08 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Enterprise Mobility Management - Intune MDM and MAM Some things to think about with using Direct Access: * It only supports IPv6. If you are not running IPv6 internally then you will have to tunnel the traffic and I believe NAT it. This will cause issues with IDS's, proxy servers, your Network Engineers etc. You will need Engineers (desktop, system, network, firewall) who understand IPv6 in any event. * If you want HA, then you have run MS Network Clustering. Enough said. * You will have a monthly VPN outage (unless you want to assume the above is flawless) to patch. * Linux, Droid, IOS, OSX support? * Encryption is not done with asics, so you will want to monitor performance closely and be prepared to scale. If VPN is not critical to your business and your customers do not depend on it to get their work done, then DA might make sense. The price point is certainly a plus. Nick Garigliano CISSP, GCIH, CCNA Network Security Engineer Enterprise & Network Solutions Nazareth College 585 389-2109 On Tue, May 1, 2018 at 12:45 PM, John Ramsey <jramsey () studentclearinghouse org<mailto:jramsey () studentclearinghouse org>> wrote: We are going through the process now and am happy to share when we’re complete later this summer. We are also integrating Lookout as a mobile threat platform that feeds mobile threat intel back into Microsoft. We’re taking MDM/MAM/MTP all in unison. John Sent from my iPad On May 1, 2018, at 1:21 AM, Tim Lane <tim.lane () GRIFFITH EDU AU<mailto:tim.lane () GRIFFITH EDU AU><mailto:tim.lane () GRIFFITH EDU AU<mailto:tim.lane () GRIFFITH EDU AU>>> wrote: Hi Folks, I am reaching out to see if anyone has developed and can share policies or guidelines associated with enterprise mobility management with Intune MDM and MAM, particularly around self enrollment, device compliance, conditional access and protection policies, from either a management or user perspective? Thanks, Tim Tim Lane| Cyber Security Projects Manager Cyber Security Team Office of Digital Solutions Griffith University | Nathan Campus | QLD 4111 | Building location N12 Room - 1.02J T +61 7 3735 7838 | email tim.lane () griffith edu au<mailto:tim.lane () griffith edu au><mailto:tim.lane () griffith edu au<mailto:tim.lane () griffith edu au>> Cyber Security is Everyone's Responsibility! https://www.griffith.edu.au/cybersecurity [https://docs.google.com/uc?export=download&id=0B711CedYHBWzSVlkMWdkSEw1ckk&revid=0B711CedYHBWzdG5MVFpMamJXazBxVmR3M3ZINUw1TWZZRkd3PQ] PRIVILEGED - PRIVATE AND CONFIDENTIAL This email and any files transmitted with it are intended solely for the use of the addressee(s) and may contain information which is confidential or privileged. If you receive this email and you are not the addressee or responsible for delivery of the email to the addressee(s), please disregard the contents of the email, delete the mail and notify the author immediately. ======================================================= This message has been analyzed by Deep Discovery Email Inspector.
Current thread:
- Enterprise Mobility Management - Intune MDM and MAM Tim Lane (Apr 30)
- Re: Enterprise Mobility Management - Intune MDM and MAM John Ramsey (May 01)
- Re: Enterprise Mobility Management - Intune MDM and MAM Nicholas Garigliano (May 01)
- Re: Enterprise Mobility Management - Intune MDM and MAM Ladwig, John M (May 01)
- Re: Enterprise Mobility Management - Intune MDM and MAM Nicholas Garigliano (May 01)
- Re: Enterprise Mobility Management - Intune MDM and MAM John Ramsey (May 01)