Skip to content

Commit 13c9430

Browse files
authored
Merge pull request #8501 from Brenduns/update-trend-mtd
Edits per Trend Micro feedback
2 parents a37ff44 + 0a33278 commit 13c9430

5 files changed

Lines changed: 52 additions & 40 deletions

memdocs/intune/fundamentals/whats-new.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -216,7 +216,7 @@ The **All devices** option is now available for [compliance policy](../protect/c
216216
When you include the *All devices* group you can then exclude individual groups of devices to further refine the assignment scope.
217217

218218
#### Trend Micro – New mobile threat defense partner<!-- 11017779 -->
219-
You can now use [Trend Micro Mobile Security](../protect/trend-micro-mobile-threat-defense-connector.md) as an integrated mobile threat defense (MTD) partner with Intune. By configuring the Trend MTD connector in Intune, you can control mobile device access to corporate resources using conditional access that's based on risk assessment.
219+
You can now use [Trend Micro Mobile Security as a Service](../protect/trend-micro-mobile-threat-defense-connector.md) as an integrated mobile threat defense (MTD) partner with Intune. By configuring the Trend MTD connector in Intune, you can control mobile device access to corporate resources using conditional access that's based on risk assessment.
220220

221221
For more information, see:
222222
- [Mobile threat defense integration with Intune](../protect/mobile-threat-defense.md)

memdocs/intune/protect/mobile-threat-defense.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -109,6 +109,6 @@ Learn how to protect access to company resource based on device, network, and ap
109109
- [Pradeo](pradeo-mobile-threat-defense-connector.md)
110110
- [Sophos Mobile](sophos-mtd-connector.md)
111111
- [Symantec Endpoint Protection Mobile](skycure-mobile-threat-defense-connector.md)
112-
- [Trend Micro Mobile Security](trend-micro-mobile-threat-defense-connector.md)
112+
- [Trend Micro Mobile Security as a Service](trend-micro-mobile-threat-defense-connector.md)
113113
- [Wandera Mobile Threat Defense](wandera-mtd-connector.md)
114114
- [Zimperium](zimperium-mobile-threat-defense-connector.md)

memdocs/intune/protect/mtd-apps-ios-app-configuration-policy-add-assign.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -157,9 +157,9 @@ Use the same Azure AD account previously configured in the [Symantec Endpoint Pr
157157

158158
Create the iOS app configuration policy as described in the [using iOS app configuration policy](../apps/app-configuration-policies-use-ios.md) article. For more information, see [Sophos Intercept X for Mobile iOS - Available managed settings](https://community.sophos.com/kb/133963) in the Sophos knowledge base.
159159

160-
### Trend Micro Mobile Security app configuration policy
160+
### Trend Micro Mobile Security as a Service app configuration policy
161161

162-
See the instructions for [using Microsoft Intune app configuration policies for iOS](../apps/app-configuration-policies-use-ios.md) to add the Trend Micro Mobile Security app configuration policy.
162+
See the instructions for [using Microsoft Intune app configuration policies for iOS](../apps/app-configuration-policies-use-ios.md) to add the Trend Micro Mobile Security as a Service app configuration policy.
163163

164164
### Wandera app configuration policy
165165

memdocs/intune/protect/trend-micro-mobile-threat-defense-connector.md

Lines changed: 16 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
---
22
# required metadata
33

4-
title: Trend Micro Mobile connector with Intune
4+
title: Trend Micro Mobile Security as a Service connector with Intune
55
titleSuffix: Intune on Azure
66
description: Set up the Trend Micro Mobile Threat Defense connector with Intune.
77
keywords:
@@ -29,11 +29,16 @@ search.appverid: MET150
2929
ms.collection: M365-identity-device-management
3030
---
3131

32-
# Use Trend Micro Mobile Security with Intune
32+
# Use Trend Micro Mobile Security as a Service with Microsoft Intune
3333

34-
Control mobile device access to corporate resources using Conditional Access based on risk assessment conducted by Trend Micro Mobile Security, a mobile threat defense (MTD) solution that integrates with Microsoft Intune. Risk is assessed based on telemetry collected from devices running the Trend Micro Mobile Agent app.
34+
Control mobile device access to corporate resources using Conditional Access based on risk assessment conducted by Trend Micro Mobile Security as a Service, a mobile threat defense (MTD) solution that integrates with Microsoft Intune. Risk is assessed based on telemetry collected from devices protected by the Trend Micro Mobile Security as a Service, including:
3535

36-
You can configure Conditional Access policies based on a Trend Micro risk assessment, enabled through Intune device compliance policies for enrolled devices. You can set up your policies to allow or block noncompliant devices from accessing corporate resources based on detected threats.
36+
- Malicious apps installed
37+
- Malicious network behavior and profiles
38+
- Operating system vulnerabilities
39+
- Device misconfiguration
40+
41+
You can configure Conditional Access policies based on Trend Micro Mobile Security as a Service’s risk assessment, enabled through Intune device compliance policies for enrolled devices. You can set up your policies to allow or block noncompliant devices from accessing corporate resources based on detected threats.
3742

3843
For more information about how to integrate Trend Micro with Microsoft Intune, see [Integration with Microsoft Endpoint Manager (Intune)](http://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003/integration-with-int.aspx) in the [Trend Micro Mobile Security documentation](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security.aspx).
3944

@@ -53,11 +58,11 @@ For more information about how to integrate Trend Micro with Microsoft Intune, s
5358

5459
## How do Intune and the Trend Micro MTD connector help protect your company resources?
5560

56-
The Trend Micro Mobile Agent app for Android and iOS/iPadOS captures file system, network stack, device, and application telemetry where available, then sends the telemetry data to the *Mobile Security* cloud service to assess the device's risk for mobile threats.
61+
The Trend Micro Mobile Security as a Service mobile agent app for Android and iOS/iPadOS captures file system, network stack, device, and application telemetry where available, then sends the telemetry data to Trend Micro Mobile Security as a Service to assess the device's risk for mobile threats.
5762

58-
- **Support for enrolled devices** - Intune device compliance policy includes a rule for MTD, which can use risk assessment information from Trend Micro. When the MTD rule is enabled, Intune evaluates device compliance with the policy that you enabled. If the device is found noncompliant, users are blocked access to corporate resources, such as Exchange Online and SharePoint Online. Users also receive guidance from the Trend Micro Mobile Agent app installed on their devices to resolve the issue and regain access to corporate resources. To support using Trend Micro with enrolled devices:
63+
- **Support for enrolled devices** - Intune device compliance policy includes a rule for MTD, which can use risk assessment information from Trend Micro. When the MTD rule is enabled, Intune evaluates device compliance with the policy that you enabled. If the device is found noncompliant, users are blocked access to corporate resources, such as Exchange Online and SharePoint Online. Users also receive guidance from the Trend Micro Mobile Security as a Service mobile agent app installed on their devices to resolve the issue and regain access to corporate resources. To support using Trend Micro with enrolled devices:
5964

60-
- [Add MTD apps to devices](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
65+
- [Add MTD apps to devices](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md) (This is done automatically when setting up Trend Micro Mobile Security as a Service integration)
6166
- [Create a device compliance policy that supports MTD](../protect/mtd-device-compliance-policy-create.md)
6267
- [Enable the MTD connector in Intune](../protect/mtd-connector-enable.md)
6368

@@ -107,7 +112,7 @@ Detect threats like **Man-in-the-middle** in network and prevent synchronization
107112

108113
## Next steps
109114

110-
- [Integrate Trend Micro with Intune](../protect/trend-micro-mtd-connector-integration.md)
111-
- [Set up Trend Micro Mobile Agent app](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
112-
- [Create Trend Micro device compliance policy](../protect/mtd-device-compliance-policy-create.md)
113-
- [Enable Trend Micro Mobile Security MTD connector](../protect/mtd-connector-enable.md)
115+
- [Integrate Trend Micro Mobile Security as a Service with Intune](../protect/trend-micro-mtd-connector-integration.md)
116+
- [Set up Trend Micro Mobile Security as a Service mobile agent app](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
117+
- [Create Trend Micro Mobile Security as a Service device compliance policy](../protect/mtd-device-compliance-policy-create.md)
118+
- [Enable Trend Micro Mobile Security as a Service MTD connector](../protect/mtd-connector-enable.md)

memdocs/intune/protect/trend-micro-mtd-connector-integration.md

Lines changed: 32 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33

44
title: Set up Trend Micro MTD integration with Intune
55
titleSuffix: Intune on Azure
6-
description: "Trend Micro Mobile Security connector integration with Intune"
6+
description: "Trend Micro Mobile Security as Service connector integration with Intune"
77
keywords:
88
author: brenduns
99
ms.author: brenduns
@@ -29,15 +29,15 @@ search.appverid: MET150
2929
ms.collection: M365-identity-device-management
3030
---
3131

32-
# Connect Trend Micro Mobile Security with Microsoft Intune
32+
# Connect Trend Micro Mobile Security as a Service with Microsoft Intune
3333

34-
Connect the Trend Micro MTD connector to monitor and mitigate device risk levels on Intune-managed devices. Trend Micro Mobile Security works by reporting device risk levels to Microsoft Intune. Intune then uses that information to enforce the appropriate app configuration and risk assessment policies. For more information about Trend Micro Mobile Security, see [Getting Started with Mobile Security](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003.aspx) in the Trend Micro documentation.
34+
Connect Trend Micro Mobile Security as a Service to monitor and mitigate device risk levels on Intune-managed devices. Trend Micro Mobile Security as a Service works by reporting device risk levels to Microsoft Intune. Intune then uses that information to enforce the appropriate app configuration and risk assessment policies. For more information about Trend Micro Mobile Security as a Service, see [Getting Started with Mobile Security](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003.aspx) in the Trend Micro documentation.
3535

36-
This article describes the requirements and steps to connect the MTD connector in your tenant.
36+
This article describes the requirements and steps to connect Trend Micro Mobile Security as a Service in your tenant.
3737

3838
## Before you begin
3939

40-
The following subscriptions and accounts are required to integrate Trend Micro Mobile Security with Microsoft Intune.
40+
The following subscriptions and accounts are required to integrate Trend Micro Mobile Security as a Service with Microsoft Intune.
4141

4242
- Microsoft Intune subscription
4343
- Azure Active Directory (Azure AD) account with Global Administrator rights to grant the following permissions:
@@ -47,39 +47,46 @@ The following subscriptions and accounts are required to integrate Trend Micro M
4747
- Send device information to Intune
4848
- Admin sign-in credentials to access the Trend Micro Vision One management console
4949

50-
### App authorization
50+
### Trend Micro Mobile Security as a Service App authorization
5151

52-
The following authorization process happens when you connect the Trend Micro Mobile Security MTD connector:
52+
The following authorization process happens when you configure the integration with Trend Micro Mobile Security as a Service:
5353

54-
- Allow Trend Micro Mobile Security to communicate information related to device health state back to Intune. To grant these permissions, you must use Global Administrator credentials. Granting permissions is a one-time operation. After the permissions are granted, the Global Administrator credentials aren't needed for day-to-day operation.
55-
- Allow Trend Micro Mobile Security to sync Azure AD enrollment group membership to populate its device's database.
54+
- Allow Trend Micro Mobile Security as a Service to communicate information related to device health state back to Intune. To grant these permissions, you must use Global Administrator credentials. Granting permissions is a one-time operation. After the permissions are granted, the Global Administrator credentials aren't needed for day-to-day operation.
55+
- Allow Trend Micro Mobile Security as a Service to sync Azure AD enrollment group membership to populate its device's database.
5656
- Allow Trend Micro Vision One management console to use Azure AD Single Sign On (SSO).
57-
- Allow Trend Micro Mobile Agent app to sign in using Azure AD SSO.
57+
- Allow Trend Micro Mobile as a Service agent app to sign in using Azure AD SSO.
58+
- Allow Trend Micro Mobile Security as a Service to get installed app information to perform malware scanning.
59+
- Allow Trend Micro Mobile Security as a Service to add its mobile apps in Intune for deployment.
60+
- Allow Trend Micro Mobile Security as a Service to create device configuration profiles.
61+
- Allow Trend Micro Mobile Security as a Service to perform remote actions when necessary.
5862

5963
For more information about consent and Azure AD applications, see [Request the permissions from a directory admin](/azure/active-directory/develop/v2-permissions-and-consent#request-the-permissions-from-a-directory-admin).
6064

61-
## Set up Trend Micro MTD connector
65+
## Configuration Overview
66+
67+
The configuration of Trend Micro Mobile Security as a Service and Intune integration can be done on [Trend Micro Vision One console](https://portal.xdr.trendmicro.com/) with the following steps:
68+
69+
1. **Configure Intune integration settings.** - Grant permissions required by Trend Micro Mobile Security as a Service, select the platforms of your mobile devices, and choose data synchronization frequency. Device configuration profiles and app configuration policies are created automatically in Intune.
70+
71+
2. **Select groups to install Trend Micro Mobile Security as a Service mobile app.** - Trend Micro Mobile Security as a Service mobile app installs automatically on devices in the selected groups.
72+
73+
3. **(Optional) Create mobile policies.** - Optionally create customized mobile security policies provided by Trend Micro Mobile Security as a Service. For more information, see [Configuring Mobile Policies](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/configuringmobilepolicy).
74+
75+
4. **Confirm mobile app status update.**
76+
77+
## Set up Mobile Security as a Service integration
6278

6379
1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) with an Intune administrator account.
6480
2. Go to **All services** > **Tenant administration**.
6581
3. Select **Connectors and tokens**.
6682
4. Under **Cross platform**, select **Mobile Threat Defense**.
6783
5. Select **Add**.
6884
6. For **Select the Mobile Threat Defense connector to setup**, choose **Trend Micro**.
69-
7. Select Open the Trend Micro admin console. Keep the Microsoft Endpoint Manager tab open for later.
70-
8. Sign in with your Azure AD account, and then follow the instructions in [Setting up Intune Integration](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003/integration-with-int/setting-up-intune-in.aspx) (opens Trend Micro Mobile Security documentation) to complete setup.
71-
9. After you finish setup in the Trend Micro Vision One console, return to your tab in the Microsoft Endpoint Manager admin center.
72-
10. Under **Compliance policy evaluation**, turn on the following settings:
73-
74-
- **Connect Android devices version 7.0 and above to Trend Micro**
75-
- **Connect iOS/iPadOS devices version 11.0 and above to Trend Micro**
76-
77-
These settings allow Trend Micro Mobile Security to evaluate the devices in your organization.
78-
79-
Configure additional settings to meet your organization’s requirements.
80-
81-
11. Select **Create** to save your connector configurations.
85+
7. Select **Open the** [**Trend Micro Vision One console**](https://portal.xdr.trendmicro.com/). Keep the Microsoft Endpoint Manager tab open for later.
86+
8. Sign in with your Trend Micro Vision One administration account, and then follow the instructions in [Setting up Intune Integration](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003/integration-with-int/setting-up-intune-in.aspx) (opens Trend Micro Mobile Security documentation) to complete setup.
87+
9. After you finish setup in the Trend Micro Vision One console, Trend Micro Mobile Security as a Service is now available in Intune.
8288

8389
## Next steps
8490

85-
- [Set up Trend Micro Mobile Agent app for enrolled devices](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
91+
- [Customize Mobile Policies in Trend Micro Mobile Security as a Service](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/mobile-policy.aspx)
92+
- [Create Mobile Threat Defense (MTD) device compliance policy with Intune](../protect/mtd-device-compliance-policy-create.md)

0 commit comments

Comments
 (0)