MobileIron Access - Block EAS Basic Auth for Exchange Online


#1

Does the current release of Access provide a way to block ActiveSync Basic Auth for Office 365 / Exchange Online?
Example:

  • Block EAS for native mail client on iOS, Android and Windows Phone
    (these scenarios are possible with Intune Conditional Access)

If it is not possible, what would be an alternative to solve that use case? Implement Cert Based Auth maybe? (so only MobileIron enrolled devices get access because of the need for a certificate)

Thanks.
John


#2

You don’t need Access or conditional access to achieve this. Use an ADFS claim rule to limit ActiveSync traffic to the IPs of your standalone Sentry(s).


#3

Thanks for the input, forgot about the claim rules!