MobileIron Access - Block EAS Basic Auth for Exchange Online

JohnM · November 2, 2017, 7:53pm

Does the current release of Access provide a way to block ActiveSync Basic Auth for Office 365 / Exchange Online?
Example:

Block EAS for native mail client on iOS, Android and Windows Phone
(these scenarios are possible with Intune Conditional Access)

If it is not possible, what would be an alternative to solve that use case? Implement Cert Based Auth maybe? (so only MobileIron enrolled devices get access because of the need for a certificate)

Thanks.
John

adam · November 8, 2017, 9:39pm

You don’t need Access or conditional access to achieve this. Use an ADFS claim rule to limit ActiveSync traffic to the IPs of your standalone Sentry(s).

JohnM · November 9, 2017, 6:53pm

Thanks for the input, forgot about the claim rules!