Microsoft Defender for Endpoint on iOS offers protection against phishing and unsafe network connections from websites, emails, and apps. All alerts will be available through a single pane of glass in the Microsoft Defender Security Center. The portal gives security teams a centralized view of threats on iOS devices along with other platforms.
Caution
Running other third-party endpoint protection products alongside Defender for Endpoint on iOS is likely to cause performance problems and unpredictable system errors.
Pre-requisites
For End Users
- Microsoft Defender for Endpoint license assigned to the end user(s) of the app. See Microsoft Defender for Endpoint licensing requirements.
- For enrolled devices:
- Device(s) are enrolled via the Intune Company Portal app to enforce Intune device compliance policies. This requires the end user to be assigned a Microsoft Intune license.
- Intune Company Portal app can be downloaded from the Apple App Store.
Note
Apple does not allow redirecting users to download other apps from the app store so this step needs to be done by the user before onboarding to Microsoft Defender for Endpoint app.)
- Device(s) are wp-signup.phped with Azure Active Directory. This requires the end user to be signed in through Microsoft Authenticator app.
- For unenrolled devices: Device(s) are wp-signup.phped with Azure Active Directory. This requires the end user to be signed in through Microsoft Authenticator app.
- For more information on how to assign licenses, see Assign licenses to users.
For Administrators
- Access to the Microsoft Defender Security Center portal.
- Access to Microsoft Endpoint Manager admin center, to:
- Deploy the app to enrolled user groups in your organization.
- Configure Microsoft Defender for Endpoint risk signals in app protection policy (MAM)
Note
- Microsoft Defender for Endpoint now extends protection to an organization’s data within a managed application for those who aren’t using mobile device management (MDM) but are using Intune to manage mobile applications. It also extends this support to customers who use other enterprise mobility management solutions, while still using Intune for mobile application management (MAM).
- In addition, Microsoft Defender for Endpoint already supports devices that are enrolled using Intune mobile device management (MDM).
System Requirements
- iOS device running iOS 12.0 and above. iPads are also supported.
- The device is either enrolled with the Intune Company Portal app or is wp-signup.phped with Azure Active Directory through Microsoft Authenticator with the same account.
Installation instructions
Deployment of Microsoft Defender for Endpoint on iOS can be done via Microsoft Endpoint Manager (MEM) and both supervised and unsupervised devices are supported. End-users can also directly install the app from the Apple app store.
- For information on deploying on enrolled devices through Microsoft Endpoint Manager or Intune, see Deploy Microsoft Defender for Endpoint on iOS.
- For information on using Defender for Endpoint in app protection policy (MAM), see Configure app protection policy to include Defender for Endpoint risk signals (MAM)
Resources
- Stay informed about upcoming releases by visiting What’s new in Microsoft Defender for Endpoint on iOS or our blog.
- Provide feedback through in-app feedback system or through the unified security console