Microsoft Defender for Endpoint Now Detects Network Threats on Android and iOS Devices

Cloud Computing

Microsoft has released a new mobile network protection feature for its Microsoft Defender for Endpoint (MDE) solution. The new capability helps organizations protect Android and iOS devices against security threats originating from wireless connections.

The mobile network protection feature is designed to offer protection against malicious attacks and bogus certificates targeting Wi-Fi networks in enterprise environments. Microsoft Endpoint Manager Admin Center allows IT admins to add the root Certificate Authority (CA) and private root CA certificates.

“As the world continues to make sense of the digital transformation, networks are becoming increasingly complex and provide a unique avenue for nefarious activity if left unattended. To combat this, Microsoft offers a mobile network protection feature in Defender for Endpoint that helps organizations identify, assess, and remediate endpoint weaknesses with the help of robust threat intelligence,” the company explained.

Additionally, this release brings a guided experience to help users connect to secure networks. The feature also notifies users if a Wi-Fi-related threat is detected on their mobile devices.

Microsoft Defender for Endpoint Can Now Detect Network Threats on Android and iOS Devices

The network protection requires Android users to grant location permissions so that Microsoft Defender for Endpoint can scan and alert users about Wi-Fi-related threats. Moreover, MDE also needs onboarding permissions for storage and notifications on iOS devices.

Microsoft recommends Android users to turn on location permissions to detect and mitigate network-related threats. However, Microsoft Defender for Endpoint will only protect users against bogus certificates if the user does not grant these permissions.

How to configure mobile network protection in Microsoft Defender for Endpoint

It is important to note that the mobile network protection feature is enabled by default in Microsoft Defender for Endpoint. Microsoft has provided some instructions to help IT Pros configure this setting on Android and iOS devices in the Microsoft Endpoint Manager Admin center. There is also the ability to enable privacy controls in order to manage data sent by MDE from mobile devices.

In case you missed it, Microsoft Defender for Endpoint has released a new update that lets organizations prevent attackers from targetting unmanaged Windows devices in their networks. Back in February, Microsoft also introduced a zero-touch onboarding feature that enables IT Pros to quietly deploy the Microsoft Defender for Endpoint app on enrolled iOS devices.