Can enpoint's local admin be restricted from internet access through AAD integration?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-05-2023 01:35 AM
Hello,
Does anyone know if Netskope can enforce employees to log in AAD account on their managed endpoints to access internet?
If employees don't log in their AD account and use local admin to access internet, can Netskope block their access?
I haven't found any related discussion or KB on this. Appreciate if someone has already tried or know the configurations.
- Labels:
-
AAD
-
Access
-
AD
-
Internet Access
-
Local admin
-
NGSWG
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-08-2023 10:50 AM
@AllenWu,
Fail close would likely handle this use case as the client will fail to enable if a tunnel can't be established. I'd have to test to verify but I believe this would be the case if a local admin logged on and the client can't pull a branding file for them.
Sam Shiflett
Netskope Solution Architect - North America
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2023 11:04 PM
Hi Sam, understand and we are not sure if client can do some personal fw regulation even the tunnel is not established.
Looking forward to your testing results.
