Can enpoint's local admin be restricted from internet access through AAD integration?
Does anyone know if Netskope can enforce employees to log in AAD account on their managed endpoints to access internet?
If employees don't log in their AD account and use local admin to access internet, can Netskope block their access?
I haven't found any related discussion or KB on this. Appreciate if someone has already tried or know the configurations.
Fail close would likely handle this use case as the client will fail to enable if a tunnel can't be established. I'd have to test to verify but I believe this would be the case if a local admin logged on and the client can't pull a branding file for them.
Netskope Solution Architect - North America