Can enpoint's local admin be restricted from internet access through AAD integration?

AllenWu · ‎09-05-2023

Hello,

Does anyone know if Netskope can enforce employees to log in AAD account on their managed endpoints to access internet?

If employees don't log in their AD account and use local admin to access internet, can Netskope block their access?

I haven't found any related discussion or KB on this. Appreciate if someone has already tried or know the configurations.

sshiflett · ‎09-08-2023

@AllenWu,

Fail close would likely handle this use case as the client will fail to enable if a tunnel can't be established. I'd have to test to verify but I believe this would be the case if a local admin logged on and the client can't pull a branding file for them.

Sam Shiflett
Netskope Solution Architect - North America

AllenWu · ‎09-13-2023

Hi Sam, understand and we are not sure if client can do some personal fw regulation even the tunnel is not established.

Looking forward to your testing results.