This article will show you how to secure the access to a web application by only allowing access from a device that has been enrolled into Centrify's MDM or prompt for multi-factor authentication when accessing from a non-managed device.
Enroll your device into Centrify MDM
1. Log into the Centrify Admin Portal.
2. On the left, navigate to Core Services > Policies, then edit an existing policy by clicking on the name of the policy or create a new one by clicking Add Policy Set.
3. In the policy, go to Login Policies > Centrify Portal. Scroll down to the section called Other Settings.
a) Uncheck "Allow IWA connections (bypasses authentication rules and default profile)"
b) Place a check next to the following two check boxes:
- Use certificates for authentication (bypasses authentication and default profile.)
- Connections using certificate authentication satisfy all MFA mechanisms
c) Press Save.
4. Edit your web application and select Policy from the left column, then click Add Rule.
5. When a new window appears, click Add Filter.
6. Select Managed Device and desired condition, then click Add.
9. Press Save when your configuration is complete.
Other settings to consider:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.