Microsoft announced that the Mobile Network Protection feature is generally available to help organizations detect network weaknesses affecting Android and iOS devices running Microsoft’s Defender for Endpoint (MDE) enterprise endpoint security platform.
Once Mobile Network Protection is toggled, MDE will provide protection and alerts when rogue Wi-Fi-related threats and certificates (the primary attack vector for Wi-Fi networks) are detected.
Threats this feature can spot include rogue hardware like Hak5 Wi-Fi Pineapple devices used by both pen-testers and cybercriminals to capture data shared within networks.
Users will also be alerted to switch networks if MDE detects suspicious or unsecured networks and will receive push notifications when open Wi-Fi networks are discovered.
“As the world continues to make sense of the digital transformation, networks are becoming increasingly complex and provide a unique avenue for nefarious activity if left unattended,” the company said in June when it announced the public preview.
“To combat this, Microsoft offers a mobile network protection feature in Defender for Endpoint that helps organizations identify, assess, and remediate endpoint weaknesses with the help of robust threat intelligence.”
Even though Mobile Network Protection is enabled by default on enrolled mobile devices, Microsoft also provides detailed info on how to configure it on Android and iOS devices using the Microsoft Endpoint Manager Admin center.
Endpoint security platform covering all major OSs
Defender for Endpoint’s capabilities have slowly been expanded to protect devices across all major platforms and to enable security teams to defend network endpoints using a unified security solution.
MDE on iOS was updated with zero-touch onboarding capability in February to help admins silently and automatically install Defender for Endpoint on all enrolled devices in an enterprise network.
Microsoft also announced that MDE threat and vulnerability management support for Android and iOS reached general availability one month later.
Vulnerability management lets admins decrease Android and iOS mobile endpoints’ surface attack, thus increasing their organization’s resilience against attack attempts targeting mobile devices.
“With this new cross-platform coverage, threat and vulnerability management capabilities now support all major device platforms across the organization – spanning workstations, servers, and mobile devices,” Microsoft said.
Earlier this year, Redmond also revealed that MDE is now allowing admins to “contain” unmanaged Windows devices on their network if they were compromised and is better at blocking ransomware on Windows 11.