Microsoft Intune Integration with the WatchGuard Mobile Security iOS App

Microsoft Intune is a cloud-based endpoint management service that organizations use to manage devices and apps. The Intune Company Portal app enables members of an organization to download and install organization-approved apps.

This document describes how to configure Microsoft Intune to make the WatchGuard Mobile Security app available to iOS devices in your organization through the Company Portal app.

Contents

Integration Summary

The hardware and software used in this guide include:

  • Microsoft Intune
  • WatchGuard Mobile Security App v2.01.18.0006
  • Mobile device with iOS v18.3.1

Before You Begin

Before you begin these procedures, make sure that you:

  • Have a global administrator or user management administrator account to log in to Microsoft Intune.
  • Have a WatchGuard Cloud account with an Endpoint Security license.
  • Enroll your iOS devices in Microsoft Intune. For information, go to Enroll iOS/iPadOS Device. (external link)

This integration guide applies to WatchGuard Advanced EPDR, WatchGuard EPDR, and WatchGuard EPP. In this guide, we use EPDR as an example.

Additional charges might apply to Microsoft Intune. For more information about Intune, go to Microsoft Intune Overview. (external link)

Copy the Integration URL in Endpoint Security

  1. Log in to WatchGuard Cloud with your WatchGuard Cloud operator account credentials.
    If you log in with a Service Provider account, you must select a Subscriber account from Account Manager.
  2. Select Configure > Endpoint Security.
    The Endpoints (WatchGuard EPDR) page opens.
  3. Select Computers.
  4. Click Add Computer.
    The Add computers page opens.
  5. Click iOS.

    6. Screenshot of iOS icon on Add Computers dialog box

  6. Select Installation using another MDM solution.

    7. Screenshot of option to install with another MDM

  7. Copy the integration x_wg_integration_url for use later in the Configure Microsoft Intune section.
    For more information on the other attributes, go to Install the WatchGuard Mobile Security iOS App on Supervised Devices (Third-Party MDM Solution) .

    8. Screenshot of integration configuration information page on Add Computer dialog box for iOS devices (another MDM solution)

Configure Microsoft Intune

To configure Microsoft Intune, you must:

  1. Add a Group in Microsoft Intune.
  2. Add the WatchGuard Mobile Security App in Microsoft Intune.

Add a Group in Microsoft Intune

Create a group to assign the WatchGuard Mobile Security app to.

To add a group in Microsoft Intune:

  1. Log in to Microsoft Intune as an administrator.
  2. Select Groups > All Groups > New Group.
    The New Group page opens.
  3. In the Group Name text box, type a name for the group. For example, type Group for Endpoint Mobile Security.
  4. Click No Members Selected and select the users you want to assign the WatchGuard Mobile Security app to. Any user that you select must be enrolled in Microsoft Intune.
  5. Keep the default values for all other settings.

Screenshot of Create New Group in Intune

  1. Click Create.

Add the WatchGuard Mobile Security App in Microsoft Intune

After you add an app to Intune, you define the details shown for the app in Company Portal and configure settings such as device requirements, detection rules, and user assignments.

To add the WatchGuard Mobile Security App in Microsoft Intune:

  1. Log in to Microsoft Intune as an administrator.
  2. Select Apps > All Apps > Create.
    The Select App Type page opens.
  3. From the App Type drop-down list, select iOS store app.

Screenshot of the Select App Type page in Intune

  1. Click Select.
  2. Click Search the App Store.
    The App Package File page opens.
  3. In the Search text box, type and search WatchGuard Mobile Security.

Screenshot of the Search and select App page in Intune

  1. Select WatchGuard Mobile Security.
    The Add App page opens.
  2. On the App Information page, keep the default values for all settings.
    Do not change the Name of the app as it could cause integration failure.

Screenshot of Add App information page in Intune

  1. Click Next.
    The Assignments page opens.

To assign the WatchGuard Mobile Security app to a group:

  1. In the Required section, click + Add group.
    The Select groups page opens.
  2. In the Search text box, type the name of the group created previously (for example, Group for Endpoint Mobile Security).
  3. Select the group you want to assign the app to.
  4. Click Select.
  5. Click Next.
  6. Click Create.
    It can take several seconds to add the app.

To configure device requirements, detection rules, and user assignments:

  1. From the left navigation, select App > Configuration.

    2. Screenshot of select configuration button in Intune

  2. From the Create drop-down list, select Managed Devices.
  3. In the Name text box, type a descriptive name for the configuration policy (for example, For WatchGuard Security App).
  4. From the Platform drop-down list, select iOS/iPadOS.
  5. Next to Targeted App, click Select App.
  6. Select the WatchGuard Mobile Security app.

    7. Screenshot of configuration basic page in Intune

  7. In the Associated App pane, click OK.
  8. Click Next.
  9. From the Configuration Settings Format drop-down list, select Use Configuration Designer.
  10. In Configuration Key text box, type x_wg_integration_url.
  11. From the Value Type drop-down list, select String.
  12. In the Configuration Value text box, paste the x_wg_integration_url value you copied previously.

    13. Screenshot of the configuration policy page in Intune

  13. Click Next.
  14. In Included Groups section, click Add Groups.
  15. On Select Groups to Include page, in the Search text box, type the group created (for example, Group for Endpoint Mobile Security).
  16. Select the check box for the group.

    17. Screenshot of select group in Intune

  17. Click Select.
    It can take several seconds to add the group.
  18. Click Next.
  19. Click Create.
    It can take several seconds to assign the policy successfully.

Test Integration of iOS Devices with Intune

To test the integration, from an iOS device:

  1. Install the Intune Company Portal from the App Store on your iOS device.
  2. Open the Company Portal and log in with the Microsoft Entra ID user. Enroll your devices in Microsoft Intune. For information on how to go this, go to Enroll iOS/iPadOS device. (external link)
  3. Approve app installation on your iOS device.
    The WatchGuard Security Mobile app installs successfully.

    4. Before you start the app for the first time, check the settings to make sure that network services are turned on.

  4. Open the WatchGuard Security Mobile app and follow the prompts to complete the configuration.

    5. Screenshot of WatchGuard Mobile Security app confirmation on iOS device

To test the integration, from the Endpoint Security management UI in WatchGuard Cloud:

  1. Log in to WatchGuard Cloud with your WatchGuard Cloud operator account credentials.
    If you log in with a Service Provider account, you must select a Subscriber account from Account Manager.
  2. Select Monitor > Endpoint Security.
  3. Select Computers.
  4. Select the device you configured previously in the Configure Microsoft Intune section.
    You should be able to see the device details.

Screenshot of mobile device in Endpoint Security management UI

You can also review some device details in WatchGuard Cloud for endpoints with the WatchGuard Agent installed. Select Monitor > Endpoints, and then select the iOS device from the list of endpoints.

Related Topics

Install the WatchGuard Mobile Security iOS App on Supervised Devices (Third-Party MDM Solution)

Microsoft Intune (external link)