So with the upcoming release of the NetScaler 11.1 build 51, it will now finally support Intune integration which I have been waiting on for some time now. This new feature allows for Conditional access against on-premises web applications like SharePoint and such.
So for instance the integration allows NetScaler to pull compliance data from Intune, enabling conditional access policies. The conditional access policies give NetScaler Gateway to control the access based on device functionalities and so on. For example, an administrator can create a policy where only devices with “Camera” disabled are granted access.
NOTE However: Only iOS and Android clients are supported at this time, and it requires an updated VPN client.
So how does this integration work?
Source: http://bit.ly/2iFjcon (Citrix)
- An device is enrolled to Microsoft Intune
- Policies and applications are publised to the endpoint
- A users tries to connect to an on-premises web application
- User is redirected to NetScaler Gateway website
- The User presents an Oauth token to the Authentication Policy on the NetScaler Gateway
- If the device is successfully enrolled, access to the on-premises web application is granted.
- If the device is not enrolled, the VPN client will display an error message with a link to the Intune page to enroll the device