What's new in Microsoft Defender for Endpoint on iOS
Applies to:
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender XDR
Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.
Defender for Endpoint is ending support for iOS/iPadOS 15 on January 31, 2025. Moving forward, only devices running iOS/iPadOS 16 and later are supported.
How does this affect you or your users?
New users won't be able to install the Microsoft Defender app on devices running iOS/iPadOS 15 and earlier versions. Similarly, existing users won't be to upgrade to the latest version of the app.
To check which devices support iOS 16 or iPadOS 16 (if applicable), see the following Apple documentation:
Microsoft Defender for Endpoint iOS can now be deployed on Intune User Enrolled devices. This new feature offers security and IT teams the flexibility to deploy Defender for Endpoint for iOS to user-enrolled devices so that work data and applications are protected, while end-user privacy is upheld on those devices. For more information, see User Enrollment setup.
Mobile Device Tagging is now generally available. This feature enables bulk tagging the mobile devices by allowing the administrators to set up tags via Intune. Admin can configure the device tags through Intune via configuration policies and push them to user's devices. Once the User installs and activates Defender, the client app passes the device tags to the Security Portal. The Device tags appear against the devices in the Device Inventory. For more information, read Configure Device Tagging.
Vulnerability assessment of apps on Microsoft Defender for Endpoint for iOS is now generally available. Defender for Endpoint on iOS supports vulnerability assessments of apps only for enrolled (MDM) devices. For more information, see Configure vulnerability assessment of apps.
Network Protection on Microsoft Defender for Endpoint is now generally available. Network protection provides protection against rogue Wi-Fi related threats, rogue hardware like pineapple devices and notifies the user if a related threat is detected. Users also see a guided experience to connect to secure networks and change networks when they're connected to an unsecure connection.
This feature is now enabled by default for all users. As a result, users are able to see the Network Protection Card in the Defender for Endpoint iOS app along with App Protection and Web Protection. Users are also required to provide Local Network permission. This permission is needed to enhance the existing rogue wifi detection. Administrators can change the default value for the Network Protection feature if they decide not to use it via the Intune App Configuration policies.
There are also several admin controls to offer flexibility, including privacy controls to configure the data that's sent by Defender for Endpoint from iOS devices. For more information, read Configure Network Protection.
Microsoft Defender for Endpoint on iOS enables Privacy Controls for both administrators and end users. These controls include the controls for enrolled (MDM) and unenrolled (MAM) devices. Administrators can configure the privacy in the phish alert report, and end users can configure the information shared to their organization.
Microsoft Defender for Endpoint on iOS enables Optional Permissions in the onboarding flow. Currently the permissions required by Defender for Endpoint are mandatory in the onboarding flow. With this feature, admin can deploy Defender for Endpoint on BYOD devices without enforcing the mandatory VPN Permission during onboarding. End users can onboard the app without the mandatory permissions and can later review these permissions. This feature is currently present only for enrolled devices (MDM).
With Disable Web Protection, customers who don't want to set up a VPN can configure to disable Web Protection and deploy Defender for Endpoint without that feature. Other Defender for Endpoint features continue to work. This configuration is available for both the enrolled (MDM) devices and unenrolled (MAM) devices.
Microsoft Defender for Endpoint on iOS can now integrate with Microsoft Tunnel, a VPN gateway solution to enable security and connectivity in a single app. Integration with Tunnel provides a simpler, secure VPN experience on iOS with just one app. This feature was earlier available only on Android. For more information, see the techcommunity post here.
Microsoft Defender for Endpoint on iOS now has specialized ability on supervised iOS/iPadOS devices, given the increased management capabilities provided by the platform on these types of devices. It can also provide Web Protection without setting up a local VPN on the device. This gives end-users a seamless experience while still being protected from phishing and other web-based attacks. For more information, see this documentation.
Microsoft Defender for Endpoint is now available as Microsoft Defender in the app store. With this update, the app is available as preview for Consumers in the US region. Based on how you log into the app with your work or personal account, you'll have access to features for Microsoft Defender for Endpoint or to features for Microsoft Defender for individuals. For more information, see this blog.
On January 25, 2022, we announced the general availability of Vulnerability management on Android and iOS. For more information, see the techcommunity post here.
- Integration with Tunnel - Microsoft Defender for Endpoint on iOS can now integrate with Microsoft Tunnel, a VPN gateway solution to enable security and connectivity in a single app. For more information, see Microsoft Tunnel Overview.
- Zero-touch onboard for enrolled iOS devices enrolled through Microsoft Intune is generally available. For more information, see Zero touch onboarding of Microsoft Defender for Endpoint.
- Bug fixes.
- Resolved internet connectivity issues on supervised devices. For more information, see Deploy Defender for Endpoint on enrolled iOS devices.
- Bug fixes.
- Performance optimizations - Test battery performance with this version and let us know your feedback.
- Zero-touch onboard for enrolled iOS devices - With this version, the preview of Zero-touch onboard for devices enrolled through Microsoft Intune has been added. For more information, see this documentation for more details on setup and configuration.
- Privacy Controls - Configure privacy controls for phish alert report. For more information, see Configure iOS features.
- Bug fixes and performance improvements
- Performance optimizations were made in this release. Test battery performance with this version and let us know your feedback.
- Device Health card - Device Health card notifies end-users about any pending software updates.
- Usability enhancements - End-users can now disable the Defender for Endpoint VPN from the Microsoft Defender app itself. Prior to this update, end-users had to disable VPN only from the Settings app.
- Bug fixes.
- UX Enhancements - Microsoft Defender for Endpoint has a new look.
- Bug fixes.
- Support for Mobile Application Management (MAM) via Intune is generally available with this version. For more information, see Microsoft Defender for Endpoint risk signals available for your App protection policies
- Jailbreak Detection is generally available. For more information, see Setup Conditional Access Policy based on device risk signals.
- Auto-setup of VPN profile for enrolled devices via Microsoft Intune is generally available. For more information, see Auto-Setup VPN profile for enrolled iOS devices.
- Bug fixes.
- Jailbreak Detection is in preview. For more information, see Setup Conditional Access Policy based on device risk signals.
- Auto-setup of VPN profile is in preview for enrolled devices via Microsoft Intune. For more information, see Auto-Setup VPN profile for enrolled iOS devices.
- The Microsoft Defender ATP product name has now been updated to Microsoft Defender for Endpoint in the app store.
- Improved sign-in experience.
- Bug fixes.
- With this version, we're announcing support for iPadOS/iPad devices.
- Bug fixes.
Tip
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.