Intune, ConfigMgr 1702 and Lookout better together

The last part of the blog series is showing you how Lookout Mobile Threat Protection is used in a hybrid environment, so when Intune is connected with Configuration Manager. The devices are managed from Configuration Manager using Intune as the middle tier.

Support for Lookout Mobile Threat Protection has been added to Configuration Manager 1610, so be sure that you update to this version if you want to use the integration with Configuration Manager.

In the new version 1702 some nice dashboards and threat information has been added to the Configuration Manager console.

Configuring the Lookout Integration is done partly in Configuration Manager and partly in Microsoft Intune. If you follow the next steps you should be able to protect your iOS and Android devices in a Hybrid scenario :).

Follow the guidelines from blog number 3.

  1. Setting up the groups
  2. Activating integration

After the Lookout and Intune side is configured, conditional access in Intune is in place and the application Lookout for Work has been deployed and configured like described in blog 4 (Admin experience, blog 5 (end user experience) and blog 6 (iOS experience).

In addition to the earlier blogs we need to create an Application Configuration Policy in Configuration Manager when deploying the iOS version of Lookout for Work. The App Configuration Policy can be created in Application Management > App Configuring Policies node in the Software Library Workspace.

Configure the Mobile App Configuration to support iOS

After creating the policy we can deploy the Lookout for Work App as Required to our users that need to have Lookout for Work. When deploying the iOS version we need to use the App configuration policy.

Associate the App Configuration Policy while deploying the application

For Android we can just deploy the version which is available in the Google Play store.

Next we need to create a compliance policy in the Compliance Settings -> Compliance Policies node of the Assets and Compliance workspace and deploy it to the users that need to comply to the policy.

Configure the Compliance Policy

So when a you are all set to go and protect our devices via Configuration Manager.

Configuration Manager 1702 offers some nice features which allows you to see if your devices are protected and are secure. In version 1702 threat information at the device level and a nice dashboard are added to the Configuration Manager console.

At the device level you are able to see what threat is active and what level the threat is. This is currently not possible with the Intune standalone integration.

Threat information at device level

Get an overview about the device threat protection status of all of your devices.

Nice dashboard with the

This concludes my series about Lookout MTP and the integration with Intune and Configuration Manager.


Looking back at the series of blogs and using Lookout together with Intune learns me that Mobile Threat Protection is a must when managing and supporting bring your own devices or choose your own devices. Lookout helps you to secure your iOS and Android devices, today we learned again how a Mobile Threat Protection solution is able to help you protect your devices and its data.

Other blogs in this series:


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

New Azure AD Application Proxy Connector Available – action required

Next Post

New look and feel for &

Related Posts