Microsoft Intune offers a policy-based protected browser which are intuned Managed Browser (retire soon) and Microsoft Edge mobile browser.
Microsoft Edge delivers more compare to Intune managed browser and Edge is the future secure mobile browser for Microsoft Intune.
The following are the feature comparison between Intune managed browser and Microsoft Edge.
Microsoft Edge mobile browser does provide the additional security controls such as: Control In-Private browsing, Control personal accounts and browsing for allowed accounts only.
Microsoft has announced the depreciation of Intune managed browser at the Ignite 2019 with the following deadlines.
Retirement announcement: 6th Nov 2019
Intune will no longer support the Intune Managed Browser:27th January 2020
The managed browser will be removed from the store (iOS store and play store): 1st Feb 2020
The managed browser will be removed from the intune console: 31st March, 2020.
If your organization uses allowed or blocked sites list for Microsoft Edge, your users will hit the following screen when they visit websites that are not allowed or blocked from the MAM protected applications like outlook, teams, etc.
Site is blocked. Access to this site has been blocked by your administrator using corporate account.
you can either sign-in with a Microsoft account or browser in private or cancel.
This is very annoying for end-users all the time for such blocked or not allowed websites.
Inorder to improve the end-user experience, there are some configurations we can define in Intune app configuration settings.
Before Ignite 2019, there was only one setting that you can configure for Edge browser for blocked sites:
| Key | Value |
| com.microsoft.intune.mam.managedbrowser.AllowTransitionOnBlock | True allows Microsoft Edge to transition users to their personal context to open blocked sites. Block prevents Microsoft Edge from transitioning users. Users are simply shown a message stating that the site they are trying to access is blocked. |
After Ignite 2019, Microsoft introduced new configuration changes to Edge mobile browser for iOS and Andriod which will now provide great end-user experience when browsing any blocked sites in private mode.
We can now create/update app configuration policy for edge browser (iOS and Andriod) to automatically open any blocked sites in private mode (soft transition) without showing the site blocked prompt:
com.microsoft.intune.mam.managedbrowser.openInPrivateIfBlocked with value true
When users browse any blocked websites in private mode, they can now see a snack bar display at the bottom of the browser that they are running in private mode.
This behavior can now be controlled with time (in seconds) as well.
com.microsoft.intune.mam.managedbrowser.durationOfOpenInPrivateSnackBar with value 10
if you do not configure this setting then users will see a snack bar few sec in-private browsing mode.
If you define the setting with 10 then users will see a snack bar for about 10 sec and it will disappear.
Summary of configuration options when users browse blocked websites:
| Key | Value |
| com.microsoft.intune.mam.managedbrowser.AllowTransitionOnBlock | True allows Microsoft Edge to transition users to their personal context to open blocked sites. Block prevents Microsoft Edge from transitioning users. Users are simply shown a message stating that the site they are trying to access is blocked. |
|
com.microsoft.intune.mam.managedbrowser.openInPrivateIfBlocked |
True open in private mode without any prompt for blocked sites |
|
com.microsoft.intune.mam.managedbrowser.durationOfOpenInPrivateSnackBar |
10 Value in seconds to display the snackbar at the bottom of the browser for users to know that they are in private mode |
Continue reading:
Protected, productive mobile browsing with Microsoft Edge mobile and Microsoft Intune
Manage web access by using Microsoft Edge with Microsoft Intune