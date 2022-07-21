Coming Microsoft API change will break third-party device authentication

By on
Coming Microsoft API change will break third-party device authentication

Cisco, Citrix, F5 among affected vendors.

An impending change to Microsoft’s Intune APIs will break mobile device management (MDM) identity support from vendors like Cisco, Citrix and F5.

Earlier this year, Microsoft decided that on December 31 2022, it will deprecate the use of MAC addresses in Intune’s network access control (NAC) API, which the software currently uses to identify endpoint hardware.

Instead, Intune will identify devices using their Global Unique Identifier (GUID).

Software such as Cisco’s Identity Services Engine (ISE), however, uses MAC addresses to identify endpoints, and that service will fail when the deprecation takes effect.

As the company explains in this field notice, “ISE integrates with Microsoft Intune in order to determine corporate asset ownership or registration, as well as security compliance”.

“For ISE versions 3.0 or earlier, or any ISE 3.1 or later deployment using MDM APIv2 Microsoft Intune integration, the API queries to Intune will fail and Intune managed endpoints will appear as ‘not-registered.’ ISE will also trigger an alarm which indicates the Intune API is unreachable”, the field notice states.

Cisco is supporting the change in ISE 3.1 and later, but that doesn’t mean implementing the upgrade will be painless for IT shops: configuring the software for MDM APIv3 Intune integration will require installing certificates to all Intune endpoints, and confirming that those certificates are used for network authentication.

There could be other headaches: “For VPN-based endpoints, a workaround does not exist yet. It is suggested to use ISE posture in order to check for security compliance as an alternative to verification against Intune,” the field notice states.

Similar upgrade and configuration tasks face admins running Citrix Gateway and F5 BIG-IP systems.

Release notes for F5’s update to BIG-IP Version 17.0.0 can be found here.

Depending on their current environment, Citrix Application Delivery Controller users will have to upgrade to 13.1-12.51 or 13.0-84.11.

Microsoft’s notice about the API change is here.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
ciscocitrixf5intunemicrosoftsecuritysoftware

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can&#8217;t protect what you can&#8217;t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

Most Read Articles

Microsoft Teams hit by global issue

Microsoft Teams hit by global issue
Datacom ends DXC's 10-year reign as TfNSW's network services provider

Datacom ends DXC's 10-year reign as TfNSW's network services provider
Home Affairs, ASIC, ACMA leave Global Switch data centre

Home Affairs, ASIC, ACMA leave Global Switch data centre
Heritage Bank ends CISO hunt

Heritage Bank ends CISO hunt

Digital Nation

Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case Study: Good360 deploys NetSuite, Magento and Salesforce
Case study: AFL kicks goals with its new digital platform
Case study: AFL kicks goals with its new digital platform
Case Study: EY invests in AI to improve approach to flexible working
Case Study: EY invests in AI to improve approach to flexible working
Case Study: Multicloud business drivers at MLC Life Insurance
Case Study: Multicloud business drivers at MLC Life Insurance
Personalisation strategies need to be built from the ground up
Personalisation strategies need to be built from the ground up

Log In

  |  Forgot your password?