In Progress

Configure and document Azure Endpoint Manager & Azure VPN

Configure and document Azure Endpoint Manager & Azure VPN

Resume

Setup Azure VPN

Setup Azure Endpoint Manager (Intune) configuration profiles

Setup Bit locker security (create policies for bitlocker and windows defender)

Advise on design and implementation

Documentation

Current setup

Currently we have assigned Intune Device licenses to all shop users within the company. Only the device located in our shops are currently registered in MS Endpoint Manager. Some basic policies are created which should be reviewed.

For the backoffice we don’t have an setup yet. We need advice in setup and Intune licensing.

Azure VPN

A VPN resource should be set up and all devices should be connected to this VPN. All traffic should be routed through this VPN.

Split VPN scenario: In the backoffice and shop networks which are by default connected with a Site-to-Site VPN the VPN client on the endpoint should not be started. This should only be the case when the endpoint is connected to a foreign network.

Only whitelisted websites can be accessed.

Backoffice devices

We have 1 backoffice with 20 devices (PC’s) owned by the company and 25 backoffice users which should have the following requirements:

- Users are not an administrator on the device

- System Administrators role/group is admin on the device

- It is only possible to login with a @[login to view URL] AAD account

- O365 apps (Word, Outlook, Excel) are installed

- Desktopshortcuts to web-apps (Edge)

- Kaspersky Antivirus is installed/Microsoft Defender is configured

- Xelion 7 from the Microsoft App Store is installed

- Splunk universal forwarder is installed

- A company image is set on the user’s desktop background (Company Branding)

- The device name is visible on the desktop

- Users can not install any apps themselves

- All traffic is routed through a VPN (Azure) when connected to a foreign network

- It is not possible to save data locally, only onedrive is allowed.

- It is only possible to use company USB flash drives, it is not possible to transfer data from or to devices not registered in MS Endpoint Manager

- RDP access only available through VPN

- Pre-configurerd WiFi access

- Lock screen within 10 minutes

- Not allowed to configure Windows PIN code

- Customize Windows Start menu with predefined apps

- Windows automatic updates after work hours (after 20:00 a clock)

Shop devices

We have 35 shops with 70 shop devices (laptops) owned by the company and 300 shop users which should have the following requirements:

- Users are not an administrator on the device

- System Administrators role/group is admin on the device

- It is only possible to login with a @[login to view URL] AAD account

- Desktopshortcuts to web-apps (Edge)

- Microsoft defender is configured

- Splunk universal forwarder is installed

- A company image is set on the user’s desktop background (Company Branding)

- The device name is visible on the desktop

- Only Microsoft Edge can be used

- MFA is enabled (kiosk mode does not support this)

- All traffic is routed through a VPN (Azure) when connected to a foreign network.

- It is not possible to save data locally, only onedrive is allowed.

- RDP access only available through VPN

- Pre-configurerd WiFi access

- Lock screen within 10 minutes

- Not allowed to configure Windows PIN code

- Customize Windows Start menu with predefined apps

- USB drive is blocked for USB flash devices

- USB should be still available for barcode scanners

- Windows automatic updates after work hours (after 20:00 a clock)

About provisioning devices

What is the best way to register shared endpoints in Microsoft Endpoint Manager? We are currently creating a new user for every 5 devices.

We require someone who can advise us with the requirements above and help us with the implementation and documentation.

Skills: Microsoft Azure, Office 365, Powershell, VPN

See more: configure redhat linux enterprise vpn, ubuntu configure network manager vpn pptp, ubuntu network manager vpn, ipsec vpn windows server configuration, wine symantec endpoint manager linux, configure cisco router 1841 vpn, configure tinymce image manager, configure cisco router ssl vpn, configure firewall blackberry manager, configure ios router anyconnect vpn, configure cisco router anyconnect vpn, vpn client centos configuration, asterisk endpoint manager, configure aec subscription manager, configure cisco ios firewall vpn, configure ios support cisco vpn anyconnect, asterisk vpn endpoint manager, freepbx endpoint manager vpn, call manager vpn configuration

About the Employer:
( 1 review ) Pijnacker, Netherlands

Project ID: #32177325

Awarded to:

akhileshgandhi

Hello,\r\n\r\nI would like to help you with your requirement related to configure and document Azure Endpoint Manager & Azure VPN as we do have experienced Azure developers.\r\n\r\nIt will be great if we can communicat More

€20 EUR / hour
(2 Reviews)
3.2

11 freelancers are bidding on average €34/hour for this job

(32 Reviews)
5.9
(13 Reviews)
5.5
smahajan2020

I am certified Microsoft 365 Solution Consultant and responsible for managing and designing Cloud and Infrastructure platform. Expertise in Microsoft 365 Messaging, Security & Compliance, Intune , Exchange, Teams, Shar More

€27 EUR / hour
(7 Reviews)
4.6
(3 Reviews)
3.3
(1 Review)
1.5
arifuzzaman121

Hello, Hope you are well. I've read your project description. I can do your project completely as you want. I'm very professional at server administration & programming. I'm in this profession for 3 years. I'm giving m More

€50 EUR / hour
(0 Reviews)
0.0
(0 Reviews)
0.0
vbtise

After Working With Us You'll Be 100% Satisfied With The Solution I would suggest arranging our first voice or video call. This call will help you ask me questions to make sure that I have the proper technical knowledg More

€27 EUR / hour
(0 Reviews)
0.0
(1 Review)
0.6
(0 Reviews)
0.0