Enabling Auto-Quarantine (AQ) for Exchange

Follow these steps to enable the Cloud Extender® Auto-Quarantine (AQ) feature for integration with Exchange.

About this task

The Auto-Quarantine (AQ) feature for the Exchange Integration module provides the following benefits:
  • Prevents new devices from connecting to your Exchange server with ActiveSync
  • Automatically approves devices that are enrolled in MaaS360®
  • Automatically approves devices that receive email settings only from MaaS360
  • Automatically approves Secure Mail records
Note: When you enable Auto-Quarantine (AQ) in the Cloud Extender policies, the Cloud Extender automatically approves existing ActiveSync devices and then enables Auto-Quarantine (AQ). Only new devices are blocked. Existing ActiveSync devices are not affected. However, if you enable Auto-Quarantine (AQ) directly on Exchange, instead of using MaaS360, existing ActiveSync devices are blocked.

Procedure

  1. Log in to the MaaS360 Portal with administrator credentials.
  2. Select Setup > Cloud Extender Settings > Exchange ActiveSync, and then click Edit.
  3. Configure policies in the Exchange ActiveSync section:
    Option Description
    Enable Auto-Quarantine of Devices Use the default setting, where the Cloud Extender uses the Auto-Quarantine (AQ) setting that is configured on the Exchange server, or enable or disable Auto-Quarantine (AQ).
    Notification Email address(es) A comma-separated list of email addresses that are notified when a new device is quarantined.
    Auto-approve enrolled devices Automatically approves email connections from devices that are enrolled in MaaS360.

    The device is briefly quarantined before enrollment is confirmed.
    Auto-approve based on policies Automatically approves email connections from enrolled devices when the email configuration is pushed from MaaS360.

    This setting requires that you configure MDM Persona policies to push email configuration to devices. This setting blocks connections from the device if the user manually configures email on email clients. Only MDM pushed email configuration is approved.
  4. Click Save and Publish.
    The Secure Mail records are automatically approved regardless of whether Auto-Quarantine (AQ) is enabled from the MaaS360 Portal or enabled directly on Exchange.