Let’s discuss Eliminate the Security Blind Spot of Cloud Endpoint Control with Intune Network Isolation. Enterprise Cloud Resource Policies are designed to determine which specific cloud-hosted domains Windows Store applications (Universal Windows Platform – UWP applications) should treat as part of an organization’s enterprise network.
The Enterprise Cloud Resources Policy applies only to Windows Store application (UWP application), not a traditional desktop application. It works with Windows Network Isolation feature. UWP apps are sandboxed and must declare a network resource they need to access.
Organizations may implement this policy for several reasons. Organizations basically enable this policy for improve security, maintain compliance, and optimize network traffic for UWP applications. Disabling them (by leaving them unconfigured) means that UWP applications treat these cloud resources as standard internet connections.
If this policy is configured correctly, UWP applications that need to connect to limited cloud resources can do so without connection errors, resulting in smooth, reliable workflow. This policy protects personal and company data.
Eliminate Cloud Endpoint Control Security Blind Spots with Intune Network Isolation
Different organizations can possible This is to ensure security. Organizations want all UWP apps (such as UWP Mail or Teams apps) to connect Microsoft 365 to be filtered and monitored by him local security equipment.
Configure Policies from the Intune Portal
As an admin, you can easily configure this policy from the Intune Portal. For this, Login to Microsoft Intune Portal with your credentials. Then go to Devices > Configuration > +Create >+ New Policy.
Profile Creation
To make policies You must specify the profile type and Platform. From this window you can select it. Here, I choose Windows 10 and later as Platform and Profile type as Settings catalogue. Then click on Next knob.
Basic Tab
basic tab, help you add Name and Description for the policy you want to create. Her name is Must file, and you have to enter the Name here. The description is optional,and it is better to provide a Description.
- Name – Activate Enterprise Cloud Resource
- Description – This is used to Activate Enterprise Cloud Resources
- Click on Next knob
Configuration Settings Tab
That Configuration tabs are very important because they help you select certain settings. On the Configuration tab, click on +Add settings hyperlink, and then you will get Settings Selector. From the Settings Picker, you can quickly select settings by browsing by category or the Search bar.
- Choose Network Isolation Setting category
- Choose Enterprise Cloud Resources
- Then close Settings Selector window
Add Value
If a proxy paired with cloud resources, traffic to cloud resources will be routed through the corporate network via a designated proxy server (at Harbor 80). The proxy server used for this purpose must also be configured using the Intranet proxy server policy for the application.
- [cloudresource]|[cloudresource]|[cloudresource],[proxy]|[cloudresource]|[cloudresource],[proxy]|.
Scope Tag
In scope tagYou can add scope tags so just skip this part. This not a mandatory taband this is completely up to your choice. Here I missed this part. So click on Next knob.
Tasks Tab
That Assignment tab is a very important part that determines which one group can choose to set an Internet Sharing Policy. Click on +Add groups option under Included groups. Select a group from the group list and click Choose knob. Then the selected group is displayed on the Tasks tab.
Review + Create Tab
That Review + Create tab is the final stage of policy creation. In this tab, you can verify the details and continue. If you want to make changes, click previous button. If not, click the Create button. Then you will get success announcement.
Device Check-in Status
When the policy is created succeedyou can synchronization device on Company portal for faster deployment. Once the sync is complete, you can check status in the Intune Portal. Go to Devices > Configuration and look for the policy.
- Here are the policies succeeded as 1
Client Side Verification – Event Viewer
Event Viewer helps you check whether the policy is working or not. Event Viewer can be used as client side verification. Here first go to Event Viewer and check Event ID it’s usually on 813 or 814. Navigate to Application and Service Logs > Microsoft > window > Device Management > Company
How to Delete Enterprise Cloud Resource Policies
If you want delete That Enterprise Cloud Resources policy on aligned portal, it is a very easy process. To do this, open the policy from the Configuration tab, and click it Edit button on the Tasks tab. Click on Delete button in this section to delete the policy.
For more detailed information, you can check our previous post – Learn How to Delete or Unassign Apps from Intune using Step by Step Guide.
How to Delete Enterprise Cloud Resource Policies
Intune allows you to easily delete policies within Intun Portal. Policy deletion necessary in an organization for various reasons. To delete a policy, click on it 3 points options and then click on Delete knob.
For more information, you can refer to our previous post – How to Remove Allow Clipboard History Policy in Intune Step by Step Guide.
Windows CSP details
This setting does not apply to desktop applications. Pipe-separated list of domain cloud resources. Each cloud resource can also be optionally paired with an internal proxy server by using a comma followed by the proxy address.
Contains a list of Enterprise resource domains hosted in the cloud. Connections to these resources are considered connections to the corporate network.
| Name | Mark |
|---|---|
| Name | WF_NetIsolation_EnterpriseCloudResources |
| Friendly Name | Enterprise resource domains are hosted in the cloud |
| Element Name | Enterprise cloud resources. |
| Location | Computer Configuration |
| Track | Network > Network Isolation |
| Registry Key Name | SOFTWARE\Policies\Microsoft\Windows\NetworkIsolation |
| ADMX File Name | NetworkIsolation.admx |
Need More Help or Have a Technical Question?
JoinLinkedIn Page AndTelegram Groupto get step by step guides and latest news updates. Join usMeeting Pageto participate in User group meetings. Also, JoinWhatsApp Communityto get the latest news about Microsoft Technologies. We were thereredditas well.
Author
Anoop C Nairhas been a Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solutions Architect with over 22+ years of experience in the Workplace technology space. He is a leader of the Community of Bloggers, Speakers, and Local User Groups. The main focus is on Device Management technologies such as SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.
Game Center
Game News
Review Film
Berita Olahraga
Lowongan Kerja
Berita Terkini
Berita Terbaru
Berita Teknologi
Seputar Teknologi
Berita Politik
Resep Masakan
Pendidikan
Berita Terkini
Berita Terkini
Berita Terkini
review anime
Gaming Center
Originally posted 2025-11-04 13:30:31.
