Secure Edge integration

Secure Edge is a robust solution designed to elevate the security posture of various Software as a Service (SaaS) applications. It achieves this by concealing remote users behind a single IP address, effectively masking their individual identities. This centralized approach not only simplifies network management but also enhances security by allowing organizations to implement stringent IP access controls within their SaaS applications. By doing so, Secure Edge helps protect sensitive data and ensures that only authorized users can access critical resources, ultimately reducing the risk of unauthorized access and potential data breaches.

SafeCheck for Secure Edge and SaaS Alerts

Secure Edge is now integrated with SaaS Alerts to streamline Microsoft Security recommendations for Secure Edge users. When configured, Secure Edge will share the Gateway IP address and the email addresses of the Secure Edge users. The SaaS Alerts Fortify module allows IT administrators to provision the Microsoft 365 Conditional IP Access policy for these Secure Edge users. Once provisioned, Secure Edge users must be connected to the Secure Edge Gateway to gain access to Microsoft 365; if they are not connected, access will be denied.

Setting up the integration

To set up the Secure Edge and SaaS Alerts integration, follow these steps:

Setting up API
- Log in to SaaS Alerts at https://manage.saasalerts.com/sign-in.
- In the left menu, navigate to the Fortify section.
NOTE You must enable Multi-Factor Authentication (MFA) to access Fortify. For more information, refer to Enabling MFA for an MSP Admin or MSP User.
- Enter your credentials to verify your identity and click Authenticate.
- Complete mobile phone verification and click Authenticate.
- On the next page, click the Actions tab.
- Type SASE in the search box and click the action light bulb.
Configure the API key
- Locate and copy the API key.
- In Datto Networking, go to Secure Edge in the left menu and click Service Settings.
- Click the Integrations tab, turn on the Enable SaaS Alerts toggle, and add the API Key.
Apply conditional access
- In SaaS Alerts, click Create Conditional Access Policy:
- Click Apply actions.
Add Firewall IP Address(es)
- Click the Edit Customization icon.
- Click + Add Parameter.
- Select Exclude IP Addresses.
- Enter the IP(s) value.
- The conditional access policy will be applied.
As Secure Edge users are added or removed, SaaS Alerts will automatically apply updates to M365.

	Need troubleshooting help? Open the Kaseya Helpdesk.
	Want to talk about it? Head on over to the Community!
	Have an idea for a new feature? Want to learn about upcoming enhancements? Visit the Ideas forum!
	Provide feedback for the Documentation team.