Edge Browser For Android Download

 

Oct 05, 2017  Android is Getting the Microsoft Edge Browser and Microsoft Launcher. Sadly, Microsoft’s mobile platform has been sputtering with little sign of life left but the company hasn’t given up on. Microsoft’s Edge browser is now available for Android phones.Microsoft Edge was first introduced with Windows 10 and made available only for PCs. Now, with the availability on both Android and iOS, Microsoft Edge extends the functionality.

In a surprise announcement, Microsoft said its Edge web browser is now available for iPhones, with a release for Android 'in the coming weeks.'

The initial rollout for the browser will be limited to those in the U.S. but should expand to other markets over time. Currently, the browser is in preview only as Microsoft begins to build out features based on user feedback. The same goes for tablet support on both OSes, which should come later.

Edge for iOS, Android and 'Continue on PC'

Microsoft's main goal with the Edge browser for iPhone and Android users is to make sharing documents easier and help you pick up where you left off when using Windows 10.

Part of the Windows 10 Fall Creators Update feature set is the ability for consumers to pass a link to the 'Continue on PC' share target. While that feature works, it is hard to find and not very intuitive.

The Edge browser for iOS and Android, however, makes Continue on PC a prime feature with a prominent share icon near the bottom of the browser. Users can just tap to continue the experience on their Windows 10 PCs, or save it for later.

Other features in the Windows 10 version of Edge are also present, including:

  • Website favorites sync.
  • Reading list sync.
  • eBook and ePub support, including sync of purchased content from Windows Store. (Coming soon.)
  • Password sync. (Coming soon.)
Android

Joe Belfiore, corporate vice president of Microsoft's Windows and Devices Group, told us that there are no immediate plans for browser extensions, but like many future feature updates, future direction will be partially determined by user feedback and requests.

Other abilities, like signing into your Microsoft Account, InPrivate tab (private browsing), AirDrop, and the ability to set your default search engine to Bing, Google, or Yahoo, are already enabled.

Settings, Tab View, and Reading List are all here in Edge for iOS.

Some of the features like password sync, eBooks, and support for tablets, will come later as Microsoft builds out the current Edge for iOS and Android applications.

Although initially only for the U.S. market, Microsoft expects to push Edge to other countries and languages as it expands the preview to get more feedback.

We've been using Edge for iOS for the last few days, and the browser behaves as expected. Those enrolled in the Windows Insider Program who are running the latest Insider build (Version 1709) can read our guide on how to link your phone to your PC.

Edge for iOS and Android – Slightly more than skin deep

Microsoft told Windows Central that these are not native browsers in the traditional sense. Edge for iOS is based on the WebKit layout engine, while the Edge browser for Android is based on Chromium. That rendering technology contrasts with the EdgeHTML engine that the Windows 10 browser leverages, so build strings and feature sets won't be aligned.

Apple simply does not allow third-party browsers based on non-WebKit engines in the Apple Store, and Android is built around Chromium, making it a more natural fit for that OS.

These Edge browsers are basically sophisticated skins with advanced feature sets that allow syncing with your Windows 10 PC for favorites, reading lists, reading view across your PC and phone, and more features that are familiar to Windows 10 consumers.

Due to Apple's restrictions, consumers won't be able to set Edge for iOS as the default browser. Such limitations, however, do not apply to Android.

On October 17 iPhone and Android users can continue browsing on Windows 10 via handoff.

Where to get Microsoft Edge for iOS and Android

Starting today, iPhone users can use Apple Test Flight to begin using Edge for iOS Preview. Those on Android can sign up to be one of the first to test the preview Edge for Android, which launches in the coming weeks.

To sign up for Edge on both iOS and Android just head to Microsoft's site here to get started.

In addition to announcing Edge for Android Microsoft is also rebranding its Arrow launcher. See what's new with Microsoft Launcher for Android, which is now available!

We may earn a commission for purchases using our links. Learn more.

Mouse Review

Microsoft Ergonomic Mouse review: A budget Surface Precision Mouse

Microsoft has released a brand new ergonomic mouse that takes design cues from its premium Surface Precision Mouse and folds it into a package that costs half the price. If you’ve always been a fan of the Surface Precision Mouse’s ergonomic design and rich feature-set, but couldn’t justify its $99 price tag, the Microsoft Ergonomic Mouse is the next best thing.

-->

Using Intune app protection policies with Microsoft Edge helps ensure that corporate websites are always accessed with safeguards in place. The following Microsoft Edge enterprise features enabled by Intune policies are available:

  • Dual-Identity. Users can add a work account, as well as a personal account, for browsing. There is complete separation between the two identities, which is similar to the architecture and experience in Office 365 and Outlook. Intune admins can set the desired policies for a protected browsing experience within the work account.
  • Intune app protection policy integration. Because Microsoft Edge is integrated with the Intune SDK, you can target app protection policies to protect against data loss. These capabilities include controlling cut, copy, and paste, preventing screen captures, and ensuring that user-selected links open only in other managed apps.
  • Azure Application Proxy integration. You can control access to software as a service (SaaS) apps and web apps. This helps ensure that browser-based apps only run in the secure Microsoft Edge browser, whether end users connect from the corporate network or connect from the internet.
  • Application configuration. You can use application configuration settings to strengthen your organization's security posture and configure ease-of-use features for your end users. For example, you can define bookmarks, a homepage shortcut, allowed or blocked sites, and Azure Active Directory (Azure AD) Application Proxy.

Microsoft Intune protection policies for Microsoft Edge help to protect your organization’s data and resources. Using these policies with Microsoft Edge ensures that your company’s resources are protected not only within natively installed apps, but also when accessed through the web browser.

Getting started

You and your end users can download Microsoft Edge from public app stores for use in your organizations.The operating system requirements for browser policies are either of the following:

  • Android 4 and later
  • iOS 8.0 and later

Application protection policies for Microsoft Edge

Because Microsoft Edge is integrated with the Intune SDK, you can apply application protection policies to them.

You can apply these settings to:

  • Devices that are enrolled with Intune.
  • Devices that are enrolled with another mobile device management product.
  • Unmanaged devices.

If Microsoft Edge is not targeted with Intune policy, users can't use it to access data from other Intune-managed applications, such as Office apps.

Conditional Access for Microsoft Edge

You can use Azure AD Conditional Access to redirect your users to access corporate content only through Microsoft Edge. This restricts mobile browser access to Azure AD-connected web apps to policy-protected Microsoft Edge. This blocks access from any other unprotected browsers, such as Safari or Chrome. You can apply Conditional Access to Azure resources like Exchange Online and SharePoint Online, the Microsoft 365 admin center, and even on-premises sites that you have exposed to external users via the Azure AD Application Proxy.

To restrict Azure AD-connected web apps to use Microsoft Edge on iOS and Android:

  1. Sign in to the Microsoft Endpoint Manager Admin Center.

  2. Under the Intune node, select Conditional Access > New policy.

  3. Select Grant from the Access controls section of the pane.

  4. Select Require approved client app.

  5. Choose Select on the Grant pane. This policy must be assigned to the cloud apps that you want to be accessible to only the Intune Managed Browser app.

  6. In the Assignments section, select Conditions > Apps. The Apps pane appears.

  7. Under Configure, select Yes to apply the policy to specific client apps.

  8. Verify that Browser is selected as a client app.

    Note

    If you want to restrict which native apps (non-browser apps) can access these cloud applications, you can also select Mobile apps and desktop clients.

  9. In the Assignments section, select Users and groups, and then choose the users or groups you want to assign this policy.

  10. In the Assignments section, select Cloud apps to choose which apps to protect with this policy.

After the above policy is configured, users are forced to use Microsoft Edge to access the Azure AD-connected web apps you have protected with this policy. If users attempt to use an unmanaged browser in this scenario, they receive a message that they must use Microsoft Edge.

Tip

Conditional Access is an Azure AD technology. The Conditional Access node accessed from Intune is the same node as accessed from Azure AD.

Single sign-on to Azure AD-connected web apps in policy-protected browsers

Microsoft Edge on iOS and Android can take advantage of single sign-on (SSO) to all web apps (SaaS and on-premises) that are Azure AD-connected. SSO allows users to access Azure AD-connected web apps through Microsoft Edge, without having to re-enter their credentials.

SSO requires your device to be registered by either the Microsoft Authenticator app for iOS devices, or the Intune Company Portal on Android. When users have either of these, they are prompted to register their device when they go to an Azure AD-connected web app in a policy-protected browser. (This is only true if their device hasn't already been registered.) After the device is registered with the user’s account managed by Intune, that account has SSO enabled for Azure AD-connected web apps.

Note

Device registration is a simple check-in with the Azure AD service. It doesn't require full device enrollment, and doesn't give IT any additional privileges on the device.

Create a protected browser app configuration

To create app configuration for Microsoft Edge:

  1. Sign in to the Microsoft Endpoint Manager Admin Center.

  2. Select Apps > App configuration policies > Add.

  3. On the Add configuration policy pane, enter a Name and optional Description for the app configuration settings.

  4. For Device enrollment type, choose Managed apps.

  5. Choose Select the required app. Then, on the Targeted apps pane, choose the Managed Browser or Edge for iOS, for Android, or for both.

  6. Select OK to return to the Add configuration policy pane.

  7. Select Configuration settings. On the Configuration pane, you define key and value pairs to supply configurations for Microsoft Edge. Use the sections later in this article to learn about the different key and value pairs you can define.

    Note

    Microsoft Edge uses the same key and value pairs as the Managed Browser.On Android, Microsoft Edge must be targeted with app protection policies for app configuration policies to take effect.

  8. When you are done, select OK.

  9. On the Add configuration policy pane, choose Add.
    The new configuration is created and displayed on the App configuration pane.

Assign the configuration settings you created

You assign the settings to groups of users in Azure AD. If that user has the targeted protected browser app installed, then the app is managed by the settings you specified.

  1. On the Apps pane of the Intune mobile application management dashboard, select App configuration policies.
  2. From the list of app configurations, select the one you want to assign.
  3. On the next pane, select Assignments.
  4. On the Assignments pane, select the Azure AD group to which you want to assign the app configuration, and then select OK.

Direct users to Microsoft Edge instead of the Intune Managed Browser

Both the Intune Managed Browser and Microsoft Edge can be used as policy-protected browsers. To ensure that your users are being directed to use the correct browser app, target all of your Intune-managed apps (for example, Outlook, OneDrive, and SharePoint) with the following configuration setting:

KeyValue
com.microsoft.intune.useEdgeThe value true will direct your users to download and use Microsoft Edge.
The value false will allow your users to use the Intune Managed Browser.

If this app configuration value is not set, the following logic will define which browser will be used to open corporate links.

On Android:

  • The Intune Managed Browser launches if a user has both the Intune Managed Browser and Microsoft Edge downloaded on their device.
  • Microsoft Edge launches if only Microsoft Edge is downloaded on the device, and is targeted with Intune policy.
  • Managed Browser launches if only Managed Browser is on the device, and is targeted with Intune policy.

On iOS, for apps that have integrated the Intune SDK for iOS v. 9.0.9+:

  • The Intune Managed Browser launches if both the Managed Browser and Microsoft Edge are on the device.
  • Microsoft Edge launches if only Microsoft Edge is on the device, and is targeted with Intune policy.
  • Managed Browser launches if only Managed Browser is on the device, and is targeted with Intune policy.

Configure Application Proxy settings for Microsoft Edge

You can use Microsoft Edge and Azure AD Application Proxy together to give users access to intranet sites on their mobile devices.

These are some examples of the scenarios Azure AD Application Proxy enable:

  • A user is using the Outlook mobile app, which is protected by Intune. They then click a link to an intranet site in an email, and Microsoft Edge recognizes that this intranet site has been exposed to the user through Application Proxy. The user is automatically routed through Application Proxy, to authenticate with any applicable multi-factor authentication and Conditional Access, before reaching the intranet site. The user is now able to access internal sites, even on their mobile devices, and the link in Outlook works as expected.
  • A user opens Microsoft Edge on their iOS or Android device. If Microsoft Edge is protected with Intune, and Application Proxy is enabled, the user can go to an intranet site by using the internal URL they are used to. Microsoft Edge recognizes that this intranet site has been exposed to the user through Application Proxy. The user is automatically routed through Application Proxy, to authenticate before reaching the intranet site.

Before you start

  • Set up your internal applications through Azure AD Application Proxy.
    • To configure Application Proxy and publish applications, see the setup documentation.
  • The Microsoft Edge app must have Intune app protection policy assigned.

Note

Updated Application Proxy redirection data can take up to 24 hours to take effect in the Managed Browser and Microsoft Edge.

Step 1: Enable automatic redirection to Microsoft Edge from Outlook

Configure Outlook with an app protection policy that enables the setting Share web content with policy managed browsers.

Step 2: Set the app configuration setting to enable app proxy

Target Microsoft Edge with the following key/value pair, to enable Application Proxy for Microsoft Edge:

KeyValue
com.microsoft.intune.mam.managedbrowser.AppProxyRedirectiontrue

For more information about how to use Microsoft Edge and Azure AD Application Proxy in tandem for seamless (and protected) access to on-premises web apps, see Better together: Intune and Azure Active Directory team up to improve user access. This blog post references the Intune Managed Browser, but the content applies to Microsoft Edge as well.

Configure a homepage shortcut for Microsoft Edge

This setting allows you to configure a homepage shortcut for Microsoft Edge. The homepage shortcut you configure appears as the first icon beneath the search bar when the user opens a new tab in Microsoft Edge. The user can't edit or delete this shortcut in their managed context. The homepage shortcut displays your organization's name to distinguish it.

Use the following key/value pair to configure a homepage shortcut:

KeyValue
com.microsoft.intune.mam.managedbrowser.homepageSpecify a valid URL. Incorrect URLs are blocked as a security measure.
Example: <https://www.bing.com>

Configure your organization's logo and brand color for new tab pages in Microsoft Edge

These settings allow you to customize the New Tab Page for Microsoft Edge to display your organization's logo and brand color as the page background.

To upload your organization's logo and color, first complete the following steps:

  • Within the Azure portal, navigate to Intune -> Client apps -> Branding and customization -> Company Identity Branding
  • To set your brand's logo, under 'Display', choose 'Company Logo only'. Transparent background logos are recommended.
  • To set your brand's background color, under 'Display' choose 'Theme Color'. Microsoft Edge applies a lighter shade of the color on the New Tab Page, which ensures the page has high readability.

Next, use the following key/value pairs to pull your organizations branding into Microsoft Edge:

Edge Browser Android Apk

KeyValue
com.microsoft.intune.mam.managedbrowser.NewTabPage.BrandLogoTrue
com.microsoft.intune.mam.managedbrowser.NewTabPage.BrandColorTrue

Configure managed bookmarks for Microsoft Edge

For ease of access, you can configure bookmarks that you’d like your users to have available when they are using Microsoft Edge.

Here are some details:

  • These bookmarks only appear for users when they are using the corporate mode of Microsoft Edge.
  • These bookmarks can't be deleted or modified by users.
  • These bookmarks appear at the top of the list. Any bookmarks that users create appear below these bookmarks.
  • If you have enabled Application Proxy redirection, you can add Application Proxy web apps by using either their internal or external URL.

Use the following key/value pair to configure managed bookmarks:

KeyValue
com.microsoft.intune.mam.managedbrowser.bookmarksThe value for this configuration is a list of bookmarks. Each bookmark consists of the bookmark title and the bookmark URL. Separate the title and URL with the | character. Example:
Microsoft Bing|https://www.bing.com
To configure multiple bookmarks, separate each pair with the double character ||.

Example:
Microsoft Bing|https://www.bing.com||Contoso|https://www.contoso.com

Display MyApps within Microsoft Edge bookmarks

By default, your users are shown the MyApps sites that are configured to them within a folder inside Microsoft Edge bookmarks. The folder is labeled with the name of your organization.

KeyValue
com.microsoft.intune.mam.managedbrowser.MyAppsTrue shows MyApps within the Microsoft Edge bookmarks.

False hides MyApps within Microsoft Edge.

Specify allowed or blocked sites list for Microsoft Edge

You can use app configuration to define which sites your users can access when using their work profile. If you use an allow list, your users are only able to access the sites you’ve explicitly listed. If you use a blocked list, your users can access all sites except for those you’ve explicitly blocked. You should only impose either an allowed or a blocked list, not both. If you impose both, the allowed list is honored.

Use the following key/value pairs to configure either an allowed or blocked site list for Microsoft Edge.

KeyValue
Choose from:

1. Specify allowed URLs (only these URLs are allowed; no other sites can be accessed):
com.microsoft.intune.mam.managedbrowser.AllowListURLs

2. Specify blocked URLs (all other sites can be accessed):
com.microsoft.intune.mam.managedbrowser.BlockListURLs

The corresponding value for the key is a list of URLs. You enter all the URLs you want to allow or block as a single value, separated by a pipe | character.
Examples:
URL1|URL2|URL3
http://.contoso.com/|https://.bing.com/|https://expenses.contoso.com

URL formats for allowed and blocked site list

You can use various URL formats to build your allowed/blocked sites lists. These permitted patterns are detailed in the following table. Some notes before you get started:

  • Ensure that you prefix all URLs with http or https when entering them into the list.

  • You can use the wildcard symbol (*) according to the rules in the following permitted patterns list.

  • A wildcard can only match an entire component of the hostname (separated by periods) or entire parts of the path (separated by forward slashes). For example, http://*contoso.com is not supported.

  • You can specify port numbers in the address. If you do not specify a port number, the values used are:

    • Port 80 for http
    • Port 443 for https

  • Using wildcards for the port number is not supported. For example, http://www.contoso.com:* and http://www.contoso.com:*/ are not supported.

    URLDetailsMatchesDoes not match
    http://www.contoso.comMatches a single pagewww.contoso.comhost.contoso.com
    www.contoso.com/images
    contoso.com/
    http://contoso.comMatches a single pagecontoso.com/host.contoso.com
    www.contoso.com/images
    www.contoso.com
    http://www.contoso.com/*;Matches all URLs that begin with www.contoso.comwww.contoso.com
    www.contoso.com/images
    www.contoso.com/videos/tvshows    		host.contoso.com
    host.contoso.com/images
    http://*.contoso.com/*Matches all subdomains under contoso.comdeveloper.contoso.com/resources
    news.contoso.com/images
    news.contoso.com/videos    		contoso.host.com
    http://*contoso.com/*Matches all subdomains ending with contoso.com/http://news-contoso.com
    http://news-contoso.com.com/daily    		http://news-contoso.host.com
    http://www.contoso.com/imagesMatches a single folderwww.contoso.com/imageswww.contoso.com/images/dogs
    http://www.contoso.com:80Matches a single page, by using a port numberhttp://www.contoso.com:80
    https://www.contoso.comMatches a single, secure pagehttps://www.contoso.comhttp://www.contoso.com
    http://www.contoso.com/images/*Matches a single folder and all subfolderswww.contoso.com/images/dogs
    www.contoso.com/images/cats    		www.contoso.com/videos

  • The following are examples of some of the inputs that you can't specify:

    • *.com
    • *.contoso/*
    • www.contoso.com/*images
    • www.contoso.com/*images*pigs
    • www.contoso.com/page*
    • IP addresses
    • https://*
    • http://*
    • https://*contoso.com
    • http://www.contoso.com:*
    • http://www.contoso.com: /*

Define behavior when users try to access a blocked site

With the dual-identity model built into Microsoft Edge, you can enable a more flexible experience for your end users than was possible with the Intune Managed Browser. When users hit a blocked site in Microsoft Edge, you can prompt them to open the link in their personal context instead of their work context. This enables them to stay protected, while keeping corporate resources safe. For example, if a user is sent a link to a news article through Outlook, they can open the link in their personal context or in an InPrivate tab. Their work context doesn't allow news websites. By default, these transitions are allowed.

Use the following key/value pair to configure whether these soft transitions are allowed:

KeyValue
com.microsoft.intune.mam.managedbrowser.AllowTransitionOnBlockTrue allows Microsoft Edge to transition users to their personal context to open blocked sites.

Block prevents Microsoft Edge from transitioning users. Users are simply shown a message stating that the site they are trying to access is blocked.

Microsoft Edge Update Browser Android

Use Microsoft Edge on iOS to access managed app logs

Users with Microsoft Edge installed on their iOS device can view the management status of all Microsoft published apps. They can send logs for troubleshooting their managed iOS apps. Here's how:

Microsoft Edge Apk Download Android

  1. Open Microsoft Edge on your iOS device.
  2. Type about:intunehelp in the address box.
  3. Microsoft Edge launches troubleshooting mode.

For a list of the settings stored in the app logs, see Review app protection logs in the Managed Browser.

To see how to view logs on Android devices, see Send logs to your IT admin by email.

Security and privacy for Microsoft Edge

The following are additional security and privacy considerations for Microsoft Edge:

  • Microsoft Edge doesn't consume settings that users set for the native browser on their devices, because Microsoft Edge can't access these settings.
  • You can configure the option Require simple PIN for access or Require corporate credentials for access in an app protection policy associated with Microsoft Edge. If a user selects the help link on the authentication page, they can browse any internet sites, regardless of whether they were added to a blocked list in the policy.
  • Microsoft Edge can block access to sites only when they are accessed directly. It doesn't block access when users use intermediate services (such as a translation service) to access the site.
  • To allow authentication, and access to Intune documentation, *.microsoft.com is exempt from the allow or block list settings. It's always allowed.
  • Users can turn off data collection. Microsoft automatically collects anonymous data about the performance and use of the Managed Browser to improve Microsoft products and services. Users can turn off data collection by using the Usage Data setting on their devices. You have no control over the collection of this data. On iOS devices, websites that users visit that have an expired or untrusted certificate can't be opened.

Edge Browser Apk

Next steps