Once created, you can use the custom App-ID in security policy, as shown below. Click on "Signature" tab under Application and configure as shown below:. Under Objects > Applications – click “Add” and configure as shown below:. Please follow the steps outlined below to create a custom App-ID for Office 365 enterprise logins. We have also provided some sample outputs of how such a security policy base might look like.Ĥ.1 Creating Custom App-ID to secure Office 365 created, this App-ID can then be used in policies with existing Office 365 App-IDs, limit access to only sanctioned Office 365 enterprise accounts while blocking access to unsanctioned Office 365 enterprise accounts and Office 365 consumer accounts.īelow, we have outlined the steps required to create such a custom App-ID. This decode context looks for the domain name in the login name for accessing any Office 365 enterprise offering.įor example, customers can create a custom Office 365 App-ID that will allow logins to Office 365 only from usernames in the format of: Microsoft refers to this by using the terminology of cross-tenant sharing using SharePoint.Ĥ. Leveraging Custom App-ID to Secure Office 365Ĭustomers can now create a custom App-ID for Office 365 logins, using the new decode context of “http-req-ms-subdomain”. When it comes to Office 365, most customers want to control this activity by limiting the instances of Office 365 users should be able to get to. For example, someone in Company A can invite a user from Company B to a collobration folder using Microsoft Sharepoint. Where you are getting to: This means the URL or the resources you are accessing. Many customers would like to allow access to Office 365 from only the sanctioned enterprise accounts. For example, users in the company can have multiple accounts to access Office 365, which could be either their consumer accounts or an unsanctioned enterprise account they have purchased using personal emails. Where you are coming from: This means the login name you are using to access resources. Typically, for any SaaS solution, when it comes to access, there are two notions, which are: It does not replace these App-IDs, but augments their capabilities to identify not just the type of access (enterprise vs consumer) but also identify a specific enterprise account login instance.ģ. Office 365 access control will work with all existing Office 365 App-IDs (shown below). Office 365 Access Control and Existing Office 365 App-IDs This capability will only work if traffic to Office 365 is decrypted.Ģ. Week of August 29 th, 2016: Palo Alto Networks functionally enables these two new App-IDs and decode context so that customers can start using this new capability. We have an extensive FAQ document to assist our customers with this change on the Live Community at. 
This will help our customers to understand this change and make the necessary policy changes to aid in policy migration for using this feature. July 7 th, 2016: Palo Alto Networks releases the new App-IDs and decode context but only as placeholders without enabling functionally.http-req-ms-subdomain: This will look for the domain name in the username for accessing Office 365 enterprise services.These include Office 365 Home, Office 365 Personal, Office 365 Home and Student. Office 365-consumer-access: This App-ID covers the consumer offerings from Office.These include Office 365 Business Essentials, Office 365 Business, Office 365 Business Premium, Office 365 Enterprise E1, E3 and E5 plans.
Office 365-enterprise-access : This App-ID covers the business and enterprise offerings from Microsoft for Office 365. Palo Alto Networks is announcing the release of two new App-IDs and a new decode context that can be used in combination with custom application signatures and URL filtering to achieve all of the above-mentioned objectives. To control and limit cross-tenant sharing of “SharePoint-online”. To have the ability to block consumer access to Office 365 services. To allow specific sanctioned instances of Office 365 enterprise accounts while blocking unsanctioned access to Office 365 either from unsanctioned enterprise accounts or consumer accounts. 
To have visibility into enterprise and consumer use of Office 365 in their networks.Typically, enterprises want to achieve the following goals:
Office 365 App-ID, AV/AS, IPS, WildFire & Decryption Support MatrixĪs enterprises continue adopting Microsoft ® Office 365™, there is continued focus on safely enabling it. Office 365 Access Control and Sharepoint Instance Leveraging Custom App-ID to Secure Office 365
0 kommentar(er)
