Best Practices for Client Access to Office 365

Sign in to queue

Description

In this deep-dive session, we will discuss options for securing client access to Office 365, including how to restrict access, why you may not want to, and the pros and cons of using web proxies or direct access. We’ll discuss how other customers are doing this in production and share lessons learned from them, as well as how Microsoft does things themselves.
For more information, check out this course on Microsoft Virtual Academy:

Day:

4

Level:

300

Session Type:

Best Practices

Code:

BRK3141

Room:

E353

Embed

Download

Download this episode

Download captions

For more information, check out this course on Microsoft Virtual Academy:

The Discussion

  • User profile image
    Duncan

    This is a very helpful deep dive session. One question I have is which of the URLs below should go through the proxy. I noticed in the previous deep dive it was recommended that SharePoint should use the proxy. So I'd imagine *.sharepoint.com should use the proxy. Is there anything else below that should use the proxy?

    This is the URL I obtained the list from:
    https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US

    "*.aadrm.com","*.activedirectory.windowsazure.com","*.adhybridhealth.azure.com","*.azurerms.com","*.blob.core.windows.net","*.cloudapp.net","*.glbdns.microsoft.com","*.live.com","*.microsoft.com","*.microsoftonline.com","*.microsoftonlineimages.com","*.microsoftonline-p.com","*.microsoftonline-p.net","*.msecnd.net","*.msocdn.com","*.office.com","*.office.net","*.office365.com","*.onmicrosoft.com","*.phonefactor.net","*.queue.core.windows.net","*.servicebus.windows.net","*.table.core.windows.net","*.windows.net","dc.services.visualstudio.com","Home.Office.com","liverdcxstorage.blob.core.windowsazure.com","login.microsoftonline.com","login.windows.net","office365servicehealthcommunications.cloudapp.net","policykeyservice.dc.ad.msft.net","Portal.Office.com","secure.aadcdn.microsoftonline-p.com","telemetry.remoteapp.windowsazure.com","vortex.data.microsoft.com","www.remoteapp.windowsazure.com","*.Lync.com","evsecure-ocsp.verisign.com","evsecure-aia.verisign.com","evsecure-crl.verisign.com","sa.symcb.com","sd.symcb.com","*.omniroot.com","*.verisign.com","*.symcb.com","*.symcd.com","*.verisign.net","*.geotrust.com","*.entrust.net","*.public-trust.com","activation.sls.microsoft.com","clientconfig.microsoftonline-p.net","crl.microsoft.com","go.microsoft.com","login.microsoftonline.com","login.windows.net","odc.officeapps.live.com","office15client.microsoft.com","officecdn.microsoft.com","ols.officeapps.live.com","*.onenote.com","*.sharepoint.com","*.sharepointonline.com","*.streaming.mediaservices.windows.net","ajax.aspnetcdn.com","cdn.onenote.net","cdn.sharepointonline.com","prod.msocdn.com","r3.res.outlook.com","spoprod-a.akamaihd.net","static.sharepointonline.com","*.officeapps.live.com","*.cdn.office.net","*.assets-yammer.com","ajax.googleapis.com","*.cloudfront.net","*.yammer.com","*.yammerusercontent.com","*.outlook.com","*.hybridconfiguration.azurewebsites.net","*.Blob.core.Windows.Net","domains.live.com","hybridconfiguration.azurewebsites.net","outlook.office.com","outlook.office365.com","r1.res.office365.com","r3.res.office365.com","r4.res.office365.com","smtp.office365.com","directory.services.live.com","odc.officeapps.live.com","docs.live.net","roaming.officeapps.live.com","nexus.officeapps.live.com","sqm.microsoft.com","watson.telemetry.microsoft.com","login.live.com","wer.microsoft.com","microsoft-my.sharepoint.com","login.microsoftonline.com","ms.tific.com","msft.sts.microsoft.com","p100-sandbox.itunes.apple.com","signup.live.com","auth.gfx.ms","view.atdmt.com","client.hip.live.com","dc2.client.hip.live.com","c.live.com","go.microsoft.com","office.microsoft.com","officeimg.vo.msecnd.net","m.webtrends.com","account.live.com","c.bing.com","partnerservices.getmicrosoftkey.com","client.hip.live.com","clientconfig.microsoftonline-p.net","cl2.apple.com","sas.office.microsoft.com","foodanddrink.services.appex.bing.com","en-US.appex-rf.msn.com","weather.tile.appex.bing.com","office15client.microsoft.com","odc.officeapps.live.com","go.microsoft.com","login.microsoftonline.com","msft.sts.microsoft.com","odcsm.officeapps.live.com","microsoft-my.sharepoint.com","ms.tific.com","roaming.officeapps.live.com","o15.officeredir.microsoft.com","office.microsoft.com","officeimg.vo.msecnd.net","m.webtrends.com","d.docs.live.net","login.live.com","auth.gfx.ms","wer.microsoft.com","*.appex.bing.com","*.appex-rf.msn.com","appexsin.stb.s-msn.com"

Add Your 2 Cents