Sophos Xg Microsoft Teams

Posted on  by 



How to enable your Sophos XG Firewall to connect with Sophos Central in order to activate synchronized security Lateral Movement Protection This video shows how XG Firewall and Synchronized Security can prevent infected machines from communicating with other machines on the same network with the help of Lateral Movement Protection. XG Firewall virtual appliances support a wider range of hypervisor platforms and can be run on Amazon AWS or Microsoft Azure IaaS platforms. License migration Sophos Web Appliance is licensed by the number of users, regardless of how many physical or virtual appliances are required to protect them. Because Microsoft uses non standard HTTP/HTTPS connections the Sophos XG Firewall's HTTP scanning feature has the potential to prevent Skype for business from working or may cause random call drops. This article explains how to allow this traffic through the XG without being scanned. Since you weren't doing AV scanning, the only thing left was to skip the Proxy for the access to emea.ng.msg.teams.microsoft.com. I note that that FQDN has multiple DNS A-records, so you will want to use it in a DNS Group definition in the Skiplist instead of a DNS Host definition.

Overview

  • This article describe the steps to allow Office 365 installation, updates and general usage through the Web Protection module of the Sophos XG Firewall. The specified exceptions resolve the timeout/AV error issues and HTTPS inspection issues.

How to do ?

Method 1

Sophos xg microsoft teams app

Manually add the Office 365 URLs to the Web Filter Exceptions:

  • Go to Web > Exceptions and then click Add Exception.
  • Name the exception Office365.
  • Flag the options HTTPS Decryption and Malware and Content Scanning under the Skip the selected checks or actions section.
  • Flag the URL pattern matches under the For web traffic matching these criteria section.
  • Insert the following exceptions:

^([A-Za-z0-9.-]*.)?office365.com/?
^([A-Za-z0-9.-]*.)?admin.microsoft.com/?
^([A-Za-z0-9.-]*.)?portal.cloudappsecurity.com/?
^([A-Za-z0-9.-]*.)?us.portal.cloudappsecurity.com/?
^([A-Za-z0-9.-]*.)?eu.portal.cloudappsecurity.com/?
^([A-Za-z0-9.-]*.)?eu2.portal.cloudappsecurity.com/?
^([A-Za-z0-9.-]*.)?us2.portal.cloudappsecurity.com/?
^([A-Za-z0-9.-]*.)?us3.portal.cloudappsecurity.com/?
^([A-Za-z0-9.-]*.)?onmicrosoft.com/?
^([A-Za-z0-9.-]*.)?account.office.net/?
^([A-Za-z0-9.-]*.)?agent.office.net/?
^([A-Za-z0-9.-]*.)?delve.office.com/?
^([A-Za-z0-9.-]*.)?home.office.com/?
^([A-Za-z0-9.-]*.)?portal.office.com/?
^([A-Za-z0-9.-]*.)?suite.office.net/?
^([A-Za-z0-9.-]*.)?webshell.suite.office.com/?
^([A-Za-z0-9.-]*.)?www.office.com/?
^([A-Za-z0-9.-]*.)?aria.microsoft.com/?
^([A-Za-z0-9.-]*.)?portal.microsoftonline.com/?
^([A-Za-z0-9.-]*.)?clientlog.portal.office.com/?
^([A-Za-z0-9.-]*.)?nexus.officeapps.live.com/?
^([A-Za-z0-9.-]*.)?nexusrules.officeapps.live.com/?
^([A-Za-z0-9.-]*.)?amp.azure.net/?
^([A-Za-z0-9.-]*.)?o365weve.net/?
^([A-Za-z0-9.-]*.)?auth.gfx.ms/?
^([A-Za-z0-9.-]*.)?appsforoffice.microsoft.com/?
^([A-Za-z0-9.-]*.)?assets.onestore.ms/?
^([A-Za-z0-9.-]*.)?az826701.vo.msecnd.net/?
^([A-Za-z0-9.-]*.)?c.microsoft.com/?
^([A-Za-z0-9.-]*.)?c1.microsoft.com/?
^([A-Za-z0-9.-]*.)?client.hip.live.com/?
^([A-Za-z0-9.-]*.)?contentstorage.osi.office.net/?
^([A-Za-z0-9.-]*.)?dgps.support.microsoft.com/?
^([A-Za-z0-9.-]*.)?docs.microsoft.com/?
^([A-Za-z0-9.-]*.)?groupsapi-prod.outlookgroups.ms/?
^([A-Za-z0-9.-]*.)?groupsapi2-prod.outlookgroups.ms/?
^([A-Za-z0-9.-]*.)?groupsapi3-prod.outlookgroups.ms/?
^([A-Za-z0-9.-]*.)?groupsapi4-prod.outlookgroups.ms/?
^([A-Za-z0-9.-]*.)?msdn.microsoft.com/?
^([A-Za-z0-9.-]*.)?platform.linkedin.com/?
^([A-Za-z0-9.-]*.)?products.office.com/?
^([A-Za-z0-9.-]*.)?prod.msocdn.com/?
^([A-Za-z0-9.-]*.)?res.delve.office.com/?
^([A-Za-z0-9.-]*.)?shellprod.msocdn.com/?
^([A-Za-z0-9.-]*.)?support.content.office.com/?
^([A-Za-z0-9.-]*.)?support.microsoft.com/?
^([A-Za-z0-9.-]*.)?support.office.com/?
^([A-Za-z0-9.-]*.)?technet.microsoft.com/?
^([A-Za-z0-9.-]*.)?templates.office.com/?
^([A-Za-z0-9.-]*.)?video.osi.office.net/?
^([A-Za-z0-9.-]*.)?videocontent.osi.office.net/?
^([A-Za-z0-9.-]*.)?videoplayer.osi.office.net/?
^([A-Za-z0-9.-]*.)?manage.office.com/?
^([A-Za-z0-9.-]*.)?protection.office.com/?
^([A-Za-z0-9.-]*.)?blob.core.windows.net/?
^([A-Za-z0-9.-]*.)?helpshift.com/?
^([A-Za-z0-9.-]*.)?localytics.com/?
^([A-Za-z0-9.-]*.)?firstpartyapps.oaspapps.com/?
^([A-Za-z0-9.-]*.)?outlook.uservoice.com/?
^([A-Za-z0-9.-]*.)?prod.firstpartyapps.oaspapps.com.akadns.net/?
^([A-Za-z0-9.-]*.)?rink.hockeyapp.net/?
^([A-Za-z0-9.-]*.)?sdk.hockeyapp.net/?
^([A-Za-z0-9.-]*.)?telemetryservice.firstpartyapps.oaspapps.com/?
^([A-Za-z0-9.-]*.)?wus-firstpartyapps.oaspapps.com/?
^([A-Za-z0-9.-]*.)?liverdcxstorage.blob.core.windowsazure.com/?
^([A-Za-z0-9.-]*.)?telemetry.remoteapp.windowsazure.com/?
^([A-Za-z0-9.-]*.)?vortex.data.microsoft.com/?
^([A-Za-z0-9.-]*.)?www.remoteapp.windowsazure.com/?
^([A-Za-z0-9.-]*.)?hockeyapp.net/?
^([A-Za-z0-9.-]*.)?sharepointonline.com/?
^([A-Za-z0-9.-]*.)?staffhub.office.com/?
^([A-Za-z0-9.-]*.)?api.office.com/?
^([A-Za-z0-9.-]*.)?enterpriseregistration.windows.net/?
^([A-Za-z0-9.-]*.)?dc.applicationinsights.microsoft.com/?
^([A-Za-z0-9.-]*.)?dc.services.visualstudio.com/?
^([A-Za-z0-9.-]*.)?forms.microsoft.com/?
^([A-Za-z0-9.-]*.)?forms.office.com/?
^([A-Za-z0-9.-]*.)?graph.windows.net/?
^([A-Za-z0-9.-]*.)?mem.gfx.ms/?
^([A-Za-z0-9.-]*.)?office365servicehealthcommunications.cloudapp.net/?
^([A-Za-z0-9.-]*.)?securescore.office.com/?
^([A-Za-z0-9.-]*.)?signup.microsoft.com/?
^([A-Za-z0-9.-]*.)?staffhub.ms/?
^([A-Za-z0-9.-]*.)?staffhubweb.azureedge.net/?
^([A-Za-z0-9.-]*.)?staffhub.uservoice.com/?
^([A-Za-z0-9.-]*.)?forms.osi.office.net/?
^([A-Za-z0-9.-]*.)?watson.telemetry.microsoft.com/?
^([A-Za-z0-9.-]*.)?wu.client.hip.live.com/?
^([A-Za-z0-9.-]*.)?testconnectivity.microsoft.com/?

Note: For some specific features, it may be required to exclude the following second-level domains altogether:

^([A-Za-z0-9.-]*.)?microsoft.com/?
^([A-Za-z0-9.-]*.)?msocdn.com/?
^([A-Za-z0-9.-]*.)?office.com/?
^([A-Za-z0-9.-]*.)?office.net/?
^([A-Za-z0-9.-]*.)?onmicrosoft.com/?

  • Click Save and verify that the exception is active.

Note:

  • The exception created does not bypass the policy checks. If it is required to bypass the policy checks, enable the Policy Checks option under the Skip the selected checks or actions section.
  • The exceptions provided in this article are the base exception. Microsoft continuously updates their IP addresses and domains. Please refer to Office 365 URLs and IP address ranges for an updated list.

Method 2

Import exception list through XG’s Backup & firmware > Import export.

  • (1) Download the exception lists here.
  • Extract the content of the zip file. The zip file contains the following:

API-O365-all.tar – this is a comprehensive set of 108 exceptions, every web URL that Microsoft list
API-O365-required.tar – this a subset of 50 exceptions corresponding to the groups that Microsoft says are ‘required’
API-O365-minimal.tar – this is a subset of 10 exceptions that correspond to the groups Microsoft says are ‘required’ and flag as ‘optimize’ or ‘allow’

Sophos Xg Microsoft Teams Login

Upload one of the files as needed.

  • On the XG Firewall Web Console, navigate to System > Backup & firmware > Import export.

Sophos Xg Models

Sophos xg firewalls

Sophos Xg Microsoft Teams Exceptions

Sophos xg microsoft teams qos

Sophos Xg Microsoft Teams

  • Click Choose File and browse to the location where the files have been extracted on step 1.
  • Once the file has been selected, click on Import.
  • Once imported, go to Web > Exceptions and enable the exception.

​Silloway Networks Professional Services

Keep your business or organization secure and productive with remote monitoring, on-site visits, skilled network Technicians and our quick-response Support Team.

Need Immediate Assistance? Call 802 282-4255

Silloway Network Essentials for Productivity & Security

Microsoft Office 365

Office 365 is a cloud-based subscription service that brings together the best tools for the way people work today. By combining best-in-class apps like Excel and Outlook with powerful cloud services like OneDrive, Office 365 lets anyone create and share anywhere on any device.

Microsoft Teams for Remote Workers

Meet Microsoft Teams - When you have a place to create and make decisions as a team, there’s no limit to what you can achieve. Teams brings everything together in a shared workspace where you can chat, meet, share files, and work with business apps.

Sophos Advanced Endpoint & XG Firewall

Sophos Endpoint Protection - secure your Windows systems against malware and advanced threats, & targeted attacks.
Sophos XG Firewall - Firewall plus IPS, application security, and advanced threat protection

Remote Support Instructions 2 Steps

STEP 1:CLICK Download Remote Support
(next to the Red arrow below)

Save the file, and then click to Run
Agree and continue through any security prompts.
Enter your name and company when prompted and click Submit.




Coments are closed