Microsoft Lystavlen - the Online display board

Lystavlen is the danish word for 'the display board'. This blog is all about sharing the beauty of Microsoft Online Services

Limiting access to Microsoft Office 365, depending on where the client resides

Limiting access to Microsoft Office 365, depending on where the client resides

  • Comments 1
  • Likes

Many customers who have implemented our federated SSO feature have asked us to enable more control over external access based on the location of the client e.g. limit access to Microsoft Office 365 services, depending on where the client (trying to access the Office 365 services) resides.

While this feature is officially on the roadmap for the first half of calendar year 2012, it is available now to customers as a QFE (hotfix) via KB2607496 and is fully documented on TechNet.  The feature will move to officially released with the next service pack for AD FS but has already been pilot tested with 12 customers.  In short the new capability allows customers to:

  • Block all extranet client access to Office 365
  • Block all extranet client access to Office 365 except for devices that use Exchange Active Sync
  • Block all extranet client access to Office 365 except for browser based applications
  • Block all extranet client access to Office 365 for members of designated Active Directory groups
  • Enforce two factor authentication requirements by blocking external access and forcing users to VPN into the customer’s network where 2FA can be enforced

See also

  • "Office 365 URLs and IP Address Ranges" - link
  • "Understanding the AD FS 2.0 Proxy" - link
  • "Limiting Access to Office 365 Services Based on the Location of the Client" - link
Comments
Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment