SaaS App Management: Microsoft 365

Prisma Access gives you simple, centralized management for your SaaS applications, including Microsoft 365 apps.
Prisma Access gives you simple, centralized management for your SaaS applications, including Microsoft 365 apps. Safely enable your Microsoft apps for enterprise use by:
To manage Microsoft 365 usage, go to
Manage
Configuration
Security Services
SaaS Application Management
and edit
Microsoft 365
settings:

Microsoft 365 Endpoint Lists

Microsoft publishes lists of the IP addresses and URL endpoints their SaaS applications use, and frequently updates these lists.
Palo Alto Networks hosts these lists for you, and from within Prisma Access, you can subscribe to the lists that are relevant to you. You can use the lists you’re subscribe to in policy. As Microsoft refreshes their endpoint lists, your policy dynamically enforces the latest version of the list; there’s no need for you to monitor list changes or make manual policy updates to catch the latest updates.
  1. Subscribe to an endpoint list
    1. Edit Microsoft 365 settings and go to
      Endpoint Lists
      .
    2. Select
      Customize Subscription
      and choose the endpoint lists you want to subscribe to, based on the services you’re using and the list type (IPv4, IPv6, or URL).
  2. Add the endpoint list to a security policy rule
    Your subscribed lists are available for you to use as match criteria in a security policy rule.
    1. Go to
      Manage
      Security Services
      Security Policy
      and add or edit a rule.
    2. Add
      SaaS Application Endpoint
      lists as match criteria for the rule.

Microsoft 365 Tenant Restrictions

Tenant restrictions give you a way limit app usage to enterprise accounts (stop users from accessing their personal Microsoft accounts on the company network). To put tenant restrictions in place:
Specify the Microsoft 365 tenants to which you want to allow access.
  1. Specify the Microsoft 365 domains and tenants to which you want to allow access.
  2. Add the tenant restrictions to a security policy rule.
    While you can add tenant restrictions to a security policy rule directly from the Microsoft 365 settings here, any tenant restrictions you’ve configured can also be easily added to new and existing security policy rules:

Recommended For You