https://live.paloaltonetworks.com/t5/general-topics/o365-sub-applications/m-p/251890#M71620 <P>Currently, our palo alto only detects the following O365 applications</P><P>*ms-office365</P><P>*outlook-web-online</P><P>*sharepoint-online</P><P>*ms-office365-base</P><P>*ms-teams</P><P>*ms-lync-online</P><P>&nbsp;</P><P>Do we need to enable SSL decryption so that it can detect other sub-applications? (ms-downloading, ms-uploading, ms-posting, etc.)</P> Fri, 01 Mar 2019 11:14:27 GMT theonewhoknocks 2019-03-01T11:14:27Z https://live.paloaltonetworks.com/t5/general-topics/o365-sub-applications/m-p/251890#M71620 <P>Currently, our palo alto only detects the following O365 applications</P><P>*ms-office365</P><P>*outlook-web-online</P><P>*sharepoint-online</P><P>*ms-office365-base</P><P>*ms-teams</P><P>*ms-lync-online</P><P>&nbsp;</P><P>Do we need to enable SSL decryption so that it can detect other sub-applications? (ms-downloading, ms-uploading, ms-posting, etc.)</P> Fri, 01 Mar 2019 11:14:27 GMT https://live.paloaltonetworks.com/t5/general-topics/o365-sub-applications/m-p/251890#M71620 theonewhoknocks 2019-03-01T11:14:27Z https://live.paloaltonetworks.com/t5/general-topics/o365-sub-applications/m-p/251909#M71626 <P>Yes</P> Fri, 01 Mar 2019 12:37:21 GMT https://live.paloaltonetworks.com/t5/general-topics/o365-sub-applications/m-p/251909#M71626 OGMaverick 2019-03-01T12:37:21Z https://live.paloaltonetworks.com/t5/general-topics/o365-sub-applications/m-p/252038#M71663 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/72987">@theonewhoknocks</a>&nbsp;,</P><P>To expand on the correct answer of&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/84842">@OGMaverick</a>; the firewall can't actually identify any of the more specific app-ids unless it can actually inspect the full traffic via decryption. Without decryption, the app-id process is really "best-effort" practice and you'll miss out on the finer controls that you would have had access to if decrypting the traffic.&nbsp;</P> Sat, 02 Mar 2019 20:57:05 GMT https://live.paloaltonetworks.com/t5/general-topics/o365-sub-applications/m-p/252038#M71663 BPry 2019-03-02T20:57:05Z https://live.paloaltonetworks.com/t5/general-topics/o365-sub-applications/m-p/255969#M72605 <P>If we decrypt O365 traffic, can it "see" the file names of the files being transmitted? Right now we are using an Exchange solution, that even if the traffic is decrypted, the firewall cannot "see" the files, so in the monitor there is no indication that a file was attached to an email, that would be something we would like to implement.</P> Wed, 03 Apr 2019 18:49:13 GMT https://live.paloaltonetworks.com/t5/general-topics/o365-sub-applications/m-p/255969#M72605 Infrastructure_TBS 2019-04-03T18:49:13Z