Permissions for dependent application under parent application to inbound destination

dromanelli — Thu, 10 Dec 2020 19:44:56 GMT

Hi All,

I am in the process of migrating from Lotus Notes to O365. The migration requires a ton of IP's being permitted from the outside inbound to my migration servers in my data centers. Rather than call all of those IP's, I am instead permitting any traffic from the outside inbound to these servers on application ms-office365. However, when I select that application in the security policy, it tells me there are other dependencies that it requires and it wants me to add those dependent applications to the rule (i.e. web-browsing, ssl). So here's my question:

If I add those dependent applications, does that mean that ANY inbound source can hit my local migration servers on web-browsing and ssl, or is it somehow still restricted to ONLY ms-office365 sources?

Re: Permissions for dependent application under parent application to inbound destination

Retired Member — Thu, 10 Dec 2020 21:51:12 GMT

If your security policy is set to have any source IP it would mean that access would not be limited to the ms-office365 application.

Once you add the explicit required apps to the rule they are seen as separate entities and one would for instance be able to web-browse to your internal server without any intention of the ms-office365 application..

topic Re: Permissions for dependent application under parent application to inbound destination in General Topics

Permissions for dependent application under parent application to inbound destination

Re: Permissions for dependent application under parent application to inbound destination