- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience.
07-24-2018 06:21 PM
Hi
Any one know if PA have a dynmic range that covers MS ip address range.
Seems like the sort of thing that would be easy to implement and would save me a lot of time.
A
07-25-2018 06:55 AM
Highly recommend spinning up MineMeld and simply using that to find the Office 365 addresses as it allow you to do a number of other EDL list mining to form usefull EDLs that can be utilized throughout the firewall.
07-25-2018 10:15 AM
Use Minemeld! You'll see that it will be useful in quite a few other situations than simply for o365.
(Or vote for FR ID 9113 and wait for the implementation)
07-25-2018 03:57 AM
hi @Alex_Samad
There are only dynamic lists for malicious IPs provided by Palo Alto Networks, but you can easily get external dynamic lists and import them through an EDL object
07-25-2018 04:10 AM - edited 07-25-2018 04:11 AM
I do not have an instance to test, but you can create an O365 list in minemeld:
In the past I have used the API and a powershell script to pull the list from Microsoft and create a dynamic address list from that, here are a few articles to point you in the right general direction:
https://gallery.technet.microsoft.com/office/Get-Office-365-IP-v4-562987d5
A smiliar strategy could be used to dump the list to an EDL if you have somewhere available to host it.
07-25-2018 06:55 AM
Highly recommend spinning up MineMeld and simply using that to find the Office 365 addresses as it allow you to do a number of other EDL list mining to form usefull EDLs that can be utilized throughout the firewall.
07-25-2018 10:15 AM
Use Minemeld! You'll see that it will be useful in quite a few other situations than simply for o365.
(Or vote for FR ID 9113 and wait for the implementation)
07-25-2018 04:08 PM
minefield seems to be the way forward.
Had a chat with my SE on this and the fuel user group pointed to this
02-19-2020 02:42 PM
I thought I'd comment for anyone reading this who doesn't have the systems to implement Mindmeld, and is looking for an on-prem Windows solution.
Microsoft has a powershell method of getting the latest o365 IP Addresses into a text file. You can then host that file on an IIS server, script Powershell to keep it up to date and point a PAN EBL at this file. Works great. One catch, the Microsoft Powershell script puts CR-LF at the end of each line and apparently EBL can only handle LF. So you'll need to edit the powershell script and add this line after the out-file statement: (Get-Content $datapath -Raw).Replace("`r`n","`n") | Set-Content $datapath -Force
That will replace the CRLF with just LF.
Script from MS is here https://docs.microsoft.com/en-gb/Office365/Enterprise/office-365-ip-web-service#example-powershell-s...
02-21-2020 01:17 AM
I posted a Linux scripted solution a few weeks back in response to another query on he EDLs.
We briefly looked at mindmeld.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!