This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Need to create firewall policy that allows only Microsoft teams and rest all need to block

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Palo Alto Networks Approved
Palo Alto Networks Approved
Community Expert Verified
Community Expert Verified

Need to create firewall policy that allows only Microsoft teams and rest all need to block

adarshp2005
L0 Member

‎06-28-2021 12:53 AM

Hi Friends,

 

I would like to create Palo Alto configuration for specific range of IP address, not based on users.

My requirement is as follow.

1. Only Microsoft teams traffic (incoming and outgoing includes calls) should be allowed.

2. Want to block all other traffic includes web browsing, file sharing, social media, media streaming.

 

Anyone can suggest or support to create this type of configuration.

 

Thanks and Regards.

Adarsh

 

 

1 person had this problem.
0 Likes Likes
3 REPLIES 3

BPry
Cyber Elite
Cyber Elite

‎06-28-2021 01:27 PM

@adarshp2005,

Teams doesn't have a dedicated container app-id, instead it uses ms-teams, ms-teams-audio-video, ms-teams-downloading, ms-teams-editing, ms-teams-live-event, ms-teams-posting, ms-teams-sharing, and ms-teams-uploading. You can try building out an allow entry with those app-ids setup and deny all other traffic, but I'm not sure how well it'll actually function like that. 

Also keep in mind that much of Teams relies on other ms-office365 app-ids and certain functions certainly won't actually function correctly unless you include access to other ms-office365 applications. 

OtakarKlier
Cyber Elite
Cyber Elite
In response to BPry

‎06-28-2021 02:33 PM

Hello,

In addition to what BPry already stated, you can use URL and/or destination IP filtering to limit the traffic to Microsoft.

 

https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-endpoints?view=o365-worldwid...

 

Cheers!

alawi.alalattas
L0 Member

‎02-21-2022 12:34 AM

Hi,

 

For any specific application you want to allow only ( applications depend on SSL and Web-browsing), you can create two policies.

 

- One policy to allow SSL and Web-browsing for that application to work. configure the URL Category in this policy to use custom category contains only the URLs needed for that application

- Another policy to allow that application

 

In some cases, you have to add one more policy to allow destination IPs for that application to work

 

I did that for multiple applications such as Anydesk, Skype, Zoom, etc..

I did it also for MS Teams but still facing some issues

 

 

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2022 - Palo Alto Networks