- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
03-01-2019 03:14 AM
Currently, our palo alto only detects the following O365 applications
*ms-office365
*outlook-web-online
*sharepoint-online
*ms-office365-base
*ms-teams
*ms-lync-online
Do we need to enable SSL decryption so that it can detect other sub-applications? (ms-downloading, ms-uploading, ms-posting, etc.)
03-02-2019 12:57 PM
To expand on the correct answer of @OGMaverick; the firewall can't actually identify any of the more specific app-ids unless it can actually inspect the full traffic via decryption. Without decryption, the app-id process is really "best-effort" practice and you'll miss out on the finer controls that you would have had access to if decrypting the traffic.
03-02-2019 12:57 PM
To expand on the correct answer of @OGMaverick; the firewall can't actually identify any of the more specific app-ids unless it can actually inspect the full traffic via decryption. Without decryption, the app-id process is really "best-effort" practice and you'll miss out on the finer controls that you would have had access to if decrypting the traffic.
04-03-2019 11:49 AM
If we decrypt O365 traffic, can it "see" the file names of the files being transmitted? Right now we are using an Exchange solution, that even if the traffic is decrypted, the firewall cannot "see" the files, so in the monitor there is no indication that a file was attached to an email, that would be something we would like to implement.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!