How to solve O365 for Cloud Edge Secure Access?

10/18/2021 0 People found this article helpful 472,959 Views

Description

This article describes configuring O365 over the Cloud Edge, O365 is a cloud-based suite centered around business productivity, which includes apps like Outlook, Word, PowerPoint, etc. and services like Skype for Business, SharePoint, OneDrive, Teams, Yammer, Planner and so on.

Symptoms:
We can access Office 365 organization using Azure configuration or through ZTNA applications. We can configure services like Outlook, Skype, SharePoint, etc. And access them via Cloud Edge VPN or ZTNA

Cause

The following conditions exist for O365 & provisioning:

Configuring & Accessing Office 365 organization using the Azure
Configuring and Accessing O365 applications suing ZTNA
Configure Always VPN ON and tunnel all mode to securely accessO365 services/applications

Resolution

We create IDP group using the O365 and allow access to the Azure organizational users only. We configure the ZTNA and allow access to groups/users. The following steps need to be followed

Configure& Access Office 365 organization using the Azure

Log in to Microsoft Azure and choose Azure Active Directory from the sidebar
Navigate to Manage|App registrations and click on New registration to add a new application
Enter any name "CloudEdgeDemo" for the application, select Web app/API as the Application Type, and for Sign-on URL enter your application URL with your workspace name:https://workspace.sonicwalledge.com/
Once the application has been created, you will have to configure the permissions. Select the name of the application CloudEdgeDemo to open the Settings section
Under API permissions, click Add a permission
Select APIs my organization uses and choose Windows Azure Active Directory to change the access level
Modify permissions so your app can read the directory. Under Delegated permissions, check next to Sign in and read user profile and Read directory data.

NOTE: Grant Admin Consent if requested during this step.

TIP: If you want to allow users from external organizations (such as other Azure directories) to log in, you will need to enable the Multi-Tenant option for this application. In the Authentication section, choose the Multi-tenant option.

Configuring the key

Create a key (secret password) that will be used as the Client Secret in the Perimeter 81 IDP connection. Select Certificates and secrets from the Application menu
Copy the client Secret to use on Cloud Edge during IDP configuration

Configuring Reply URLs

Navigate to Azure Active Directory | Apps registrations and select the Cloud Edge Demo app. Select Authentication, navigate to Redirect URLs and add the following link:https://auth.sonicwalledge.com/login/callback

Configuring IDP connection

Go to your Cloud Edge Web admin and navigate to IDP
Configure all the required fields and click done to save the IDP settings

NOTE: You can copy the ClientID by going to the Azure AD App name (in this example: "CloudEdgeDemo”)

Login to SSO using IDP Azure AD

Configuring and Accessing O365 applications suing ZTNA

We can create different ZTNA for Office365 for Users/Groups and allow access with restricted policies (refer Cloud Edge guides for more details on ZTNA).

Configure Always VPN ON and tunnel all mode to securely access O365 services/applications

In order to access O365 different services/applications via Cloud Edge VPN agents, we can configure always ON VPN and use the O365 applications/services securely. Refer Cloud Edge guides for more details on VPN agents.

Not Finding Your Answers?

ASK THE COMMUNITY

Was This Article Helpful?

YES NO

How to solve O365 for Cloud Edge Secure Access?

Description

Cause

Resolution

Related Articles

Categories

Not Finding Your Answers?

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Follow Us

Subscribe to newsletter

Stay In Touch