SRX

Hello,

Has anyone had succes with using App-ID signatures to permit Office365 application traffic ? I'm specifically looking at the SRX550 (really hoping it will support this feature and we don't have to replace it! )

What licence would you need to purchase to use this feature ?

Many Thanks!

Nick

Hi,

I know this isnt what you are looking for. But worth to mention within the same scope as of O365.

It would be a good thing if support was added for dynamic ip object to handle JSON via remote url so the policy enforcer can grab the O365 "ip white list" and permit the traffic based on that.

Same for other cloud based services that shares their current IP lists in a public place.

Gunner,

One possible option is to use SkyATP services on the SRX, more specifically the the Office 365 ip filter feed, which is an up-to-date list of published IP addresses for Office 365 service endpoints which you can use in security policies.

To use it, you would configure the feed as a dynamic address object like below (define an address-name, here I call it "office365", that maps to the feed's specific name "ipfilter_office365")

# set security dynamic-address address-name office365 profile category IPFilter feed ipfilter_office365

Then you can match on the address "office365" in a policy like this (I was testing deny, but of course you might want to permit)

policy o365 {
  match {
   source-address any;
   destination-address office365;
   application any;
   }
 then {
  deny;
  log {
  session-init;
  }
 }
}

You can find a little more here: https://www.juniper.net/documentation/en_US/release-independent/sky-atp/topics/concept/sky-atp-integrated-feeds.html