question

JimHill-4855 avatar image
0 Votes"
JimHill-4855 asked ·

Azure Active Directory Security and Office 365 Interaction Chart

I am doing my annual security audit (a few days late) and were wondering if anyone has put together a chart showing the interaction between the various elements of Azure Active Directory as it relates to Office 365. There are so many layers when we consider:

  1. Azure conditional access policies,

  2. Exchange mail flow and spam rules,

  3. Windows Defender Advanced Threat Protection (Enterprise E5 users)

  4. Cloud App security policies and notification rules

Not to mention the authentication polices I have in place for Exchange Online, MFA policies, on and on. I have a good handle on how it all works together, but have never put together a chart showing the interaction of the various elements and the order of application. Example, in Exchange online the authentication policy comes first, with MFA, then the conditional access policy. For a CA rule blocking sign on from a restricted region, the flow goes through the authentication policy, then MFA, then to the CA policy. Alerts fire according to the Cloud App Security policy in the first step.

azure-active-directoryazure-ad-multi-factor-authentication
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

michev avatar image
0 Votes"
michev answered ·

You wont fine any records in the event log about auth policies, so you can ignore that part. Other than that, I'm not entirely sure what exactly you are looking for, as just the transport pipeline can take several pages to describe properly...

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JimHill-4855 avatar image
0 Votes"
JimHill-4855 answered ·

I will just put together a brief, written summary and use that in my audit. Thanks for your reply.

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.