Microsoft Office 365 supports the following networking features.
Ports, protocols, and IP addresses
Office 365 uses IPv4 and IPv6 addresses. Use of IPv6 addressing is optional and not required for connectivity with Office 365. Not all Office 365 features are fully enabled using IPv6. For more information about Ipv6 support in Office 365, see IPv6 support in Office 365 services.
Office 365 maintains a list of allowed IP addresses in the Office 365 help. For more information, see Office 365 URLs and IP address ranges. For Office 365 operated by 21Vianet, see URLs and IP Addresses for Office 365 operated by 21Vianet. For Office 365 Germany, see Office 365 Germany endpoints.
We strongly recommend that you enable routing to the root domain names listed in the articles above (such as *.Outlook.com, *.MicrosoftOnline.com and *.SharePoint.com) instead of routing to specific IP address subnets. Relying on IP address subnets runs the risk of outages for your users as changes are made.
For information on bandwidth requirements, see Internet bandwidth planning.
Connecting to Office 365
All Connections to Office 365 are done over the public Internet or over a private Azure ExpressRoute connection, and are secured by SSL as appropriate. Azure ExpressRoute allows connecting directly to the global Microsoft network, bypassing the Internet. A Microsoft networking partner provides the connectivity to the global Microsoft network.
For more information about Azure ExpressRoute, see Azure ExpressRoute for Office 365.
Microsoft does not provide support for customer-owned WAN acceleration and caching devices with Office 365. If you decide to use a WAN optimization controller to improve performance under conditions of high latency or low bandwidth, you'll need to disable it while troubleshooting service requests with Microsoft, and work with your device vendor for device support. For more information, see WAN Acceleration and caching devices with Office 365.
The global Microsoft network
The Office 365 networking infrastructure is comprised of a large global portfolio of data centers, servers, content distribution networks, edge computing nodes, and fiber optic networks to provide global distribution of services. Sophisticated service instrumentation and monitoring integrates at the deepest levels with each component, giving visibility into the data center, network backbone, internet exchanges and beyond, to help spot, diagnose and manage the cause of disruptions that arise. The network is built to maintain sufficient capacity even for large scale network interruptions without degradation of performance. For more information, see Global Foundation Services.
To maintain the confidentiality and integrity of customer data, Microsoft keeps consumer services networks separate from Office 365 networks. Multiple techniques are used to control information flows, including but not limited to:
Physical separation. Network segments are physically separated by routers that are configured to prevent specific communication patterns.
Logical separation. Virtual LAN (VLAN) technology is used to further separate communications.
Firewalls. Firewalls and other network security enforcement points are used to limit data exchanges with systems that are exposed to the Internet, and to isolate systems from back-end systems managed by Microsoft.
For more information, see the Office 365 Trust Center.
To view feature availability across Office 365 plans, see Office 365 Platform Service Description.