疑難排解-什麼是 *.cas.ms*.mcas.ms*.mcas-gov.usTroubleshooting - What is *.cas.ms, *.mcas.ms, or *.mcas-gov.us?

適用於:Microsoft Cloud App SecurityApplies to: Microsoft Cloud App Security

重要

Microsoft 的威脅防護產品名稱即將變更。Threat protection product names from Microsoft are changing. 如需有關此變更的詳細資訊與其他更新,請參閱這裡Read more about this and other updates here. 我們將在不久的將來更新產品與文件中的名稱。We'll be updating names in products and in the docs in the near future.

本文提供條件式存取應用程式控制所使用的 cas.msmcas.ms 和 URL 尾碼的相關資訊 mcas-gov.usThis article provides information about the cas.ms, mcas.ms, and mcas-gov.us URL suffixes used by Conditional Access App Control.

我們的系統標示了新的 DNS 專案或為、或產生的憑證, *.cas.ms *.mcas.ms *.mcas-gov.us 但我們不會使用 Cloud App SecurityOur system flagged a new DNS entry or generated certificate for *.cas.ms, *.mcas.ms, or *.mcas-gov.us, but we don't use Cloud App Security

這是 Cloud App Security 保護您的環境的一般行為和結果。This is normal behavior and results from Cloud App Security protecting your environment. 即使您的組織不使用 Cloud App Security,當有人從執行的環境中造訪您的網站或服務時,他們的 Url 會重寫以保護其存取權。Even if your organization does not use Cloud App Security, when someone visits your site or service from an environment that does, their URLs are rewritten to protect their access.

例如,Contoso 會使用 Cloud App Security 提供的條件式存取應用程式控制來保護其環境。For example, Contoso protects its environment using Conditional Access App Control provided by Cloud App Security. 當 Contoso 使用者造訪時 fabrikam.com ,系統會自動將使用者重新導向至 fabrikam.com.cas.msWhen a Contoso user visits fabrikam.com, the user is automatically redirected to fabrikam.com.cas.ms. 因此,Fabrikam 的網路釣魚團隊將會看到新的 DNS 專案和憑證 fabrikam.com.cas.msAs a result, Fabrikam's phishing team will see a new DNS entry and certificate for fabrikam.com.cas.ms.

因此,即使 Fabrikam 未實際使用 Cloud App Security,他們仍會看到 DNS 專案或憑證,因為 Contoso 會這樣做。So even though Fabrikam does not actually use Cloud App Security, they see the DNS entry or certificate because Contoso does.

注意

您也可能會在透明度記錄中看到下列網域:You may also see the following domains in the transparency logs:

  • *.admin-rs-mcas.ms
  • *.rs-mcas.ms
  • *.admin-rs2-mcas.ms
  • *.rs2-mcas.ms
  • *.admin-mcas.ms
  • *.mcas.ms
  • *.admin-mcas-gov.us

以下是您在 URL 中看到 *.cas.ms*.mcas.ms*.mcas-gov.us 的原因Here's why you see *.cas.ms, *.mcas.ms, or *.mcas-gov.us in your URL

首先,您尚未誘騙!First of all, you have not been phished! 這種 URL 是預期的,表示您的組織會套用額外的安全性控制,以保護商務關鍵資料。This kind of URL is expected and indicates that your organization applies additional security controls to protect business-critical data.

其做法是使用 Cloud App Security,這是保護您組織雲端環境的解決方案,用來取代所有與您所使用之雲端應用程式相關的 Url 和 cookie。They do this by using Cloud App Security, a solution for protecting your organization's cloud environment, to replace all relevant URLs and cookies relating to cloud apps that you use.

因此,當您嘗試存取 Salesforce、SharePoint Online 或 AWS 等雲端應用程式時,您會注意到其 URL 的尾碼為 .cas.ms.mcas.ms.mcas-gov.usSo when you try accessing a cloud app such as Salesforce, SharePoint Online, or AWS, you will notice that its URL is suffixed with .cas.ms, .mcas.ms, or .mcas-gov.us. 例如,使用 XYZ 應用程式時,您用來查看變更的來源 URL XYZ.com XYZ.com.cas.msFor example, when using the XYZ app, the URL you're used to seeing changes from XYZ.com to XYZ.com.cas.ms.

如果 URL 不符合其中一個取代模式 (例如,未 <app_site>.com<app_site>.com.cas.ms) 取代,或如果您有其他問題,請洽詢您的 IT 部門。If the URL does not exactly match one of the replacement patterns (for example, <app_site>.com is not replaced with <app_site>.com.cas.ms), or if you have additional concerns, contact your IT department.