Defender for Endpoint and disconnected environments. Which proxy configuration wins?
This article is a follow-up to a previous one discussing conflicting proxy configurations and how Microsoft Defender for Endpoint behaves in these situations. The first article can be found in here. In this article we'll explore how Defender for Endpoint network traffic flows depending on which proxy configuration is in use, as well as what network traffic looks like when all three proxy configurations are set.Add SOCKS5 (+ Authentication) support to Edge insider browser
Hi, Please consider adding SOCKS5 proxy support and Authentication (username and password) to the new Edge browser. currently only Firefox has that capability (without Auth). Microsoft Edge insider is using the same networking settings as google chrome which is not ideal and heavily relies on extensions and 3rd party programs. please create a separate proxy settings page that only effects Edge browser (like Firefox) and Not the whole Windows OS, and add SOCKS5 support to it. Thanks
Block Teams web client whilst allowing Teams desktop client - using proxy
[UPDATE 29/09] We have identified that the Teams desktop client puts a Teams entry in the user-agent string and use a specific Chrome version that is different to the Chrome the users have so we are using this to block traffic to teams.microsoft.com and seems to working so far. Not all traffic has the user-agent though i.e. video. Initially we blocked teams.microsoft.com except user-agent Teams* but this blocked video. Does anyone have detail on Teams video traffic so we can investigate further options? ------------------------------------------------------------------------------------------------- Is there a way to identify traffic from Teams web client, distinct from Teams desktop client so we can use proxy config to block Teams web client whilst allowing Teams desktop client? The reasons for this specific ask and consideration of other options are below: we are deploying Microsoft 365 in an environment for which a new tenant (tenant A) has been set up. The environment has on-prem Win 10 devices managed via SCCM and the devices currently don't have Teams or Outlook desktop clients installed. The environment is locked down with access to teams.microsoft.com currently blocked using proxy config to prevent users getting to Teams via the browser (and users don't even have the desktop client, which this would also block). Users currently have access to email on the parent company's tenant (tenant B), using their separate parent company creds signing into outlook for the web in the browser. This is the extent of their use of M365 cloud services - Outlook on the Web to parent company tenant. As part of rolling out Teams, the Teams client is being deployed and the proxy block of teams.microsoft.com is being removed. RestrictTeamsSignInToAccountsFromTenantList registry setting is implemented so users can only sign-in to tenant A from Teams desktop client. sign-in to tenant B Teams or indeed any tenant is possible via the web client however and there is a requirement to block this so the users can't use the Teams web client. We can't use tenant restrictions i.e. Restrict-Access-To-Tenants header in proxy to tenant A (https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/tenant-restrictions) as the users need to be able to get to parent company tenant B for email We can't configure tenant B e.g. Conditional access to block Teams for a group as the global team who manage tenant B don't engage for these type of point solutions - to keep their tenant maintainable. Due to the above constraints we think identifying some specific urls in proxy might be our best route but open to other suggestions on how to to block Teams web client whilst allowing Teams desktop client.
