Access 365

Posted onby
  1. Access 365 Urgent Care Palm City
  2. Access 365 Key
  3. Access 365 Login
  4. Microsoft Access 365

In the week of August 29th, 2016 Palo Alto Networks released changes to App-ID for Microsoft® Office 365™. To allow our customers to prepare for this change and avoid any problems, Palo Alto Networks is releasing the following placeholder App-IDs and decode contexts as part of Application and Threat Update version 597. To ensure that existing Office 365 policies continue to work after the week of August 29th, 2016 we strongly encourage customers to read and fully understand this document.

New Applications (only placeholders for now):

With Office 365 it is possible to use outlook in a web browser of your choice. To access Outlook Web Access (OWA). Gain access to health- and wellness-related deals on fitness products, gym memberships, healthy eating and more.Open to businesses, families and individuals who are members of participating BlueCross BlueShield companies.

  • office365-enterprise-access
  • office365-consumer-access

New Decode Context for “Pattern Match” for Custom Application Signatures (only placeholder for now)

  • http-req-ms-subdomain

Frequently Asked Questions:

Q. Why is Palo Alto Networks making this change?

A. Currently, to safely enable Office 365, our customers use the “ms-office365” and “ms-onedrive” App-IDs. However, we have found that customers would also like to accomplish the following goals :

  • To gain visibility into enterprise and consumer use of Office 365 in their networks.
  • Allow specific sanctioned instances of Office 365 enterprise accounts while blocking unsanctioned access to Office 365, either from unsanctioned enterprise accounts or consumer accounts.
  • To have the ability to block consumer access to Office 365 services.
  • To have the ability to control and limit cross-tenant sharing of “sharepoint-online”.

Q. What new capabilities do I get because of this change?

A. Customers will get the following new capabilities because of this change:

  • Visibility into enterprise and consumer use of Office365 in their networks.
  • Create a “Custom Application” for their specific Office 365 enterprise logins. This App-ID will be based on the domain name used to login to Office 365 enterprise accounts. For example, if users login to Office 365 using login names like [email protected], [email protected], or [email protected] then a “Custom Application” can be created to look for the domain name “mydomain”. Once created, this App-ID can be configured in policies along with the existing Office 365 App-IDs to limit access to Office 365 only using sanctioned enterprise wide accounts.
  • Block access to the consumer edition of Office 365 services.
  • Customers can selectively control cross-tenant sharing of “sharepoint-online” using URL filtering and custom App-IDs.

Q. Do I need to enable SSL-decryption to use this capability?

A. Yes, SSL decryption is required to have this capability.

Q. Am I affected by this change if I am not using SSL decryption for Office 365 traffic?

A. No, this change will not affect you if you are not using SSL decryption for Office 365 traffic.

Q. Am I affected by this change if a device upstream is performing SSL decryption and the firewall only gets decrypted traffic.

A. In this case, yes you will be affected by this change and you should make the changes suggested below.

Q. How can I create “Custom Application” for my specific instance of the Office365 account?

Access 365 Urgent Care Palm City

A. Step 1. Under Objects > Applications – click “Add” and configure the values as shown below.

Step 2. Click the “Signatures” tab and configure the values as shown below.

Step 3. Save. Commit config.

Q. How am I affected by this change? How do I guarantee operational continuity for safely enabling Office 365 Apps?

A. As of July 6th, 2016 with Content version 597, Palo Alto Networks is adding “office365-enterprise-access” and “office365-consumer-access” as placeholder App-IDs to our application catalog. These App-IDs are delivered as placeholders, thereby allowing our customers to make necessary policy changes to their firewalls ahead of time. These two placeholder App-IDs will not affect firewall policy processing, or any existing App-ID driven rules until the week of August 29th, 2016 when they are functionally enabled.

Palo Alto Networks will replace the placeholder App-ID with the formal App-IDs “office365-enterprise-access” and “office365-consumer-access” in the week of August 29th, 2016.

To facilitate this transition, Palo Alto Networks intends to follow the timeline outlined below:

  • July 5th, 2016: Palo Alto Networks delivers placeholder App-IDs “office365-enterprise-access” and “office365-consumer-access” with weekly Content Apps and Threat Update 596. With this content version, Palo Alto Networks also releases a custom decode context of “http-req-ms-subdomain”. As illustrated above this can be used to create the required custom App-IDs for identifying specific sanctioned enterprise access to Office 365. These two App-IDs, in addition to the custom App-IDs can be used to safely update firewall policies and prepare for the announced changes.
  • Example transitional policy to enable all Office 365 access.
  • Example policy with Custom App-ID to “only” enable Office 365 access to sanctioned enterprise accounts.
  • Example policy to “only” enable Office 365 access to any enterprise account.
  • August 30th, 2016: Palo Alto Networks functionally enables the “office365-enterprise-access” and “office365-consumer-access” App-IDs. These App-IDs will be fully operational and the configured policy will be enforced on any traffic destined to Office 365 services. If the Security Policies have been updated as per the guidance above, customers will now have access control for Office 365 services.

Q. What happens if I do not add “office365-enterprise-access” or a custom App-ID created for enterprise logins to Office 365?

A. If “office365-enterprise-access” or an enterprise specific custom App-ID is not allowed, Office365 services will not work. We strongly recommend customers to incorporate the changes described above to prepare for the update we intend to deliver during the week of August 29th, 2016.

Access 365 Key

365365

Q. What happens if I do not add “office365-consumer-access” App-IDs to my policies?

A. Without “office365-consumer-access” explicitly allowed, users will not be able to access the consumer edition of Office 365 services. We strongly recommend customers to incorporate the changes described above to prepare for the update we intend to deliver during the week of August 29th, 2016.

Q. How will this change affect the existing “ms-office365” and “ms-onedrive” App-IDs?

A. The existing App-IDs will continue to work until August 28th, 2016. But with the content update of the week of August 29th, 2016, a part of traffic related to user login will be identified as “office365-enterprise-access” or “office365-consumer-access” for all ms-office365 App-IDs. This means that these App-IDs should exist in the security policies as per the recommendations made above.

Q. What versions of PAN-OS will be affected by this change?

A. All currently supported versions of PAN-OS software that are updated to a version of Content and Threat Update delivered on or beyond the week of August 29th, 2016 may be affected by this change.

Q. I have made the changes suggested above but I do not see the new App-IDs or the custom App-ID being triggered.

A. These will only work after the Content Update of 29 August 2016 when these placeholder App-IDs and decode context will be functionally enabled. Till then the idea of these placeholder App-IDs and decode context is to assist our customers be ready for the change of 29 August 2016.

See also

Send comments to @msandhu or @nasingh or leave a comment or question in the comments section below.

As an NC State student, faculty or staff member, you can download and install a free copy of the full MS Office suite (includes Word, Excel and PowerPoint), and you also have access to the cloud versions of these products (Office 365).

Your free copy of Office 365 can be installed on multiple devices and comes with online file storage space in OneDrive.

NOTE: G Suite is the university’s primary collaborative application suite. OIT recommends that you use G Suite for collaboration instead of Office 365.

Contents

Get your copy

  1. Go to:
    office365.ncsu.edu.
  2. Sign in with your Unity ID and password.
  3. Choose one of these two options for working with Office 365:
    • Option 1 – To download and install MS Office and work locally:
      • On a personally-owned computer:
        Choose the product to install and follow the instructions on the screen.
      • On a university-owned computer:
        Contact your local IT staff before attempting to install Office on it.
    • Option 2 – To work in the cloud without downloading and installing MS Office:
      Be aware that you’ll be using limited versions of Word, Excel and PowerPoint.

Install on multiple devices

You can install the Office suite on up to ten devices, including personal ones:

  • five PCs or Macs
    AND
  • five smartphones or tablets (see Help below for links).

Mobile Setup

Office 365 features that are not available at NC State

  • Exchange, including email and calendar

Keep your Office copy activated

Access 365 Login

If you downloaded and installed the full Office suite on your PC or Mac, be sure to keep it activated by connecting to the internet at least once every 30 days.

Working online

Microsoft Access 365

  • Use newer browsers:
  • Be aware that features are limited in online versions of Word, Excel and PowerPoint.
  • You have 1 TB (1000 GB) of personal space in OneDrive, the online space connected with Office 365.
  • Documents you create online will be stored online.

Storing sensitive data

  • In general, Cloud storage space (e.g., OneDrive) may not be secure.
    See Storage Locations for University Data for details.
  • DO NOT store any sensitive information in the Cloud;
    e.g., Social Security numbers, credit card numbers, passwords.
  • University employees who handle sensitive data:
    See “Cloud service” in the table of Storage Locations for University Data

Collaboration

  • Be sure to use G Suite instead of Office 365 to share documents and work collaboratively.
  • G Suite remains OIT’s primary collaboration and communication tool for campus.

When you leave NC State

You will lose access to your Office 365 account and any data or information stored within. This information may not be retrievable after your access is lost.

  • Disposition of files stored in OneDrive
    • Students
      • Transfer personal data to other locations; e.g., local computer, a personal G Suite account, or a personal Office 365 account.
      • Only graduating students who complete a degree program with NC State will maintain access to their NC State G Suite account as a potential transfer location. See Extended access for new graduates for more information.
    • Employees
      • Transfer any university or department data and files to your supervisor or any other appropriate department file storage location.
        See the Separating Employee Guide.
      • Transfer personal data to other locations; e.g., local computer, or a personal G Suite account, or a personal Office 365 account.
  • Additional Resources

Help

  • For PC: Office Quick Start Guides
  • For Mac: Office for Mac Quick Start Guides
  • For mobile: