Skip to main content
  • EN

Nuw7JTneYlsbLr9SJpK0IhMPieHzwfT0qd-ub9UVWnwWhnOwDHPJOGG2gJqt-kN2vghfmDRIvZGWhdfrhLNxZJ6LAFYkWqRtR5VKbeQdNudM6wtdqzwXJxNQHVY3vySx5EMFh8hs61FIPkhK95Of_nc

Netskope Global Technical Success (GTS)

Use Case - Block Microsoft Apps Access - Personal Account - II

 

Netskope Cloud Version - 113

 

Objective

Microsoft Apps access via personal email ID should be blocked

 

Prerequisite

Netskope CSAB license is required

 

Context

The customer's requirement is to block access to all Microsoft apps when a user tries to access them using their personal email ID (for example, *@outlook.com, *@hotmail.com).This document will discuss how to achieve this.

Do You Know?

  • The Microsoft suite includes a variety of applications. The domains responsible for user authentication (when an end-user attempts to log in via their personal account, such as *@outlook.com, *@hotmail.com) include account.live.com, login.live.com, profile.live.com, sc.imp.live.com, secure.shared.live.com, skypewebexperience.live.com, and windowslive.tt.omtrdc.net.
  • Netskope recognizes these domains under a predefined cloud app called Microsoft Live Accounts
  • As of March 22, 2024 with Netskope’s Microsoft Live Accounts predefined cloud app connector, customers can exercise control over the following activities:

 

aAW1KwnqjKOBm0MEmZL6WiLFXMyLbp9SCYh_yVTR8lhJT-WArHfEwFt4M4WD38tjlR3JmWT--0P7g-sbf0UA4VfijUkHbFK5rP93CCcST2jd7Xgq4tUsnHAfYBDwc2yO8XTCP0UnUzCt4TZEMhMxm7c

 

Configuration

  • Step 1 - Create a Constraints profile

Path - Netskope Tenant UI >>> Policies >>> Profiles - - - Constraints >>> New User Constraint Profile

y8UlUXp-FmXWQjf8Ti0eJf9hfPTVadqbQr5l5w0OHmFAhZREOJ6OOqnqTPykLFlxPk5xgzunZ-40A67Syth3872Kk5Ep__BiJ9ozA7eUugGrkE5kfalTO1jQ0XiUegDH1yl4DL6rGIg_VPYkVJ28CFk

  • Step 2 - Create a Real-time protection policy

Path - Netskope Tenant UI >>> Policies >>> Real-time Protection >>> New Policy

WyyorpvY2x26wOnirEDvbt9d0FBP-iCnUi7qdq_61XDVWofV2EetfMn56iTP3mN5d7ovn-g4OUWjoxvOtp7J9trX-fjbhVVEMls5C8l0u5lzMHcpd4yxe3N6eKs7IfrPSKSRVxiyyEJ7n_JE7WCaII4

 

Verification

  • Step 1 - Attempt to log in to Microsoft Outlook web version, and when the system detects an email address with - @outlook.com, @live.com, @hotmail.com

adnDRsSEN-ACOqPQkujMWtugm9LzJDOIC2Zk8_i68SGd6jdKRvnrDS1uxO7HcqQhv6vEvzv6sztdDqf90kimKuE2f0ft_bgqwAizQ5rR0N-tZQdOfzANKt6MiBORbdx-jRcgx4kR0NfpesjmjRJtPr8

 

  • Step 2 - Check policy hits

0fKmzvymN4iwyCz7Y0KYBSzxWYfFUH4yj42XdRaN09NMcNuC7OersJ1piV_dMQ3CK2mQV5M9Sz7WTceGMkPNrGs7ZUR1mGuo8SQbth5TSM8XXrvALCH7hA0RKtPbpvvnHKxgMI9FBQXOlRdx5m8GNng

 

bis_pwO43IDb-U2n1WvLIuGzuM4zNNE0BcNR-AJiDnH1KDZR9pGoiULihuRbUEe5G4itT_Wc2ck_n4OOaDwGcVwhkGhR1MA2HALe3Mk9vB33xEsidC0UQV6I5GCi4ojPluU-Y91OSFiGIiy5jNxI8Og

 

Jg06a-zy7GmJdZtr-ciBHizUd6OoZZ0zoBufzMEw2i-nfCQsF7C92um3oExHRMFtZFKJ2cGZRkM2zwv0VkA9pICGmqMgVgKnLUcAYKHonZ5pDsFdC5_AuCGe5kBUgXMSD_8VZ2GJYDP4ETbRfHUq3Yo


 

Terms and Conditions

  • All documented information undergoes testing and verification to ensure accuracy.
  • In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

 

Notes

  • This article is authored by Netskope Global Technical Success (GTS).
  • For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.

 

Be the first to reply!
Terms & ConditionsCookie settings