Windows-itpro-docs: More specific whitelisting
Is it possible to be more specific in the whitelisting as I'd prefer not to have to allow access to the entirety of Azure blob storage. Can you specify the Defender ATP specific blobs, rather than just everyone's Azure storage?
Document Details
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: ef3b1143-53ee-892c-59c8-5cfa12e017c2
- Version Independent ID: 29f6c231-15bd-296b-cca9-7ef6ba8192df
- Content: Microsoft Defender ATP for Linux - Windows security
- Content Source: windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
- Product: w10
- Technology: windows
- GitHub Login: @Dansimp
- Microsoft Alias: dansimp
kengoodwin
All 5 comments
They’re still recommending the same for Mac clients too. Got fixed for Windows a while back and so far no issues with our Mac clients: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/4942
phillym
on 29 Feb 2020
Hello @kengoodwin,
as @phillym noticed, more detailed URLs could be found here.
Also, you can use the list of IP addresses published here, for example, to whitelist blob storage for Australia SE, you can use IP addresses marked with name "Storage.AustraliaSoutheast".
Thank you
MaratMussabekov
on 3 Mar 2020
Hello @kengoodwin,
as @phillym noticed, more detailed URLs could be found here.
Also, you can use the list of IP addresses published here, for example, to whitelist blob storage for Australia SE, you can use IP addresses marked with name "Storage.AustraliaSoutheast".Thank you
@kengoodwin ‘s point, like mine before it is that it is unwise to exclude all of Azure blob storage from TLS interception and proxy auth, if those are controls you have in place already. Microsoft have specific buckets for these services and we need these to be explicitly documented so we only need to exclude the bucket DNS name and not every possible Azure Blob bucket.
@MaratMussabekov
phillym
on 3 Mar 2020
Dear @Dansimp,
could you please assist?
Thank you
MaratMussabekov
on 6 Mar 2020
@kengoodwin @phillym - Thank you for submitting feedback.
From our understanding, the issue has been resolved based on this merged commit https://github.com/MicrosoftDocs/windows-itpro-docs/commit/26b93c9.
Thank you for your contribution to make the docs better! Much appreciated!
mypil
on 11 Apr 2020
Related issues
RAJU2529
·
3Comments
LanceMcCarthy
·
3Comments
SwiftOnSecurity
·
3Comments
marcnil815
·
3Comments
sundhaug92
·
3Comments
Most helpful comment
@kengoodwin ‘s point, like mine before it is that it is unwise to exclude all of Azure blob storage from TLS interception and proxy auth, if those are controls you have in place already. Microsoft have specific buckets for these services and we need these to be explicitly documented so we only need to exclude the bucket DNS name and not every possible Azure Blob bucket.
@MaratMussabekov