Need to block Microsoft Sharepoint entirely

jst3751 · May 9

For business security reasons, since Microsoft is well known to allow malicious content on Sharepoint websites, we need to completely block it.

In App Control, I have configured application "Microsoft SharePoint" for block and log. In the CFS Custom Category, I have added sharepoint.com as category 59 which is blocked.

Yet users are still able to get to those websites.

NSA 2700 HA pair

SonicOS 7.1.1-7051

DPI-SSL Client is fully configured and working.

Any ideas and help is appreciated.

jst3751 · May 24

UPDATE: Apparently, this is caused by the resulting DNS lookup have more than one A record.

I have a support case open for this. One had to be done was create an FQDN address object *.sharepoint.com and then create a firewall rule to block that as a destination.

That is stating is simply. It is a lot more complex which I understand but is hard to explain.

TKWITS · May 9

Have you considered utilizing MS' official list?

https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide#sharepoint-online-and-onedrive-for-business

jst3751 · May 10

https://community.sonicwall.com/technology-and-support/discussion/comment/21320#Comment_21320

That really does not help at all, as blocking everything there will also then block other Microsoft services.

Join the Conversation

Need to block Microsoft Sharepoint entirely

Best Answer

Answers