Here you see each of the miner nodes on the left scraping Microsoft’s dynamically updated endpoints (as described in Managing Office 365 endpoints), the processor nodes that receive URLs, IPv4 and IPv6 addresses, and finally the 3 output nodes that publish a URL that your firewall can poll for an External Dynamic List (EDL).Ĭlick each of the output notes and make a note of the Feed Base URL.įollow the instructions in the article Connecting PAN-OS to MineMeld using External Dynamic Lists to connect your PAN-OS Device with the lists provided by MineMeld Then click the Graph tab (asterisk sign) to bring up the Connection Graph which should look like this: Review Connection Graph and retrieve Feed Base URLsĪfter giving the MineMeld engine a few minutes to restart, click “Nodes” in the banner at the top of the interface and then, click any of the nodes in the list. Your old configuration will be lost.Īccept to replace the candidate configuration, followed by clicking the COMMIT button and waiting some time for the engine to restart. Take into account that this procedure will replace any configuration you might have with this new collection of nodes. Next click CONFIG at the top followed by IMPORT.
#OFFICE 365 OUTLOOK WEB ACCESS URL PASSWORD#
But you might choose to use the any configuration that better suits your needs.īrowse to (obtained above) and sign in with the username admin and password minemeld. In this document we'll use the configuration named "o365-api-any-any.txt" that will set a graph to mine all ServiceAreas in all O365 Instances. Unzip the attached file MMO365-API_ConfigFiles.zip to get the following collection of configurations.
To save you the hassle we've created a set of configurations you can import.
MineMeld does already come with Prototypes for each of the O365 services but you would normally need to create a miner for each of these from those Prototypes, along with 3 processors and 3 outputs (one each for IPv4 addresses, IPv6 addresses and URLs respectfully). Make note of MineMeld's IP address (from an ifconfig) as you’ll need it for the web interface in the next step. Assuming an IP comes via DHCP and you have internet access, your VM will automatically be updated to the latest version of MineMeld.
#OFFICE 365 OUTLOOK WEB ACCESS URL ISO#
NOTE: if using the VMWare desktop instructions (read Running MineMeld On VMWare Desktop), you can go ahead with the "Super fast setup," but please download the cloud-init ISO and mount it on first boot. It would be preferable to configure external dynamic lists and reference that in our security policies, and as it happens, Microsoft dynamically publishes a fully up-to-date list of all IPs, URLs and ports used by each of the 17 components of Office 365 every hour that we can use! This article will take you through setting up the open source MineMeld utility to parse this data into EDLs for PAN-OS to consume, and creation of a couple of example security policies for your environmentįirst, visit the MineMeld Resource Page and select the article (from the top right) about installing and running MineMeld appropriate to your environment. Because Microsoft publishes Office 365 over a huge range of URLs, and IP addresses, a security admin would be tempted to simply allow access in policies to a destination of any, and this gets complicated when the Office 365 App-IDs tend to have dependencies on explicitly allowing web-browsing and SSL. This article describes a procedure that requires MineMeld version 0.9.50 or newer.Īs customers migrate to Office 365, they find themselves whitelisting a range of App-IDs for the various workloads they might use the Office 365 product sets, such as Skype for Business, OneNote, Exchange Online and so on.