Connection Filtering
This section describes the design decisions associated with Connection Filtering Microsoft 365 security features for system(s) built using ASD's Blueprint for Secure Cloud.
Estimated reading time: 1 minute
Connection filtering within Exchange Online Protection refers to the verification of the sender using SPF, DKIM, DMARC and Microsoft intelligence.
Exchange Online Protection Connection Filtering is always enabled however it can, to a degree, be configured. A connection filter can be implemented to always allow or always block traffic based upon an IP list.
Design Decisions
| Decision Point | Design Decision | Justification |
|---|---|---|
| Configure Connection Filter | Configured | organisations are to provide IP addresses considered as safe. |
| Connection filter policy name | Default | This policy is the default policy configured when Exchange Online is enabled and is consistent with best practice. |
| Scoped to | All Domains | This is the default setting configured when Exchange Online is enabled. |
| IP Allow list | Not Configured | This is the default setting configured when Exchange Online is enabled. |
| IP Block list | Not Configured | This is the default setting configured when Exchange Online is enabled. |
| Safe list | Disabled | This is the default setting configured when Exchange Online is enabled. |
Related information
Security & Governance
- None identified
Design
- None identified
Configuration
- None identified
Configuration
- None identified