Restrict tenants for Microsoft Office 365, and add two (2) headers on HTTP requests when the traffic passes through InterScan Web Security Virtual Appliance (IWSVA).
For every request going to Microsoft login sites, we will insert two HTTP headers: Restrict-Access-To-Tenants and Restrict-Access-Context.
To restrict tenants for Office 365 , apply an HTTP Inspection policy:
-
Go to HTTP > HTTP Inspection > Filters.
- Under the Inspection Filter section, enter a Filter Name.
- Tick the Advanced View radio button, then copy and paste the following expression in the Patterns field:
100278_act REQ { HOST: login\.microsoftonline\.com|login\.microsoft\.com|login\.windows\.net EVENT: { OP: HEADER_ADD HEADER: Restrict-Access-To-Tenants VALUE: your-allowed-Tenants } EVENT: { OP: HEADER_ADD HEADER: Restrict-Access-Context VALUE: your-allowed-Context }
Replace "your-allowed-Tenants" and "your-allowed-Context" with your allowed tenants and context. - Go to HTTP Inspection > Policies, and make sure the newly created filter is set to Allow Scan.
- Save and deploy the policies to the clients.