Umbrella supports Cloud Malware protection for both OneDrive and SharePoint sites within your Microsoft 365 deployment.
Table of Contents
Prerequisites
- Chrome or Firefox (recommended) with pop-up blockers and ad blockers disabled (only for the duration of authorization).
- The user performing the installation must use a service account with a Microsoft 365 Global Admin and active license.
- Audit log must be enabled for Microsoft 365. For more information, refer to Microsoft Technical documentation and search for Turn auditing on or off.
- SharePoint Online and OneDrive must be enabled.
- The following IP addresses must be allowed if there are Firewall rules that prevent third-party applications:
146.112.161.0/24
146.112.163.0/24
146.112.165.0/24
146.112.167.0/24 - Users must have the following API permissions for Microsoft:
API/ Permissions Name |
Type |
Description |
Admin Consent Required |
---|---|---|---|
Microsoft Graph |
|||
|
Delegated |
Access directory as the signed-in user |
Yes |
|
Application |
Read directory data |
Yes |
|
Delegated |
Read all files that user can access |
No |
|
Application |
Read files in all site collections |
Yes |
|
Delegated |
Read items in all site collections |
No |
|
Delegated |
Sign in and read user profile |
No |
|
Application |
Read all users' full profiles |
Yes |
Microsoft 365 Management APIs |
|||
|
Application |
Read activity data for the Organization |
Yes |
SharePoint |
|||
|
Application |
Full control of all site collections |
Yes |
|
Application | Read user profiles | Yes |
Authorize a Tenant
- Navigate to Admin > Authentication.
- Under Platforms, click Microsoft 365.
- Click Authorize New Tenant in the Cloud Malware subsection to add a Microsoft 365 tenant to your Umbrella environment.
- In the Microsoft 365 Authorization dialog, check the checkboxes to verify you meet the prerequisites, then click Next.
- Provide a name for your tenant, then click Next.
- Click Next to be redirected to the Microsoft 365 login page.
- Log in to Microsoft 365 with admin credentials to grant access.
You are redirected to the Umbrella Dashboard and a message appears showing the integration was successful. It may be up to 24 hours for the integration to be confirmed and appear as Authorized.
- Click Done to complete.
Revoke Authorization
- Under Action, click Revoke. You can revoke any authorised tenant.
- Confirm to proceed. The selected account will no longer be authorized.
Enable Cloud Malware Protection for Box Tenants \< Enable Cloud Malware Protection for Microsoft 365 Tenants > Enable Cloud Malware Protection for Webex Teams Tenants
Updated 2 months ago