Office 365 How To Configure External Collaboration Settings with Domain Restrictions

In Office 365, how do you configure external collaboration settings but restrict certain domains from collaboration.

This is all configured under Azure Active Directory Admin Center.

A few clicks and your configured

User settings> External Collaboration Settings > Set the level of restrictions and Save. This example is restricting collaboration with *.outlook.com and *.hotmail.com domains

or if security if a higher priority over flexibility, Disable Members and Guests invite and set “Allow invitations only to the specified domains” Example :

Secure Connectivity to Azure


05.03.2020 – Stephen Hackers, attended the North East Azure User Group – 14th Meetup. Hosted by Frank Recruitment Group.

The core presentation was on Secure Connectivity to Azure by Matthew Bradley Chief Engineer (Azure) at ClearCloud

The session covered:

VPN Offerings, Service Endpoints, VNet Peering and Private Link

The presentation was focused on educating and sharing experiences in securing connectivity into Azure.

A key point : Security to Azure is required and it doesn’t need to come at a great expense to the business. Build it in to your solution from day 1.

Presentation Notes

VPN offerings:

  • Basic options start at £20 a month roughly (06.03.2020)
  • Bandwith is the key difference between levels
  • Number of S2S tunnels is mostly limited to 30 except basic is 10.

Service Endpoints:

  • No additional cost for VNet Service Endpoints
  • VNet ACLs are not supported across AD tenants
  • Service Endpoints add a system route which takes precedence over other routes

VNet Peering:

  • Traffic between resources is private/isolated. Not encrypted
  • Network address space must not overlap
  • VNet peering doesn’t impose bandwiths

Private Link

  • Connect to Azure without a public IP address
  • Private end points mapped to an instance of PaaS (in Preview)
  • Private Link works a bit like NAT, Private Link endpoint is given a private IP in the VNet of the source
  • IP ranges can overlap

Summary

Small event, around 45 technical Azure focused people attended. Keeping the event simple with one good presentation. There are a great community bunch attending this up and coming North East Azure User Group. Thanks to Frank Recruitment Group for hosting the event and essential beer and pizza. Having a recruitment company hosting, minimal sales pitch was a double win. We did discuss careers a little too at the end (in the optional pub near by).

Looking forward to the next event. For anyone wishing to attend https://www.meetup.com/North-East-Azure-User-Group/