Updated 21 May 2019
In late 2018 Microsoft made some significant updates in the connectivity space for the Office 365 service. This consists of two elements, a new method to provide the URL & IP requirements for the service which will help our customers manage and automate the requirements, and secondly, as part of this new service, we've added an improved categorization of the URLs required. This second element is designed to help customers optimize traffic which really warrants special treatment, then allowing the rest to go via the standard egress model. This second element is outlined in more detail here.
In this post I'll cover this new method for the management of URLs & IPs for the service.
Previously, the place to go for connectivity requirements to Office 365 has been our URL & IP page which consisted of three elements:
- The web page itself, for human review of the requirements broken down per service
- The XML file which was used for device configuration
- The RSS feed for change notification
We had a challenge with this solution however. As the Office 365 service grew, the number of URLs and IPs required to access the service has obviously increased in line with this growth, also the number of connection options has also increased with the addition of Expressroute. Customers have been reporting to us that they are running into administrative challenges keeping pace with the rate of change in this space and the old solution to provide this data was not meeting their needs as it often required manual management of the changes.
Another challenge was around how the URLs need to be handled, some have IPs provided, some don't, some live on Microsoft infrastructure, some don't, some are required, some aren't, some can use ExpressRoute for Office 365, some cannot. The XML file just did not provide the data in a way which allows customers to deal with these attributes as they require, nor automate or script based on this information.
We therefore worked to improve how we provide this information to meet our customers' needs moving forward which went GA in September 2018.
Data is now provided in JSON format via a Web Service and is tagged with various attributes to allow you to script and manage the data as you see fit, some of these attributes are new, such as the 'Optimize', 'Allow', 'Optional' tags plus Expressroute. (More on this in another blog post here)
Benefits for administrators from the Office 365 IP Address and URLs web service and the new categories include:
Automation of Office 365 endpoint data and changes publishing
System readable data for direct network device integration that is also script friendly
Data available in JSON for scripts or CSV format for Excel
Includes the new Optimize, Allow, Default categorization of Office 365 endpoints
Includes ExpressRoute routable flag for each endpoint
Version change notification published alongside the data
All provided attributes are supported by owning development teams
Previously, manually created example PAC files were created and published every month, with the new system it is now possible to code this easily. Some example scripts can be obtained here.
The change cadence we aim for with regards Office 365 connectivity requirements is that we provide updates once a month, at the end of the month, with one month's notice and this cadence will continue with the new solution. There can be occasions however where