本文提供你需要允許的埠號和 IP 位址清單,以及允許清單,才能與 Microsoft Defender for Cloud Apps 一起使用。
為了隨時掌握 IP 範圍,建議參考以下 Azure 服務標籤,針對 Microsoft Defender for Cloud Apps 服務。 最新的 IP 範圍則在服務標籤中。 欲了解更多資訊,請參閱 Azure IP 範圍。
| 服務標籤名稱 | 包含 Defender for Cloud Apps 服務 |
|---|---|
| 微軟雲端應用程式安全 | 入口網站存取、存取與會話控制、SIEM 代理連線、應用程式連接器、郵件伺服器、日誌收集器。 |
| AzureFrontDoor.MicrosoftSecurity (將於 2025 年 4 月 28 日) | 入口網站存取,SIEM 代理連線。 |
以下表格列出 MicrosoftCloudAppSecurity 服務標籤涵蓋的目前靜態 IP 範圍。 最新列表請參閱 Azure 服務標籤文件。
查看您的資料中心
以下有些要求會依你連接的資料中心而有所不同。
要查看你連接的是哪個資料中心,請執行以下步驟:
在 Microsoft Defender 入口網站中,選擇系統>設定>、雲端應用程式>、系統>關於。
在 「關於」 畫面中,你可以看到區域和資料中心。
入口網站存取
要在 Microsoft Defender 入口網站使用 Defender for Cloud Apps:
將以下IP位址和DNS名稱的 外站埠443 加入防火牆的允許清單:
cdn.cloudappsecurity.com cdn-discovery.cloudappsecurity.com adaproddiscovery.azureedge.net *.s-microsoft.com *.msecnd.net dev.virtualearth.net flow.microsoft.com static2.sharepointonline.com *.blob.core.windows.net discoveryresources-cdn-prod.cloudappsecurity.com根據您的資料中心,允許以下項目:
資料中心 IP 位址 DNS 名稱 US1 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.64.26.88, 13.64.29.32, 13.80.125.22, 13.91.91.243, 40.74.1.235, 40.74.6.204, 51.143.58.207, 52.137.89.147, 52.183.75.62, 23.101.201.123, 20.228.186.154 *.us.portal.cloudappsecurity.com 美國2號公路 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.80.125.22, 20.36.222.59, 20.36.222.60, 40.74.1.235, 40.74.6.204, 51.143.58.207, 52.137.89.147, 52.183.75.62, 52.184.165.82, 20.15.114.156, 172.202.90.196 *.us2.portal.cloudappsecurity.com US3 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.80.125.22, 40.74.1.235, 40.74.6.204, 40.90.218.196, 40.90.218.198, 51.143.58.207, 52.137.89.147, 52.183.75.62, 20.3.226.231, 4.255.218.227 *.us3.portal.cloudappsecurity.com 歐陸風雲1 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.80.125.22, 40.74.1.235, 40.74.6.204, 40.119.154.72, 51.143.58.207, 52.137.89.147, 52.157.238.58, 52.174.56.180, 52.183.75.62, 20.71.203.39, 137.116.224.49 *.eu.portal.cloudappsecurity.com 歐陸風雲2 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.80.125.22, 40.74.1.235, 40.74.6.204, 40.81.156.154, 40.81.156.156, 51.143.58.207, 52.137.89.147, 52.183.75.62, 20.0.210.84, 20.90.9.64 *.eu2.portal.cloudappsecurity.com 美國政府 13.72.19.4, 52.227.143.223, 51.54.53.136/29, 51.54.114.160/29, 62.11.173.176/29, 62.11.165.44, 20.140.131.96 *.us1.portal.cloudappsecurity.us GCC 52.227.23.181, 52.227.180.126, 51.54.53.136/29, 51.54.114.160/29, 62.11.173.176/29, 62.11.165.45, 52.227.23.181 *.us1.portal.cloudappsecuritygov.com 注意事項
在入口網站存取時,你可以選擇只開啟你特定的租戶網址,而不是用通配符 (*) 。 例如,根據上面的截圖,你可以打開:
contoso.us.portal.cloudappsecurity.com要確定你的租戶 URL,請參考前面的「 查看你的資料中心」章節,並尋找 API URL。
存取與會話控制
存取與會話控制區域有助於提供更快的使用者體驗並提升運作時間。
用戶通常會從最近的地區獲得服務。 例如,擁有英國 IP 位址的使用者,可能會由英國西部區域服務。
當負載過高或中斷時,使用者可能會從不同區域獲得服務。
請根據你環境設定條件存取應用程式控制防火牆。 Microsoft Edge 用戶享有瀏覽器內保護。 存取與會話控制則在其他瀏覽器中透過反向代理系統套用。
欲了解更多資訊,請參閱 Protect 應用程式Microsoft Defender for Cloud Apps條件存取應用程式控制及瀏覽器內保護商務用 Microsoft Edge (預覽) 。
商業客戶
對於商業客戶,若要啟用 Defender for Cloud Apps 反向代理,請將以下 IP 位址和 DNS 名稱的外撥埠 443 加入防火牆的允許清單:
*.cas.ms
*.mcas.ms
*.admin-mcas.ms
此外,我們反向代理區域使用的以下 IP 位址應允許用於入站與出站連線:
注意事項
代理伺服器使用入站 IP 位址接收終端用戶的來電連線。
外撥 IP 位址用於建立代理與應用程式之間的連線。
| IP 位址 | DNS 名稱 | |
|---|---|---|
| 會話控制 | 澳洲東南部:40.81.58。 184, 40.81.58.180, 20.40.163.96, 20.40.163.88, 40.81.62.221, 40.81.62.206, 20.40.160.184, 20.40.163.130, 20.11.210.40, 4.198.66.78, 4.198.66.135, 20.190.102.146, 4.198.66.126, 4.198.66.117, 4.198.66.105, 4.198.66.90, 20.92.29.167, 4.198.66.94, 4.198.66.92, 4.198.154.86 巴西南區:191.235.123.114,191.235.121.164,191.235.122。 101、191.235.119.253、191.233.23.29、191.234.216.181、191.233.21.52、191.234.216.10、20.226.100、191.235.57.180、191.235.58.203、191.235.58.201、191.235.58.255、191.235.59.0、20.206.229.223、191.235.58.56、191.235.58.85、191.235.54.192、191.235.55.73、20.206.75.66 加拿大中央電話:40.82.187.211、40.82.187.164、52.139。 18.234、52.139.20.118、40.82.187.199、40.82.187.179、52.139.19.215、52.139.18.236、4.205.74.7、20.175.142.143、20.175.143.220、20.175.140.191、20.175.140.128、20.175.140.185、20.175.143.233、20.175.151.201、20.175.142.19、20.175.142.34、20.175.151.166、20.104.25.35 中印度:20.193.137.191、20.193.137.153、20.193.138.1、20.20。 193.136.234, 20.193.131.246, 20.193.131.250, 20.193.131.247, 20.193.131.248, 20.219.218.134, 20.204.236.74, 20.204.236.213, 20.204.236.115, 20.204.235.50, 20.219.226.117, 20.219.226.224, 20.204.236.147, 20.204.235.230, 20.204.236.17, 20.204.236.111, 20.235.115.136 北歐:52.156.205.222、52.156.204.99、52.155。 166.50, 52.142.127.127, 52.155.181.183, 52.155.168.45, 52.156.202.7, 52.142.124.23, 68.219.99.63, 20.166.182.182, 20.166.182.163, 20.166.182.165, 4.231.129.246, 20.166.182.193, 4.231.129.248, 20.54.22.195, 20.166.182.159, 20.166.182.171, 20.166.182.204, 40.127.131.206 東南亞:40.65.170.125,40.65.170.123,52.139.245.40,52.139.245.48,40.119.203.158,40.119.203.209,20.184.61.67,20.184.60.77,20.187.114.178 西歐:52.157.233.49,52.157.235.27,51.105.164.234,51.105.164.241,20.229.66.63,20.76.151.201,20.76.199.32,20.76.199.126,20.76.199.12,20.76.198.169,20.76.198.91,20.76.199.14,20.76.199.49,20.93.194.151,20.76.198.36,20.160.197.20 英國西部:40.81.121.140,40.81.121.135,51.137.137.121,51.137.137.118,20.90.50.115,20.90.53.162,20.90.53.126,20.68.124.199,20.90.53.127,20.68.122.206,20.90.53.132,20.90.49.200,51.142.187.141,51.142.187.196,20.90.53.133,20.254.168.148 美國東部:104.45.170.196、104.45.170.182、52.151。 238.5, 52.151.237.243, 104.45.170.173, 104.45.170.176, 52.224.188.157, 52.224.188.168, 20.168.249.164, 20.237.16.198, 20.124.59.146, 20.237.18.20, 20.121.150.131, 20.237.16.199, 20.237.22.162, 20.237.18.21, 20.237.22.163, 20.237.23.163, 20.124.59.116, 172.173.135.148 西美國2區:52.156.88.173,52.149.61.128,52.149.61.214,52.149.63.211,20.190.7.24,20.190.6.224,20.190.7.239,20.190.7.233 西美國3選區:20.106.103.34、20.150.153.126、20.118.150.70、20.150.157.146、20.150.153.110、20.118.145.8、20.150.152.101、20.150.157.211、20.150.158.183、20.106.80.235、20.106.81.123、20.14.38.249、20.14.38.222、20.163.100.176 東亞:20.195.89.219,20.195.89.186,20.239.27.66,20.195.89.166,20.239.26.193,20.195.89.213,20.195.89.72,20.195.89.128,20.195.89.62,20.195.89.56,20.205.119.72 法國中央:51.103.95.227, 20.74.94.42, 20.74.94.220, 20.74.94.113, 20.74.115.131, 20.74.94.109, 20.74.95.102, 20.74.114.253, 20.74.94.73, 20.74.94.136, 20.74.94.139, 51.103.31.141 |
*.mcas.ms *.admin-mcas.ms |
| 存取控制 | 澳洲東南部:20.42.228.161,20.211.237.204,4.198.66.78,4.198.66.135,20.190.102.146,4.198.66.126,4.198.66.117,4.198.66.105,4.198.66.90,20.92.29.167,4.198.66.94,4.198.66.92,4.198.154.86 巴西南區:191.235.228.36,104.41.37.185,20.201.80.33,104.41.37.185,191.235.57.180,191.235.58.203,191.235.58.201,191.235.58.255,191.235.59.0,20.206.229.223,191.235.58.56,191.235.58.85,191.235.54.192,191.235.55.73,20.206.75.66 北歐:68.219.99.39,20.166.182.182,20.166.182.163,20.166.182.165,4.231.129.246,20.166.182.193,4.231.129.248,20.54.22.195,20.166.182.159,20.166.182.171,20.166.182.204,40.127.131.206 西歐:13.69.81.118,20.103.48.225,20.76.151.201,20.76.199.32,20.76.199.126,20.76.199.12,20.76.198.169,20.76.198.91,20.76.199.14,20.76.199.49,20.93.194.151,20.76.198.36,20.160.197.20 東南亞:20.43.132.128、20.24.14.233、20.195.116.193、20.187.116.207 英國西部:51.137.163.32,20.90.50.109,20.90.53.162,20.90.53.126,20.68.124.199,20.90.53.127,20.68.122.206,20.90.53.132,20.90.49.200,51.142.187.141,51.142.187.196,20.90.53.133,20.254.168.148 美國東部:20.49.104.46,40.117.113.165,52.249.211.17,40.117.113.165,20.237.16.198,20.124.59.146,20.237.18.20,20.121.150.131,20.237.16.199,20.237.22.162,20.237.18.21,20.237.22.163,20.237.23.162,20.124.59.116,172.173.135.148 法國中央:20.111.40.153, 20.74.94.42, 20.74.94.220, 20.74.94.113, 20.74.115.131, 20.74.94.109, 20.74.95.102, 20.74.114.253, 20.74.94.73, 20.74.94.136, 20.74.94.139, 51.103.31.141 美國西部2號:20.115.232.7 加拿大中央:20.48.202.161,4.205.74.15,20.175.142.143,20.175.143.220,20.175.140.191,20.175.140.128,20.175.140.185,20.175.143.233,20.175.151.201,20.175.142.19,20.175.142.34,20.175.151.166,20.104.25.35 東亞:20.187.116.207,20.195.89.219,20.195.89.186,20.239.27.66,20.195.89.166,20.239.26.193,20.195.89.213,20.195.89.72,20.195.89.128,20.195.89.62,20.195.89.56,20.205.119.72 西美國3區:20.150.143.88、20.150.153.126、20.118.150.70、20.150.157.146、20.150.153.110、20.118.145.8、20.150.152.101、20.150.157.211、20.150.158.183、20.106.80.235、20.106.81.123、20.14.38.249、20.14.38.222、20.163.100.176 中印度:20.235.81.243,20.204.236.74,20.204.236.213,20.204.236.115,20.204.235.50,20.219.226.117,20.219.226.224,20.204.236.147,20.204.235.230,20.204.236.17,20.204.236.111,20.235.115.136 |
*.access.mcas.ms |
| SAML 代理 | 北歐:20.50.64.15,40.127.131.206 美國東部:20.49.104.26, 172.173.135.148 美國西部2號:20.42.128.102 西美國 2:20.163.100.176 |
*.us.saml.cas.ms *.us2.saml.cas.ms *.us3.saml.cas.ms *.eu.saml.cas.ms *.eu2.saml.cas.ms |
美國政府提供的服務
對於美國政府的 GCC High 用戶,若要啟用 Defender for Cloud Apps 反向代理,請將以下 DNS 名稱的外撥埠 443 加入防火牆的允許清單:
*.mcas-gov.us
*.admin-mcas-gov.us
此外,我們反向代理區域使用的以下 IP 位址應允許用於入站與出站連線:
注意事項
代理伺服器使用入站 IP 位址接收終端用戶的來電連線。
外撥 IP 位址用於建立代理與應用程式之間的連線。
針對 美國政府 GCC High 用戶:
| IP 位址 | DNS 名稱 | |
|---|---|---|
| 會話控制 | 美國亞利桑那州政府:52.244.144.65、52.244.43.90、52.244.43.225、52.244.215.117、52.235.134.195、52.126.54.167、52.126.55.65 美國維吉尼亞州政府:13.72.27.223、13.72.27.219、13.72.27.220、13.72.27.222、20.141.230.137、52.235.179.167、52.235.184.112 |
*.mcas-gov.us *.admin-mcas-gov.us |
| 存取控制 | 美國亞利桑那州政府:52.244.215.83,52.244.212.197,52.127.2.97,52.126.54.254,52.126.55.65,52.235.156.231,52.235.156.197,52.235.157.183,52.235.156.9,52.235.156.225,52.235.157.175,52.235.157.131,52.235.157.111,52.126.39.112,52.235.156.151 美國維吉尼亞州政府:13.72.27.216、13.72.27.215、52.127.50.130、52.235.179.123、52.245.252.18、52.245.252.131、52.245.252.191、52.245.253.12、52.245.253.12、52.245.253.229、52.245.254.39、52.245.254.51、52.245.254.212、52.245.254.245、52.235.184.112、52.235.184.112 |
*.access.mcas-gov.us *.access.cloudappsecurity.us |
| SAML 代理 | 美國亞利桑那州政府:20.140.49.129, 52.126.55.65 美國維吉尼亞州政府:52.227.216.80,52.235.184.112 |
*.saml.cloudappsecurity.us |
針對 美國政府 GCC 客戶:
| IP 位址 | DNS 名稱 | |
|---|---|---|
| 會話控制 | 美國亞利桑那州政府:52.235.147.86、52.126.49.55、52.126.48.233 美國維吉尼亞州政府:52.245.225.0、52.245.224.229、52.245.224.234、52.245.224.228、20.141.230.215、52.227.10.254、52.126.48.233、52.227.3.207 |
*.mcas-gov.ms *.admin-mcas-gov.ms |
| 存取控制 | 美國亞利桑那州政府:52.127.2.97,52.235.143.220,52.126.48.233,52.126.33.153,52.126.39.65,52.235.138.253,52.235.139.4,52.235.139.36,52.235.139.75,52.235.139.92,52.235.139.103,52.235.139.134,52.235.139.141 美國維吉尼亞州政府:52.245.224.235,52.245.224.227,52.127.50.130,52.245.222.168,52.245.222.172,52.245.222.180,52.245.222.209,52.245.223.38,52.245.223.72,52.245.223.177,52.245.223.181,52.245.223.182,52.245.223.190,23.97.12.140,52.227.3.207 |
*.access.mcas-gov.ms |
| SAML 代理 | 美國亞利桑那州政府:52.126.48.233 美國維吉尼亞州政府:52.227.216.80、52.126.48.233、52.227.3.207 |
*.saml.cloudappsecuritygov.com |
SIEM 代理連線
要啟用 Defender for Cloud Apps 連接您的 SIEM,請將以下 IP 位址的外出埠 443 加入防火牆的允許清單:
| 資料中心 | IP 位址 |
|---|---|
| US1 | 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.64.26.88, 13.64.29.32, 13.80.125.22, 13.91.91.243, 40.74.1.235, 40.74.6.204, 51.143.58.207, 52.137.89.147, 52.183.75.62, 23.101.201.123, 20.228.186.154 |
| 美國2號公路 | 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.80.125.22, 20.36.222.59, 20.36.222.60, 40.74.1.235, 40.74.6.204, 51.143.58.207, 52.137.89.147, 52.183.75.62, 52.184.165.82, 20.15.114.156, 172.202.90.196 |
| US3 | 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.80.125.22, 40.74.1.235, 40.74.6.204, 40.90.218.196, 40.90.218.198, 51.143.58.207, 52.137.89.147, 52.183.75.62, 20.3.226.231, 4.255.218.227 |
| 歐陸風雲1 | 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.80.125.22, 40.74.1.235, 40.74.6.204, 40.119.154.72, 51.143.58.207, 52.137.89.147, 52.157.238.58, 52.174.56.180, 52.183.75.62, 20.71.203.39, 137.116.224.49 |
| 歐陸風雲2 | 13.107.219.0/24, 13.107.227.0/24, 13.107.228.0/24, 13.107.229.0/24, 150.171.97.0/24, 13.80.125.22, 40.74.1.235, 40.74.6.204, 40.81.156.154, 40.81.156.156, 51.143.58.207, 52.137.89.147, 52.183.75.62, 20.0.210.84, 20.90.9.64 |
| 美國政府 | 13.72.19.4, 52.227.143.223, 51.54.53.136/29, 51.54.114.160/29, 62.11.173.176/29, 62.11.165.44, 20.140.131.96 |
| GCC | 52.227.23.181, 52.227.180.126, 51.54.53.136/29, 51.54.114.160/29, 62.11.173.176/29, 62.11.165.45, 52.227.23.181 |
注意事項
- 如果你在設定 Defender for Cloud Apps SIEM 代理時沒有指定代理,你需要允許 Azure TLS 憑證變更頁面上列出的 URL 在第 80 埠使用 http 連線。 這是用來在你連接 Defender for Cloud Apps 時查詢憑證撤銷狀態。
- SIEM 代理連線需要真正的 Microsoft Defender for Cloud Apps 憑證使用。
App connector
對於某些第三方應用程式,Defender for Cloud Apps 可能會使用這些 IP 位址。 這些 IP 位址讓 Defender for Cloud Apps 能夠收集日誌,並提供 Defender for Cloud Apps 主控台的存取權限。
注意事項
你可能會在廠商的活動日誌中看到這些 IP 位址,因為 Defender for Cloud Apps 會從這些 IP 位址執行治理操作並掃描資料。
要連接第三方應用程式,請啟用 Defender for Cloud Apps,從以下 IP 位址連接:
| 資料中心 | IP 位址 |
|---|---|
| US1 | 13.64.26.88, 13.64.29.32, 13.64.30.76, 13.64.30.117, 13.64.30.118, 13.64.31.116, 13.64.196.27, 13.64.198.19, 13.64.198.97, 13.64.199.41, 13.68.76.47, 13.86.176.189, 13.86.176.211, 13.91.61.249, 13.91.91.243, 13.91.98.185, 13.93.216.68, 13.93.233.42, 40.118.211.172, 104.42.54.148, 104.209.35.177, 40.83.194.192, 40.83.194.193, 40.83.194.194, 40.83.194.195, 40.83.194.196, 40.83.194.197, 40.83.194.198, 40.83.194.199, 40.83.194.200, 40.83.194.201, 40.83.194.202, 40.83.194.203,40.83.194.204, 40.83.194.205, 40.83.194.206, 40.83.194.207, 13.64.16.134, 13.64.16.130, 13.64.16.131, 13.64.16.136, 13.64.16.133, 13.64.16.137, 13.64.16.132, 13.64.16.129, 13.64.16.138, 13.64.16.135, 20.245.106.190, 20.245.106.217, 20.253.255.143, 20.253.255.153, 20.253.255.130, 20.253.255.157, 20.66.8.42, 20.253.255.134, 20.253.255.128, 20.253.255.146, 20.237.121.229, 20.237.122.187, 20.232.229.26, 20.232.228.132, 20.232.228.47, 20.232.228.143, 20.232.228.80, 20.232.228.94,20.232.228.153, 20.232.228.85, 13.86.219.235, 13.86.219.238, 13.86.219.239, 13.86.219.236, 13.86.219.249, 13.86.219.247, 13.86.219.231, 13.86.219.228, 13.86.219.244, 13.86.219.233, 13.86.219.232, 13.86.219.237, 13.86.219.230, 13.86.219.241, 13.86.219.234, 13.86.219.250, 13.86.219.248, 13.86.219.240, 13.86.219.226, 13.86.219.227, 13.86.219.245, 13.86.219.229, 13.86.219.225, 13.86.219.246, 13.86.219.243, 13.86.219.242, 13.86.219.224, 23.101.201.123, 20.228.186.154 |
| 美國2號公路 | 13.68.76.47, 20.36.222.59, 20.36.222.60, 40.67.152.91, 40.67.154.160, 40.67.155.146, 40.67.159.55, 40.84.2.83, 40.84.4.93, 40.84.4.119, 52.184.165.82, 52.232.224.227, 52.232.225.84, 104.42.54.148, 104.46.116.211, 104.46.116.211, 104.46.121.72, 104.46.121.72, 104.46.122.189, 104.46.122.189, 20.57.54.192, 20.57.54.193, 20.57.54.194, 20.57.54.195, 20.57.54.196, 20.57.54.197, 20.57.54.198, 20.57.54.199, 20.57.54.200, 20.57.54.201, 20.57.54.202, 20.57.54.203, 20.57.54.204,20.57.54.205, 20.57.54.206, 20.57.54.207, 20.85.63.179, 20.85.63.177, 20.85.63.185, 20.85.63.183, 20.85.63.180, 20.85.63.184, 20.85.63.182, 20.85.63.178, 20.85.63.181, 20.85.63.186, 20.96.151.151, 20.96.151.147, 20.96.151.153, 20.96.151.149, 20.96.151.148, 20.96.151.145, 20.96.151.144, 20.96.151.146, 20.96.151.152, 20.96.151.150, 20.96.83.110, 20.96.87.32, 20.7.102.52, 20.22.87.7, 20.7.102.59, 20.7.101.234, 20.7.102.51, 20.7.102.40, 20.7.96.98, 20.7.102.54, 52.154.237.66,52.154.234.32, 20.12.128.213, 20.12.130.50, 20.12.130.20, 20.221.93.63, 20.12.128.239, 20.221.93.52 ,20.12.128.152, 20.12.130.57, 20.15.114.156, 172.202.90.196 |
| US3 | 13.68.76.47, 40.90.218.196, 40.90.218.197, 40.90.218.198, 40.90.218.203, 40.90.220.190, 40.90.220.196, 51.143.120.236, 51.143.120.242, 104.42.54.148, 52.156.123.128, 52.156.123.129, 52.156.123.130, 52.156.123.131, 52.156.123.132, 52.156.123.133, 52.156.123.134, 52.156.123.135, 52.156.123.136, 52.156.123.137, 52.156.123.138, 52.156.123.139, 52.156.123.140, 52.156.123.141, 52.156.123.142, 52.156.123.143, 20.115.249.168, 20.115.249.160, 20.115.249.161, 20.115.249.169,20.115.249.164, 20.115.249.166, 20.115.249.165, 20.115.249.170, 20.115.249.163, 20.115.249.167, 20.115.170.133, 20.115.170.129, 20.115.170.131, 20.115.170.128, 20.115.170.135, 20.115.170.137, 20.115.170.132, 20.115.170.136, 20.115.170.130, 20.115.170.134, 20.112.52.85, 20.112.52.87, 20.112.52.80, 20.112.52.83, 20.112.52.81, 20.112.52.82, 20.112.52.86, 20.112.52.88, 20.112.52.84, 20.112.52.89, 20.64.198.145, 20.64.198.151, 20.64.198.149, 20.64.198.146, 20.64.198.147,20.64.198.150, 20.64.198.148, 20.64.198.153, 20.64.198.144, 20.64.198.152, 20.115.170.117, 20.115.170.112, 20.115.170.113, 20.115.170.120, 20.115.170.114, 20.115.170.121, 20.115.170.116, 20.115.170.115, 20.115.170.118, 20.115.170.119, 20.190.20.133, 20.64.193.51, 20.99.133.17, 20.99.133.32, 20.99.133.43, 20.99.133.83, 20.99.132.218, 20.99.133.64, 20.99.133.71, 20.99.133.63, 20.69.33.38, 20.69.33.177, 20.165.241.40, 20.165.243.11, 20.165.243.57, 20.165.143.180, 20.165.240.158,20.165.143.148, 20.165.241.61, 20.165.240.156, 172.179.162.236, 52.183.56.43, 52.229.14.50, 52.229.14.55, 52.183.60.99, 52.229.14.79, 52.183.60.44, 52.191.128.12, 52.183.66.205, 52.229.14.25, 52.229.14.48, 52.229.14.72, 52.183.60.91, 52.229.14.29, 52.229.14.88, 52.183.56.41, 52.183.63.140, 52.229.14.39, 52.183.56.92, 52.229.14.86, 52.229.14.37, 52.229.14.70, 52.191.128.16, 52.229.14.59, 52.229.14.91, 52.229.14.32, 52.229.14.65, 20.3.226.231, 4.255.218.227 |
| 歐陸風雲1 | 13.80.22.71, 13.95.29.177, 13.95.30.46, 40.67.219.133, 40.114.217.8, 40.114.217.8, 40.115.24.65, 40.115.24.65, 40.115.25.50, 40.115.25.50, 40.119.154.72, 51.105.55.62, 51.105.179.157, 51.137.200.32, 52.157.232.110, 52.157.233.92, 52.157.233.133, 52.157.238.58, 52.157.239.110, 52.174.56.180, 20.73.240.208, 20.73.240.209, 20.73.240.210, 20.73.240.211, 20.73.240.212, 20.73.240.213, 20.73.240.214, 20.73.240.215, 20.73.240.216, 20.73.240.217, 20.73.240.218, 20.73.240.219,20.73.240.220, 20.73.240.221, 20.73.240.222, 20.73.240.223, 20.101.177.19, 20.101.177.21, 20.101.177.18, 20.101.177.20, 20.101.177.17, 20.101.177.16, 20.101.177.23, 20.101.177.25, 20.101.177.22, 20.101.177.24, 20.101.177.27, 20.101.177.30, 20.101.177.31, 20.101.177.26, 20.101.177.28, 20.101.177.29, 20.101.250.216, 20.101.251.166, 20.23.198.95, 20.23.198.34, 20.23.198.132, 20.23.198.198, 20.23.199.120, 20.23.198.119, 20.23.198.195, 20.23.198.244, 20.166.184.39, 20.166.184.36,40.127.213.98, 40.127.213.99, 40.127.213.91, 40.127.213.90, 40.127.213.75, 40.127.213.67, 40.127.213.74, 40.127.213.66, 20.71.203.39, 137.116.224.49 |
| 歐陸風雲2 | 40.81.152.171, 40.81.152.172, 40.81.156.153, 40.81.156.154, 40.81.156.155, 40.81.156.156, 51.105.55.62, 51.137.200.32, 51.145.108.227, 51.145.108.250, 20.58.119.224, 20.58.119.225, 20.58.119.226, 20.58.119.227, 20.58.119.228, 20.58.119.229, 20.58.119.230, 20.58.119.231, 20.58.119.232, 20.58.119.233, 20.58.119.234, 20.58.119.235, 20.58.119.236, 20.58.119.237, 20.58.119.238, 20.58.119.239, 20.108.77.57, 20.108.77.54, 20.108.77.49, 20.108.77.53, 20.108.77.52, 20.108.77.55,20.108.77.51, 20.108.77.58, 20.108.77.50, 20.108.77.56, 20.26.34.120, 20.108.140.27, 20.108.139.189, 20.108.140.32, 20.108.140.44, 20.108.140.64, 20.108.139.112, 20.108.139.147, 20.108.139.131, 20.108.140.55, 20.108.139.199, 20.108.139.236, 20.108.139.172, 20.108.139.132, 20.108.139.213, 20.108.139.145, 20.26.179.11, 20.26.179.32, 4.234.34.182, 4.234.34.92, 4.234.34.186, 4.234.34.124, 4.234.34.202, 4.234.34.86, 4.234.34.91, 4.234.34.123, 20.254.173.207, 20.254.174.189,51.11.108.110, 51.11.108.92, 51.11.108.75, 51.11.108.101, 51.11.108.72, 51.11.108.103, 51.11.108.107, 51.11.108.85, 20.0.210.84, 20.90.9.64 |
| 美國政府 | 52.227.138.248, 52.227.142.192, 52.227.143.223, 20.141.237.150, 20.141.168.108, 20.141.229.90, 52.245.229.181, 20.141.169.206, 20.141.66.57, 52.245.248.176, 20.141.83.238, 52.235.172.25, 20.141.65.135, 20.141.168.228, 20.141.228.42, 20.141.229.9, 20.141.169.251, 20.141.70.136, 20.141.225.225, 20.158.9.149, 20.158.10.67, 20.158.10.226, 20.158.10.234, 20.158.11.18, 20.158.11.199, 20.158.11.236, 20.158.11.239, 20.158.11.244, 20.158.33.105, 20.158.33.122, 20.158.33.126,52.245.254.197, 52.243.227.26, 52.243.227.27, 52.243.227.32, 52.243.227.33, 52.243.227.48, 52.243.227.49, 52.243.227.66, 52.243.227.67, 52.243.227.72, 52.243.227.73, 52.243.227.80, 52.243.227.81, 52.243.227.96, 62.11.165.44, 20.140.131.96 |
| GCC | 52.227.23.181, 52.227.180.126, 20.141.235.17, 20.141.236.69, 52.245.248.46, 20.141.235.182, 52.245.248.186, 20.141.236.251, 20.141.238.58, 20.141.238.71, 52.245.248.137, 52.245.249.102, 20.141.236.184, 52.245.249.161, 20.141.236.160, 52.245.249.166, 52.245.249.194, 20.141.237.71, 52.245.212.156, 52.245.233.180, 20.141.93.154, 20.141.93.206, 20.141.94.107, 20.141.94.119, 20.141.94.127, 20.141.94.248, 20.141.95.95, 20.141.95.101, 20.141.95.166, 20.141.95.176, 20.141.143.35,20.141.143.56, 20.141.143.153, 52.243.225.220, 52.243.226.58, 52.243.226.194, 52.243.226.195, 52.243.226.216, 52.243.226.217, 52.243.226.230, 52.243.226.231, 52.243.231.139, 52.243.231.186, 52.243.231.212, 52.243.232.76, 52.245.182.218, 62.11.165.45, 52.227.23.181 |
Mail server (郵件伺服器)
若要啟用預設範本和設定發送通知,請將這些 IP 位址加入你的反垃圾郵件允許清單。 Defender for Cloud Apps 專用電子郵件 IP 位址如下:
- 65.55.234.192/26
- 207.46.50.192/26
- 65.55.52.224/27
- 94.245.112.0/27
- 111.221.26.0/27
- 207.46.200.0/27
記錄收集器
要啟用使用日誌收集器進行雲端發現功能並偵測組織中的影子資訊科技,請開啟以下項目:
允許日誌收集器接收資料來源設定的入站 FTP 與 Syslog 流量。
允許日誌收集器發起向 Defender for Cloud Apps API 的外發流量 (例如
<mytenant>.us2.cloudappsecurity.com) 在 443 埠,以及 DNS 服務) (53 埠的存取。 要找到您的租戶網址,請參閱 查看您的資料中心。允許日誌收集器啟動對 443 埠口 Azure blob 儲存的外發流量:
資料中心 URL US1 https://adaprodconsole.blob.core.windows.net/美國2號公路 https://prod03use2console1.blob.core.windows.net/US3 https://prod5usw2console1.blob.core.windows.net/歐陸風雲1 https://prod02euwconsole1.blob.core.windows.net/歐陸風雲2 https://prod4uksconsole1.blob.core.windows.net/美國政府 https://gprd1usgvconsole1.blob.core.usgovcloudapi.net/GCC https://gccm1usgvconsole1.blob.core.usgovcloudapi.net/
注意事項
- 如果你的防火牆需要靜態 IP 位址存取清單,且不支援基於 URL 的允許,允許日誌收集器在 443 埠發起 Microsoft Azure 資料中心 IP 範圍的外出流量。
- 如果你在設定日誌收集器時沒有指定代理,你需要在 Azure TLS 憑證變更頁面列出的 URL 允許 80 埠的 HTTP 連線。 這是用來查詢你連接 Defender for Cloud Apps API 時憑證撤銷狀態。
後續步驟
如果你遇到任何問題,我們隨時準備協助。 若要獲得產品問題的協助或支援,請 開啟客服單。