Office 365 Monitor Mode: Manual Deployment

Setup Information:
  • Avanan Address: PORTAL@PORTAL-mail.avanan.net
  • Avanan Smart Host: PORTAL-host.avanan.net
  • Avanan US IP: 35.174.145.124
  • Avanan EU IP: 52.212.19.177

 

  • NOTE: Replace “PORTAL” with the name of your Avanan portal (PORTAL.avanan.net).
  • NOTE: If you are a European customer under GDPR compliance, you should use the Avanan EU IP. Otherwise, refer to the Avanan US IP.



Step 1: Avanan Contact

Add your dedicated Avanan Address to your Office 365 contacts. This contact will be used for the Journal Rule in Step-2.

 






Step 2: Journal Rule

The journal rule is used for the monitoring mode. The journal rule configures O365 to send all emails to the system.

 








Step 3 Connectors

You will create 2 connectors: Avanan Inbound and Avanan Journaling Outbound.

  1. “Avanan Inbound” (All Modes) - should be configured as follows:



  2. “Avanan Journaling Outbound” (All Modes)- should be configured as follows:



Connector Setup Notes:

  • All Connectors should leverage TLS Encryption for emails-in-transit.
  • Avanan utilizes self-signed certificates. Make sure to select “Any digital certificate, including self-signed certificates.”
  • Connectors must be validated. You can use your dedicated Avanan Address (found in Step-1) for validation.



Step 4: Connection Filter

Update the Connection Filter to perimeter-whitelist emails coming from Avanan. This goes hand-in-hand with the Avanan Inbound Connector created in step 3. Go to protection → connection filter → Default → connection filtering, then add the relevant Avanan IP.



Make sure you completed all the steps in the Manual Integration deployment before adding Protect mode.

In manual mode, you only need to approve the app in the O365 app-store to apply all the configuration changes.

This document will help if you want to learn the configuration changes that will be automatically applied to O365 in automated mode.

  • “Avanan Outbound” (Protect Mode Only) - should be configured as follows:



 

Step 5: Mail-flow Rule (Protect Mode)

The purpose of the mail-flow rule is to implement the inline mode for the users who need to be inline. Every time you change the scope of the inline policy (Add or remove users/groups), you will need to edit the section “Apply this rule if… The recipient is …”

  1. Create “Avanan – Protect” rule as the first mail-flow rule with the following configurations