You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CloudAppSecurityDocs/release-notes.md
+29-2Lines changed: 29 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -19,11 +19,38 @@ For more information on what's new with other Microsoft Defender security produc
19
19
20
20
For news about earlier releases, see [Archive of past updates for Microsoft Defender for Cloud Apps](release-note-archive.md).
21
21
22
+
## February 2025
23
+
24
+
Due to improvements being made to Microsoft Defender for Cloud Apps to improve security and performance, you must update network information in your system's firewall and additional third-party services. Make these changes by March 16, 2025 to ensure uninterrupted access to our services:
25
+
26
+
- Update your firewall rules to allow outbound traffic on port 443 to the following new CDN endpoints before March 16, 2025:
27
+
28
+
- 'cdn.cloudappsecurity.com
29
+
- cdn-discovery.cloudappsecurity.com
30
+
31
+
- All required outbound access URLs can also be found in Defender for Cloud Apps network requirements page under 'Portal Access.'
32
+
33
+
- To use Defender for Cloud Apps in the Microsoft Defender portal, make sure you add outbound port 443 for all IP addresses and DNS names listed in our documentation to your firewall's allowlist.
34
+
35
+
- To connect to third-party apps, enable Defender for Cloud Apps to connect from the following IP addresses, also available in our documentation:
36
+
37
+
-**US1**: - 23.101.201.123 - 20.228.186.154
38
+
39
+
-**US2**: - 20.15.114.156 - 172.202.90.196
40
+
41
+
-**US3**: - 20.3.226.231 - 4.255.218.227
42
+
43
+
-**EU1**: - 20.71.203.39 - 137.116.224.49
44
+
45
+
-**EU2**: - 20.0.210.84 - 20.90.9.64
46
+
47
+
- To stay up to date on IP ranges that impact the experiences in Microsoft Defender for Cloud Apps in the areas of portal experience access, access and session controls, SIEM agent connection, app connectors, mail servers, and log collector, we recommend using the Azure service tag for Microsoft Defender for Cloud Apps services, 'MicrosoftCloudAppSecurity.' The latest IP ranges are found in the service tag. For more information, see [Azure IP ranges](https://learn.microsoft.com/en-us/azure/virtual-network/service-tags-overview).
48
+
22
49
## November 2024
23
50
24
51
### Internal Session Controls application notice
25
-
The Enterprise application “Microsoft Defender for Cloud Apps – Session Controls” is used internally by the Conditional Access App Control service.
26
-
Please ensure there is no CA policy restricting access to this application.
52
+
The Enterprise application 'Microsoft Defender for Cloud Apps – Session Controls' is used internally by the Conditional Access App Control service.
53
+
Ensure there's no CA policy restricting access to this application.
27
54
For policies that restrict all or certain applications, please ensure this application is listed as an exception or confirm that the blocking policy is deliberate.
28
55
29
56
For more information, see [Sample: Create Microsoft Entra ID Conditional Access policies for use with Defender for Cloud Apps](session-policy-aad.md#sample-create-microsoft-entra-id-conditional-access-policies-for-use-with-defender-for-cloud-apps).
0 commit comments