| Table of Contents | ||||
|---|---|---|---|---|
|
Introduction
This article outlines how to try the following solutions for MS Teams
Ethical Wall
DLP
eDiscovery
Login to Admin Portal using any of the users in table below
Admin Portal: https://MSTeamsProxy.agatdemo.com
Users:
...
User name
...
Password
...
Role
...
AD Group
...
Alice@agat.place
...
Software!23
...
user
...
Researchers
...
Bob@agat.place
...
Software!23
...
user
...
Investors
...
jim@agat.place
...
Software!23
...
user
...
IT
...
david@agat.place
...
Software!23
...
user
...
HR
...
alex@agat.place
...
Software!23
...
user
...
Management
How to connect to the demo machines
In order for the solution to work, the end user must configure a PAC file and install a certificate on their device.
To simplify the demonstration, AGAT has prepared preconfigured, end-user machines (with PAC and certificate). There is also the MS Teams App installed. Test users are already signed-in.
Connecting to the machines can be done using RDP.
Please find below the machine details:
Machine 1
IP - 3.229.131.214 :
...
User
...
Machine Password
...
MS Teams User
...
MS Teams Password
...
TeamsDemo1
...
Software!23
...
Alice@agat.place
...
Software!23
Machine 2
IP - 35.171.109.194
...
User
...
Machine Password
...
Webex User
...
Webex Password
...
TeamsDemo1
...
Software!23
...
bob@agat.place
...
Software!23
...
The demo environment is using both Proxy and API, even though most of the examples are using the Proxy.
You have pre configured clients listed below that have configured Proxy in them
Access details
Will be sent by email from AGAT sales
See here : /wiki/spaces/SKYP/pages/2630025238
Ethical Wall polcies:
You can see the preconfigured Ethical Wall Policies, for both two-participant conversation and multi-participant conversation here - https://msteamsproxy.agatdemo.com/admin/federationpolicy
Please do not change the Ethical Wall Policies
the Policies The relevant policies in the Ethical wall are set to -
Block communication completely between Researchers (Alice) and Investors . (Bob)
Block Screen Sharing and filesharing between Researchers and from Researchers (Alice) to IT (Bob) -one way policy).
You can view the policies in more detail as follows - Click in the EW policy page:
https://msteamsproxy.agatdemo.com/admin/federationpolicy
Choose a policy and click EDIT next to the policy
Please do not change the Ethical Wall Policies
View policy conditions
View policy rules
...
EW- Complete Block: Investor - Researcher Test cases .
...
Test case
...
- Investors cannot search for Researchers
Use Alice@agatdemoAlice@agat.complace (Researcher) to search for Bob@agatdemoBob@agat.complace (Investor)
Result is unable to search
...
...
Login to Teams with jim@agat.place
Go to the ‘Investors - IT - Researchers’ Chat (it is pinned)
bob@agat.place is a member and he is from the Investors Group
Add alice@agat.place to the Chat. She is a Researcher
Send a message or file in chat
Alice and Bob will be removed from Chat in near real time
See Auditing Verify that Alice can search other users such as Jim or David
Governance
See here that annonymous are not allowed to join meetings:
https://msteamsproxy.agatdemo.com/admin/
...
...
...
Test Case
...
- Alice cannot join meeting with Bob anonymously
Sign in with bob@agat.place
Start a meeting and send a link to Alice@agat.place.
Use Alice to try and join the meeting anonymously. Do this by pasting link in Incognito. a an Incognito session in the browser of alice
See that you can not join the meeting.
Verify event is listed in the activity auditing - https://msteamsproxy.agatdemo.com/admin/activityauditing
Granular Control: Researchers- IT Test cases. Chat is allowed but file and screen share blocked.
...
Test Case
...
- Allow IM between Researchers and IT in Chat
Use alice@agat.place (Researcher) to send a IM to jim@agat.place (IT) in chat.
Message passes through as per policy
...
Test Case
...
- Block File Sharing between Researchers and IT in Chat
Send file from Jim to Alice . This should work.
Use alice@agat.place (Researcher) to send a file to jim@agat.place (IT) in chat.
Please use a file from the following location - C:\Users\TeamsDemo1\Documents\Attachment Samples
See that it is blocked with popup.
See event in Activity Auditing here - https://msteamsproxy.agatdemo.com/admin/activityauditing
...
Test Case
...
- Block Screen Share between Researchers and IT in Chat
Use alice@agat.place (Researchers) to screen share with jim@agat.place (IT) in the call (also can try from chat)
See that it is blocked with popup.
See event in Activity Auditing here - https://msteamsproxy.agatdemo.com/admin/activityauditing
...
See event in Activity Auditing here - https://msteamsproxy.agatdemo.com/admin/activityauditing
Test Case
...
- Block Screen Share between Researchers and IT in meeting
Use alice@agat.place (Researchers) to share screen with Jim@agat.place (IT) in meeting started in test case 7 above
See that it is blocked with popup.
See event in Activity Auditing here - https://msteamsproxy.agatdemo.com/admin/activityauditing
External Policy Test cases - External communication
...
control
Test Case
...
- Search
...
external user by Bob - Allowed
Use Bob@agat.place (Investor) and search for reuvaina@agatsoftware.com in Teams
Search will find result due to policy and communication allowed
Test Case
...
- Search
...
external user by Alice - Blocked
Use alice@agat.place (Researchers) and search for reuvaina@agatsoftware.com in Teams
Search will not find any results due to default external policy
Test Case
...
- Block Chat, File share and screen share with External
Use Bob@agatdemo.com and search for reuvaina@agatsoftware.com
Select Reuvain Aarons (External)
send an IM in chat - see that it is blocked
share screen from chat - see that it is blocked
Call and see that it is allowed
In the call send an IM and share screen - see that they are blocked
See event in Activity Auditing here - https://msteamsproxy.agatdemo.com/admin/activityauditing
DLP
...
Messages
Test case
...
: Credit Card and IBAN blocked - IM
Use alice@agat.place to send an IM with a credit card number and IBAN (see examples below) to
alex@agatdavid@agat.place (Please note - Alex is part of Management AD Group and there is no Ethical Wall policy blocking communicationnot EW restrictions between Alice from Rearchers and David from HR)
Credit Card Numbers
6703 4444 4444 4449
...
AL35202111090000000001234567
IL170108000000012612345
Verify auditing is update here https://msteamsproxy.agatdemo.com/admin/dlprulelogs
DLP Files
Test case
...
: Credit Card and IBAN blocked - File
Use alice@agat.place to send a file containing a credit card number and IBAN to
The file “Credit card numbers and IBAN” can be found in the following location - Attachment Samples folder on the desktop of Alice C:\Users\TeamsDemo1alice\DocumentsDesktop\Attachment Samplessamples
See incidents in DLP Auditing section of portal - https://msteamsproxy.agatdemo.com/admin/dlprulelogs
Verify auditing is update here https://msteamsproxy.agatdemo.com/admin/dlprulelogs. Remember to refresh the list
Test case: Sending scanned image that displaying SSN number in the image
Use alice@agat.place to send a file containing a scanned SSN number credit card number and IBAN to
Test case: Safe content -Send inappropriate images
Send from the folder of C:\Users\alice\Desktop\Attachment samples\Safe Content samples the image of faces from Alice to David. Image should pass.
...
Send the image injury
...
File is blocked. Verify in the DLP auditing the reason (remember to refresh the list) https://msteamsproxy.agatdemo.com/admin/dlprulelogs
eDiscovery
Test case : All communication is captures
Navigate to https://msteamsproxy.agatdemo.com/admin/ediscovery
Each row on the left hand side represents a chat, channel or meeting
click on any row and see the details on the right hand side. Scroll through the conversation
Click on Advanced Search to search based on several parameters
Search based on text , such as “hello” and see results
SharePoint
Test Case : Alice (Researchers) cannot add Bob (Investors) to SharePoint site
Use Alice@agat.place (Researcher) to navigate to the Researcher and IT SharePoint site
Try to add bob@agat.place (Investor) to the site
Search is blocked.
There are 3 ways to do this in a Teams Site:
1- Members > Add members
2- Settings >Site Permissions> Add to group
3- Settings >Site Permissions> share site Only
Test Case : Alice (Researchers) cannot share file with Bob (Investors) from SharePoint site
Use Alice@agat.place (Reseracher) to navigate to the Researcher and IT SharePoint site
Share file with bob@agat.place (Investor)
Search is blocked.
OneDrive
Test Case Alice (Researchers) cannot share file with Bob (Investors) in OneDrive
Navigate to Alice@agat.place (Researchers) OneDrive
Share file with bob@agat.place (Investor)
Search is blocked.