SphereShield for MS Teams components

1. Admin Portal Database – The Database stores the product configurations; it can be collocated with other Databases on the same server/Instance.

2. Admin Portal Web Application – The Portal Web App is used to configure most SphereShield settings.

3. Bastion – A Bastion Reverse proxy server that is in the DMZ or Cloud. This server will filter through the traffic and will execute blocks and restrictions.

4. Filters - modules of the Bastion Reverse Proxy that serves as security providers for MS Teams.

5. CASB Adapter Service - connects to the MS Teams API.

To determine if you need Bastion - please visit the introduction page here

SphereShield for MS Teams Centralized and Distributed topologies

SphereShield for MS Teams is currently available as a SaaS or an On-Premise solution using a proxy and CASB API service.

The Proxy is provided by the Bastion Proxy, which is a Windows service running on a Windows server.

The CASB API is provided by the CASB Adapter Service, which is a Windows service running on a Windows server.

SphereShield for Teams could be installed on one server hosting all roles (centralized topology) or each role could be installed on a different server (distributed topology).

Types of deployments

Distributed approach for API CASB

Open

Distributed Approach for Proxy

Centralized Approach

Open

Bastion Proxy Dataflow

This is a general diagram of the way the proxy approach works