Topologies available for SphereShield for MS Teams

SphereShield for MS Teams components

  1. Admin Portal Database – The Database stores the product configurations; it can be collocated with other Databases on the same server/Instance.
  2. Admin Portal Web Application – The Portal Web App is used to configure most SphereShield settings.
  3. Bastion – A Bastion Reverse proxy server that is in the DMZ or Cloud. This server will filter through the traffic and will execute blocks and restrictions.
  4. Filters - modules of the Bastion Reverse Proxy that serves as security providers for MS Teams.
  5. CASB Adapter Service - connects to the MS Teams API.

To determined if you need Bastion - please visit the introduction page here

SphereShield for MS Teams Centralized and Distributed topologies

SphereShield for MS Teams is currently available as an on-premise solution using a proxy and API CASB service. 

The Proxy is provided by the Bastion Proxy, which is a windows service running on a windows machine.

The API CASB is provided by the CASB Adapter Service, which is a windows service running on a windows machine.

SphereShield for Teams could be installed on one server hosting all roles (centralized topology) or each role could be installed on a different server (distributed topology).

(Distributed approach for API CASB)


(Distributed approach for Proxy)

(Centralized approach)