SphereShield CASB API Data flow

Owned by Agat Support
Last updated: Oct 24, 2023
2 min read

The following is one of the options for the deployment of SphereShield for Teams & Webex.

SphereShield CASB API (recommended)

Used for Channel Management, Near-real-time prevention, detection and awareness requirements.

CASB API Hosted API Topology

Channel management hosted solution Architecture Diagram

 

CASB API On-premises topology

  1. Client 1 sends a message/file to client 2. 

  2. Client 2 receives the message. 

  3.  Office 365 updates the Webhook Listener Site (WLS) that an action was done (Webhook) 

  4. WLS stores in the DB the action that was done. 

  5. CASB checks the DB for events, if it sees an event, it inspects it and decides if this is an allowed action. 

  6. If the action is not allowed, the CASB will delete/remove permissions in Office 365 cloud. 

  7. Office 365 cloud will delete/remove permissions from client 2 

High level diagram for API

The sign-in scenario in a multi-tenant app

https://agatsoftware.atlassian.net/wiki/spaces/VA/pages/2743500810/AGI+Meeting+Assistant+Architecture+and+Security#Security