[Short] MS Teams Proxy External Demo- Scenarios

Owned by Agat Support
Last updated: Mar 08, 2022 by Yoav Crombie
6 min read

 

Introduction

This article outlines how to try the following solutions for MS Teams

  • Ethical Wall

  • DLP

  • eDiscovery

The demo environment is using both Proxy and API, even though most of the examples are using the Proxy.

You have pre configured clients listed below that have configured Proxy in them

 

Access details

Will be sent by email from AGAT sales

See here : https://agatsoftware.atlassian.net/wiki/spaces/SKYP/pages/2630025238

Ethical Wall polcies:

You can see the preconfigured Ethical Wall Policies, for both two-participant conversation and multi-participant conversation here - https://msteamsproxy.agatdemo.com/admin/federationpolicy

Please do not change the Ethical Wall Policies

The relevant policies in the Ethical wall are set to -

  • Block communication completely between Researchers (Alice) and Investors (Bob)

  • Block Screen Sharing and filesharing from Researchers (Alice) to IT (Bob) -one way policy.

You can view the policies in more detail as follows in the EW policy page:
https://msteamsproxy.agatdemo.com/admin/federationpolicy

Choose a policy and click EDIT next to the policy

Please do not change the Ethical Wall Policies

  • View policy conditions

  • View policy rules

 

EW- Complete Block: Investor - Researcher Test cases .

Test case - Investors cannot search for Researchers

  • Use Alice@agat.place (Researcher) to search for Bob@agat.place (Investor)

  • Result is unable to search

  • Verify that Alice can search other users such as Jim or David

Governance

See here that annonymous are not allowed to join meetings:

https://msteamsproxy.agatdemo.com/admin/msteamsgovernancepolicies

 

Test Case - Alice cannot join meeting with Bob anonymously

  • Sign in with bob@agat.place

  • Start a meeting and send a link to Alice@agat.place.

  • Use Alice to try and join the meeting anonymously. Do this by pasting link in a an Incognito session in the browser of alice

  • See that you can not join the meeting.

  • Verify event is listed in the activity auditing - https://msteamsproxy.agatdemo.com/admin/activityauditing

Granular Control: Researchers- IT Test cases. Chat is allowed but file and screen share blocked.

Test Case - Allow IM between Researchers and IT in Chat

  • Use alice@agat.place (Researcher) to send a IM to jim@agat.place (IT) in chat.

  • Message passes through as per policy

 

Test Case - Block File Sharing between Researchers and IT in Chat

 

 

Test Case - Block Screen Share between Researchers and IT in Chat

Test Case - Block Screen Share between Researchers and IT in meeting

 

External Policy Test cases - External communication control

Test Case - Search external user by Bob - Allowed

Test Case - Search external user by Alice - Blocked

Test Case - Block Chat, File share and screen share with External

  • Use Bob@agatdemo.com and search for reuvaina@agatsoftware.com

  • Select Reuvain Aarons (External)

  • send an IM in chat - see that it is blocked

  • share screen from chat - see that it is blocked

  • Call and see that it is allowed

  • In the call send an IM and share screen - see that they are blocked

  • See event in Activity Auditing here - https://msteamsproxy.agatdemo.com/admin/activityauditing

DLP Messages

Test case : Credit Card and IBAN blocked - IM

  • Use alice@agat.place to send an IM with a credit card number and IBAN (see examples below) to

    david@agat.place (Please note not EW restrictions between Alice from Rearchers and David from HR)

Credit Card Numbers

6703 4444 4444 4449

4035 5010 0000 0008

IBAN

AL35202111090000000001234567

IL170108000000012612345

 

Verify auditing is update here https://msteamsproxy.agatdemo.com/admin/dlprulelogs

DLP Files

Test case : Credit Card and IBAN blocked - File

  • Use alice@agat.place to send a file containing a credit card number and IBAN to

    alex@agat.place

  • The file “Credit card numbers and IBAN” can be found in the following Attachment Samples folder on the desktop of Alice C:\Users\alice\Desktop\Attachment samples

  • See incidents in DLP Auditing section of portal - https://msteamsproxy.agatdemo.com/admin/dlprulelogs

Verify auditing is update here https://msteamsproxy.agatdemo.com/admin/dlprulelogs. Remember to refresh the list

Test case: Sending scanned image that displaying SSN number in the image

  • Use alice@agat.place to send a file containing a scanned SSN number credit card number and IBAN to

    alex@agat.place

Test case: Safe content -Send inappropriate images

Send from the folder of C:\Users\alice\Desktop\Attachment samples\Safe Content samples the image of faces from Alice to David. Image should pass.


Send the image injury

File is blocked. Verify in the DLP auditing the reason (remember to refresh the list) https://msteamsproxy.agatdemo.com/admin/dlprulelogs

eDiscovery

Test case : All communication is captures

 

  • Navigate to https://msteamsproxy.agatdemo.com/admin/ediscovery

  • Each row on the left hand side represents a chat, channel or meeting

  • click on any row and see the details on the right hand side. Scroll through the conversation

  • Click on Advanced Search to search based on several parameters

  • Search based on text , such as “hello” and see results

SharePoint

Test Case : Alice (Researchers) cannot add Bob (Investors) to SharePoint site

There are 3 ways to do this in a Teams Site:

1- Members > Add members

2- Settings >Site Permissions> Add to group

3- Settings >Site Permissions> share site Only

Test Case : Alice (Researchers) cannot share file with Bob (Investors) from SharePoint site

 

OneDrive

Test Case Alice (Researchers) cannot share file with Bob (Investors) in OneDrive

  • Navigate to Alice@agat.place (Researchers) OneDrive

  • Share file with bob@agat.place (Investor)

  • Search is blocked.