Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Introduction

This article outlines how to try the following solutions for MS Teams

  • Ethical Wall

  • DLP

  • eDiscovery

The demo environment is using both Proxy and API, even though most of the examples are using the Proxy.

You have pre configured clients listed below that have configured Proxy in them

Access details

Login to Admin Portal using any of the users in table below

Admin Portal: https://MSTeamsProxy.agatdemo.com

Accessing the portal can be done from any machine in the world and can be logged in using any of the users below

Users:

User name

Password

Role

AD Group

Alice@agat.place

Software!23

user

Researchers

Bob@agat.place

Software!23

user

Investors

jim@agat.place

Software!23

user

IT

david@agat.place

Software!23

user

HR

alex@agat.place

Software!23

user

Management

Tip:

Users are synced locally from Azure and cane be verified here:

https://msteamsproxy.agatdemo.com/admin/usersgroupmembership

How to connect to the demo machines

In order for the solution to work, the end user must configure a PAC file and install a certificate on their device.

To simplify the demonstration, AGAT has prepared preconfigured, end-user machines (with PAC and certificate). There is also the MS Teams App installed. Test users are already signed-in.

Connecting to the machines can be done using RDP.

We recommend using mremote and giving names to each client as it can become confusing . It also allwos showing 2 users side by side using different pannels for each use and then daagging them side by side.

For most of the scnarios - it is improtant to verify the action content does NEVER reach the other side

Please find below the machine details:

Machine 1 IP - 54.236.131.90 Client1

User

Machine Password

MS Teams User

MS Teams Password

alice

Software!23

alice@agat.place

Software!23

david

Software!23

david@agat.place

Software!23

Machine 2 IP - 52.45.100.128 Client2

User

Machine Password

MS TeamsUser

MS Teams

Password

bob

Software!23

bob@agat.place

Software!23

jim

Software!23

jim@agat.place

Software!23

Ethical Wall polcies:

You can see the preconfigured Ethical Wall Policies, for both two-participant conversation and multi-participant conversation here - https://msteamsproxy.agatdemo.com/admin/federationpolicy

Please do not change the Ethical Wall Policies

The relevant policies in the Ethical wall are set to -

  • Block communication completely between Researchers (Alice) and Investors (Bob)

  • Block Screen Sharing and filesharing from Researchers (Alice) to IT (Bob) -one way policy.

You can view the policies in more detail as follows in the EW policy page:
https://msteamsproxy.agatdemo.com/admin/federationpolicy

Choose a policy and click EDIT next to the policy

Please do not change the Ethical Wall Policies

  • View policy conditions

  • View policy rules

EW- Complete Block: Investor - Researcher Test cases .

Test case - Investors cannot search for Researchers

  • Use Alice@agat.place (Researcher) to search for Bob@agat.place (Investor)

  • Result is unable to search

Test case - Investors cannot be added to a Chat with Researchers

Governance

See here that annonymouse are not allowed to join meetings:

https://msteamsproxy.agatdemo.com/admin/msteamsgovernancepolicies

Test Case - Alice cannot join meeting with Bob anonymously

  • Sign in with bob@agat.place

  • Start a meeting and send a link to Alice@agat.place.

  • Use Alice to try and join the meeting anonymously. Do this by pasting link in a an Incognito session in the browser of alice

  • See that you can not join the meeting.

  • Verfiy event is listed in the activity auditing - https://msteamsproxy.agatdemo.com/admin/activityauditing

Granular Control: Researchers- IT Test cases. Chat is allowed but file and screen share blocked.

Test Case - Allow IM between Researchers and IT in Chat

  • Use alice@agat.place (Researcher) to send a IM to jim@agat.place (IT) in chat.

  • Message passes through as per policy

Test Case - Block File Sharing between Researchers and IT in Chat

*Test Case - Block Screen Share between Researchers and IT in Chat

Test Case - Block Screen Share between Researchers and IT in meeting

External Policy Test cases - External communication is allowed for one user Audio/Video is allowed but File Sharing/Desktop Sharing/Chat is blocked.

Test Case - Search external user by Bob - Allowed

Test Case - Search external user by Alice - Blocked

Test Case - Block Chat, File share and screen share with External

  • Use Bob@agatdemo.com and search for reuvaina@agatsoftware.com

  • Select Reuvain Aarons (External)

  • send an IM in chat - see that it is blocked

  • share screen from chat - see that it is blocked

  • Call and see that it is allowed

  • In the call send an IM and share screen - see that they are blocked

  • See event in Activity Auditing here - https://msteamsproxy.agatdemo.com/admin/activityauditing

DLP Messages

Test case : Credit Card and IBAN blocked - IM

  • Use alice@agat.place to send an IM with a credit card number and IBAN (see examples below) to

    david@agat.place (Please note not EW restrictions between Alice from Rearchers and David from HR)

Credit Card Numbers

6703 4444 4444 4449

4035 5010 0000 0008

IBAN

AL35202111090000000001234567

IL170108000000012612345

Verify auditing is update here https://msteamsproxy.agatdemo.com/admin/dlprulelogs

DLP Files

Test case : Credit Card and IBAN blocked - File

  • Use alice@agat.place to send a file containing a credit card number and IBAN to

    alex@agat.place

  • The file “Credit card numbers and IBAN” can be found in the following Attachment Samples folder on the desktop of Alice C:\Users\alice\Desktop\Attachment samples

  • See incidents in DLP Auditing section of portal - https://msteamsproxy.agatdemo.com/admin/dlprulelogs

Verify auditing is update here https://msteamsproxy.agatdemo.com/admin/dlprulelogs. Remember to refresh the list

Test case: Sending scanned image that displaying SSN number in the image

  • Use alice@agat.place to send a file containing a scanned SSN number credit card number and IBAN to

    alex@agat.place

Test case: Safe content -Send inappropriate images

Send from the folder of C:\Users\alice\Desktop\Attachment samples\Safe Content samples the image of faces from Alice to David. Image should pass.


Send the image injury

File is blocked. Verify in the DLP auditing the reason (remember to refresh the list) https://msteamsproxy.agatdemo.com/admin/dlprulelogs

eDiscovery

Test case : All communication is captures

  • Navigate to https://msteamsproxy.agatdemo.com/admin/ediscovery

  • Each row on the left hand side represents a chat, channel or meeting

  • click on any row and see the details on the right hand side. Scroll through the conversation

  • Click on Advanced Search to search based on several parameters

  • Search based on text , such as “hello” and see results

SharePoint

Test Case : Alice (Researchers) cannot add Bob (Investors) to SharePoint site

There are 3 ways to do this in a Teams Site:

1- Members > Add members

2- Settings >Site Permissions> Add to group

3- Settings >Site Permissions> share site Only

Test Case : Alice (Researchers) cannot share file with Bob (Investors) from SharePoint site

 

OneDrive

Test Case Alice (Researchers) cannot share file with Bob (Investors) in OneDrive

  • Navigate to Alice@agat.place (Researchers) OneDrive

  • Share file with bob@agat.place (Investor)

  • Search is blocked.

  • No labels