It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Reporting Server

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda CloudGen Access

Overview Documentation Training Certification Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Reporting Server

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

Conditional Access Deployment

Last updated on 2024-04-04 22:03:45

Conditional Access policies are, at their most basic, an if-then statement combining signals to make decisions, and to enforce organization policies. Zero Trust Access to Microsoft 365 applications can be configured by integrating CloudGen Access with the Microsoft Entra Conditional Access feature. Note that conditional access requires an extended Azure license (Microsoft Entra ID Premium).

This deployment option requires a proxy with a public IP address. You need to deploy and host proxy.

Create a named location.
Locations are found under Protection > Conditional Access > Named locations.
1. Create a location with proxy IP addresses.
Create below resources.
Create self-hosted web resources from the CloudGen Access management console:
*.aadg.akadns.net
*.msidentity.com
outlook.office365.com
*.aadg.trafficmanager.net
login.microsoftonline.com
Login.windows.net
Create a policy.
Example policy: This policy blocks access to Microsoft 365 applications from all locations, excluding the “named location (Proxy IP)” for all or selected users and groups.
1. Select users of the policy.
2. Select the Office 365 application. If you are using Microsoft Entra ID as an Identity Provider for CloudGen Access, do not forget to exclude it from the target resources.
3. Set conditions. You can enforce this policy to all locations, excluding the “named location” you created.
4. Finally, select Block Access next to Grant.