Microsoft has recently announced a change in the domain name pattern for its user-facing Microsoft 365 apps and services. This means that Microsoft Outlook, Microsoft Teams, and other Microsoft 365 applications will now be accessible through the cloud.microsoft domain-name pattern.
This move is aimed at simplifying endpoint allow-list management for IT professionals, while providing a clean security boundary for compliant authenticated experiences. In this article, we will delve deeper into this change and its implications for IT professionals.
What does this change mean?
Microsoft has consolidated all user-facing Microsoft 365 apps and services into a new domain-name pattern, namely “cloud.microsoft.” This means that all user-facing products will now be accessible through this domain name. For example, Microsoft Outlook users will access their accounts via outlook.cloud.microsoft and Microsoft Teams users will access theirs via teams.cloud.microsoft.
The change is expected to be gradual, with only “net-new services” following this domain-name approach. Existing services will transition at a slower pace. However, Microsoft has assured users that no customer action will be needed to continue to use Microsoft 365 workloads the same way they do today.
Benefits of the change
The domain-name change will benefit IT professionals in several ways. Here are some of them:
- Simplifying endpoint allow-list management: With all user-facing Microsoft 365 apps and services accessible through a unified domain name, IT departments can now simplify endpoint allow-list management, making it easier to manage security configurations.
- Establishing a clean security boundary: The “cloud” part of the new domain-name approach helps establish a clean security boundary for compliant authenticated experiences. This is particularly important for Microsoft’s “user-facing products,” which require compliance with regulatory requirements.
- Simplifying matters for IT departments: By consolidating all user-facing Microsoft 365 apps and services into a unified domain name, IT departments can simplify their operations, reducing the time and resources required to manage the services.
Implications for IT professionals
IT professionals will need to be aware of the following implications of this change:
- Tracking URL changes: Changes to the Microsoft 365 IP addresses and URLs are usually published near the end of each month. IT professionals will need to track these changes as part of their change management practices.
- Advance notice: IT departments will get at least 30 days advance notice before Microsoft makes a domain name change that would require a customer network configuration.
- Allow list updates: Admins seeking to update their allow lists will find that *.cloud.microsoft has already been added to the official list of Office 365 URLs and IP address ranges.
The announcement was focused on the domain-name change for Microsoft 365 apps and services, but other Microsoft workloads could get a similar treatment, Microsoft’s FAQ suggested. Azure services might be next, but Microsoft has not commented on such prospects.
IT professionals can also seek clarification on this changeover to the “cloud.microsoft” domain for Microsoft 365 apps and services in a May 24 “Ask Microsoft Anything” session.
The domain-name change for Microsoft 365 apps and services is a significant development that will have far-reaching implications for IT professionals. By consolidating all user-facing Microsoft 365 apps and services into a unified domain name, Microsoft aims to simplify endpoint allow-list management and establish a clean security boundary for compliant authenticated experiences. However, IT professionals will need to track URL changes and be aware of the implications of the changeover. With adequate preparation and planning, this change can help IT departments streamline their operations and enhance security for user-facing Microsoft 365 apps and services.