Forum Discussion

MVP

Jun 23, 2016

Office 365 Advanced Security Management

It's included in the E5 plan, but should something as interesting as this be in the E3 plan too? https://thoughtsofanidlemind.com/2016/06/06/office-365-advanced-security-management/

Nicky De Westelinck

Brass Contributor

Mar 30, 2017

Hi all, I've got a question about licensing for ASM. Do every active user needs a license? Or just the Admins who will monitor ASM? Thanks in advance!

TonyRedmond

MVP

Apr 05, 2017

Per https://support.office.com/en-us/article/Opt-in-steps-for-Advanced-Security-Management-ba919c73-d021-404d-9850-eec57e78678c?ui=en-US&rs=en-US&ad=US&fromAR=1

"It's easy to begin using Advanced Security Management in Office 365. Make sure your users are licensed for Office 365 Enterprise E5 or for the add-on subscription for Advanced Security Management"

Ivan54
Bronze Contributor
Apr 19, 2017
Hi TonyRedmond,

as there almost no other threads around "advanced security management" I thought I ask here.
I see multiple entries that are probably irrelevant, but still strange to see, maybe you can help explain them.

Why are there multiple file access / items created entries in the activity log originating from some "Cloud Provider" IP Adress or Location.

The second screenshot is what mostly confused me, as is shows that a user account access a file from a datacenter ip address in Netherlands, which seems to be an Azure Data Center Location.
We're based in Europe, Austria, so it seems confusing that some access logs show our proper public IP address, while other entries show some Azure DC location and IP.

Is there any explanation to this?