Forum Discussion
What is "Microsoft SharePoint Online and OneDrive for Business Infra Endpoints" in Cloud Apps
Hi adiii,
"Microsoft SharePoint Online and OneDrive for Business Infra Endpoints" combines a set of destination IP addresses, DNS domain names, and URLs essential for Microsoft 365 traffic on the Internet.
These endpoints are vital for establishing connectivity from a user's device to Office 365 and are categorized into four service areas representing three primary workloads and a set of common resources.
The distinction between "Microsoft SharePoint Online and OneDrive for Business Infra Endpoints" and the conventional "Microsoft OneDrive for Business" lies in their intended purpose and functionality:
OneDrive for Business serves as an individual's personal storage in Microsoft's cloud, where confidential documents and files can be stored without accessible to others in the organization.
SharePoint Online, on the contrary, functions as collaborative cloud storage, suitable for documents intended for group collaboration among colleagues. It offers advanced features such as news posting and enhanced collaboration tools, fostering efficient communication and teamwork on shared projects.
In summary, both OneDrive for Business and SharePoint Online provide storage in Microsoft's cloud, with OneDrive primarily serving to personal use and SharePoint serving as a platform for collaborative work.
Office 365 URLs and IP address ranges - Microsoft 365 Enterprise | Microsoft Learn
Microsoft 365 endpoints - Microsoft 365 Enterprise | Microsoft Learn
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)
Thanks for your response. I still not understand the behaviour of the alert from Cloud Apps and how to respond to it. Do you have an example, when "... infra Endpoint" and normal Onedrive / Sharepoint is used?
In the meantime I had a discussion with the user and he created large VM disk files within his Documents Folder, which is synced to Onedrive. I do not understand why the alert comes up in the App "Microsoft SharePoint Online and OneDrive for Business Infra Endpoints" and not in conventional Onedrive / Sharepoint.
Any ideas? Thanks a lot, appriciate your time!
Regards,
Adii
Hi adiii,
the reason the alert appears in the app "Microsoft SharePoint Online and OneDrive for Business Infra Endpoints" instead of the conventional OneDrive/SharePoint is connected to specific network traffic patterns associated with the upload.
The "Infra Endpoints" can be involved in handling such large data transfers, so it triggers the alert.
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic
(LinkedIn)- Hi Leon
Appologize but it still makes no sence to me (from an Incident Response point of view, not because of large traffic handling on the client). In Cloud Apps you can't see the data within the alert / Incident, when the data is uploaded to "Microsoft SharePoint Online and OneDrive for Business Infra Endpoints". It only tells me the amount of data and from where to where. So you need to check manually whats on the Endpoint and whats in the conventional onedrive. So there is a lack of visibility in this specific case, because the alert goes to the "Microsoft SharePoint Online and OneDrive for Business Infra Endpoints" and not to the conventional one.
Regards,
Adii