Feb 15 2018 11:13 AM
Feb 15 2018 12:56 PM - edited Feb 15 2018 12:56 PM
Feb 15 2018 12:56 PM - edited Feb 15 2018 12:56 PM
two words: Conditional Access
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-location...
Feb 19 2018 03:09 AM
SolutionWell, one more: ADFS. In case you are already using ADFS, or you find the cost of the AAD Premium license required by Conditional access prohibitive, you can adjust your ADFS claims rules to restrict logins to specific IPs only.
Feb 19 2018 10:29 AM
Thank you for your response.
Conditional access would be too expensive.
I tried Cloud App security that does seem to work well. Atleast gives me an option to block the sign-in.
Feb 19 2018 10:31 AM
ADFS claim rule might work for me but gathering the risky IP address is little difficult because it keeps changing but location remains same.
Feb 19 2018 03:09 AM
SolutionWell, one more: ADFS. In case you are already using ADFS, or you find the cost of the AAD Premium license required by Conditional access prohibitive, you can adjust your ADFS claims rules to restrict logins to specific IPs only.