Allow only inbound traffic from Microsoft o365 to hybrid Exch server?
We are moving to a hybrid model for our Exchange system. The Exchange server that is going to be the link between on-prem and cloud has to have a public static IP address. Normally, when we allow traffic in from the outside to a server we restrict the ip range that can enter by using a address group on the source portion of the IPv4 policy. If I am correct in my research at Microsoft this is around 200 FQDN's including some wildcards. Wildcards don't make sense in this use because you can't do a dns lookup on a wildcard name - there could be an infinite number of subdomains. I'm sure I'm not the only Fortinet user with a hybrid model so what do you suggest? I just hate the thought of opening up the server to the whole world.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.