Internet Service Databases for Hybrid Exchange

bsmith1717 · ‎03-13-2024

Right now we have the inbound to our on premises Exchange server (hybrid - no mailboxes) set to 'All'. I need to use the ISD(s) to restrict to only MS. I have a Fortigate 100F with version 7. Anyone know which ones to use?

AEK · ‎03-13-2024

If not sure you can add all ISDBs starting with "Microsoft-". It will not harm.

As first step, keep the original policy (with All as source) below your new policy, until you ensure that the new policy matches all the required traffic, then you can delete it.

AEK

View solution in original post

AEK · ‎03-13-2024

If not sure you can add all ISDBs starting with "Microsoft-". It will not harm.

As first step, keep the original policy (with All as source) below your new policy, until you ensure that the new policy matches all the required traffic, then you can delete it.

AEK

bsmith1717 · ‎03-16-2024

I actually used the .allowed, .optimize, and Outlook ISDbs and so far all is good. Additionally, when keeping the 'All' source enabled below the new policy I did notice some traffic moving through that policy. At first I thought it was maybe some MS traffic that was missed by the above, but after logging the session I saw nothing but hacking attempts! Chine/Russia/India/Moldolva/Brazil etc. So I immediately disabled it and waiting now to see if all is still good! Thanks for the tip!!!

bsmith1717 · ‎03-16-2024