How can we improve Azure Active Directory?

← Azure Active Directory

Allow blocking "Sign-ins from anonymous IP addresses"

I would like to be able to block ALL sign-ins from anonymous IP addresses.

240 votes
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Cris shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

48 comments

Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Geoff commented  ·   ·  Flag as inappropriate

    Please help us Microsoft and start working on this. It is maddening that it can be detected as an azure risk but we cannot block it

  • Ben commented  ·   ·  Flag as inappropriate

    First, create an Azure "Named Location" with the IP Address list that you would like to block then created a "Conditional Access" Policy to block the Named location.

  • Anonymous commented  ·   ·  Flag as inappropriate

    If you click on the preview of named locations it will allow you to add IPV6 addresses. It works perfectly thank you.

  • David S. commented  ·   ·  Flag as inappropriate

    Any update with blocking anonymous IP addresses this is a large security concern, and has been over 19 months since the last update

  • Hafeez MAJEK commented  ·   ·  Flag as inappropriate

    Please can you kindly make the Blocking of Sign-ins from Anonymous IP address a default rule within O365 email protection policies?

    WHY IS MICROSOFT LETTING CUSTOMERS REMAIN EXPOSED TO LOGINs FROM ANONYMOUS SOURCES!!!!!!

  • Nick McIntosh commented  ·   ·  Flag as inappropriate

    This needs to be prioritized or a workaround needs to be provided. This is a huge miss for Microsoft.

  • Donato, Mark commented  ·   ·  Flag as inappropriate

    This needs to be implemented. It is absolutely ridiculous to me that Microsoft does not realize how serious of a threat this is.

  • Arshad Sheikh commented  ·   ·  Flag as inappropriate

    Majority of the attackers use Anonymizer / TOR, but there is no way to block these connections using conditional access? Every single tool, MCAS / Sentinel report this but no way to prevent it. Any ETA on this.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Hit the "vote" button above and vote for this feature. It lags behind many others at the moment so I would assume the product team will focus on higher priority items. I don't know if you can vote multiple times but give it a try ! To see the competing features, hit the yellow "Planned" button.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Can we please get this feature? It does us no good to investigate TOR and anonymous logins hours after the fact, it would help if we could block these

  • Geoff commented  ·   ·  Flag as inappropriate

    In response to the question about including Tor and anonymous VPN - yes please! If it shows up in the risk events as a sign in from anonymous IP - I want to be able to block it with conditional access

  • Anonymous commented  ·   ·  Flag as inappropriate

    We wish to enforce a policy that blocks sign-in's from anonymous IP addresses as we need to ensure users are not bypassing a block on logins from certain regions. Without this being available, blocking access from locations is ineffective.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Planned status not updated since July (almost 6 months) means it is not planned !

← Previous 1 3

Azure Active Directory: Conditional Access

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice