Company logoHelp Center
Visit www.threatlocker.com

Creating Named Locations to Use in M365 Conditional Access

3 min. readlast update: 12.12.2024

Feature Coming Soon!

Using ThreatLocker Network Control, create dynamic ACLs for Microsoft 365. Named Locations created in ThreatLocker will automatically be updated in connected 365 tenants.

Prerequisites

  • Office 365 Connector configured in ThreatLocker
  • ThreatLocker Network Control must be enabled
  • Minimum Entra P1 license 
  • Security defaults must be disabled in Entra
  • To include mobile devices, devices must have the ThreatLocker Access app installed and be registered in the ThreatLocker portal

Microsoft Limitations

  • Tenants can have no more than 195 Named Locations
  • Each Named Location can have no more than 2000 individual IP addresses or ranges
  • Named Locations cannot be updated incrementally

Named Locations Main Page

Filter Bar

  1. Applies To - Filter the page to only show specific "Applies To" (Computers and Groups)
  2. Search - Start typing to search for a specific Named Location
  3. Filter By - Select which 365 Tenant to view Named Locations for

Main Grid

  1. Named Location - Displays the name of the Named Location
  2. Tenant - Displays the name of the tenant that Named Location belongs to
  3. Object Name -Displays the ThreatLocker Object(Applies To) that is contained in the Named Location
  4. Description - Displays the description if one was provided
  5. Last Updated - Displays the date/time the Named Location was last updated in the ThreatLocker sidebar
  6. Delete - Delete the Named Location from ThreatLocker and  from 365

 

Creating Named Locations

Please Note: It is recommended that you create multiple smaller named locations instead of a single larger one.

Navigate to Network Control > 365 Conditional Access

Select the "New Named Location" button in the top left corner. The Create/Edit Named Location sidebar will slide out from the right.

Create/Edit Named Location Sidebar

  1. Name - Provide a name for the Named Location (All Named Locations will automatically be prefixed with ThreatLocker-)
  2. Description - Input a description if desired
  3. Tenant - Select the connected 365 tenant this Named Location will be synced to
  4. Applies To - Select the ThreatLocker objects (Groups or Computers) that will be contained in this Named Location
  5. Save - Press the Save button to save this Named Location

On save, the last known IP address of every object contained in the Named Location will be collected and shipped to Microsoft.  Approximately every 10 seconds, ThreatLocker will compare the IP addresses last shipped to Microsoft with the current IP address list and if there are any changes, the Named Location in Microsoft will be updated.

After creating Named Locations in ThreatLocker, an Entra administrator will need to create Conditional Access policies using them. For more information on creating a Conditional Access policy to control access to M365, please see the associated article: Controlling Access to M365 Resources Using Conditional Access and Named Locations | ThreatLocker Help Center

For assistance with creating Named Locations, please reach out to the Cyber Hero Support Team.

 

 

 

 

Was this article helpful?