We are seeing some traffic to https://aadcdn.msauth.us/ looks like it might be related MS Office 365 authentication CDN.
There is no categorization for this url from Zscaler, As of now it is “Miscellaneous or Unknown”
We are not sure if it should be explicitly allowed or blocked.
Any opinion from the Community?
Thanks,
that’s an interesting one. The URL looks very similar to some used by Microsoft Azure authentication, but I don’t see that particular one on their list. Are you sure it’s not msauth.net? I checked whois on msauth.us and it says owned by Microsoft. Note: MS has a ridiculous amount of domains that are required for Azure authentication and various O365 apps / services.
Office 365 URLs and IP address ranges - Microsoft 365 Enterprise | Microsoft Learn
Interesting
Should ZScaler include these URL’s into Office 365 One Click Rule?