check before: 2024-09-01
Product:
Defender, Defender for Office 365, Defender XDR, Exchange
Platform:
Online, US Instances, Web, World tenant
Status:
Launched
Change type:
Admin impact, New feature, Updated message
Links:
![](https://app.cloudscout.one/wp-content/uploads/2020/01/csodots96.png)
Details:
Summary:
Microsoft Defender for Office 365 is updating to support IPv6 in Tenant Allow/Block List, with a revised rollout timeline starting early October 2024. This update applies to customers with specific service plans and will allow admins to block or allow IPv6 addresses without submissions. Rollout requires no admin action prior to the update.
Details:
Updated October 11, 2024: We have updated the timeline below. Thank you for your patience.
NOTE: This applies to customers with Microsoft Exchange Online Protection or Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans. https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-ip-addresses-configure
Soon, it will be possible to create IPv6 allow and block entries in the Tenant Allow/Block Lists.
This message is associated with Microsoft 365 Roadmap ID 406166.
[When this will happen:]
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early October 2024 (previously late September) and expect to complete by mid-October 2024 (previously early November).
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2024-09-14
updated:
2024-10-12
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft's update to Defender for Office 365 will enable support for IPv6 addresses in the Tenant Allow/Block List, allowing administrators to specify which IPv6 addresses can send emails to their organization, with the rollout beginning in early October 2024.
Direct effects for Operations**
IPv6 Implementation
Without preparation, the introduction of IPv6 allow/block entries may lead to misconfigurations, resulting in legitimate emails being blocked or spam emails being allowed, negatively impacting communication.
- roles: IT Admin, End Users
- references: https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-ip-addresses-configure, https://learn.microsoft.com/defender-office-365/connection-filter-policies-configure
User Experience Disruption
If admins do not create appropriate IPv6 entries post-rollout, users may experience delays or failures in receiving important emails, leading to frustration and decreased productivity.
- roles: End Users, IT Support
- references: https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-email-spoof-configure?source=recommendations, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=406166
Increased Support Requests
The lack of preparation for the new IPv6 functionality may result in an increase in support requests from users facing email issues, straining IT resources.
- roles: IT Support, IT Admin
- references: https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-ip-addresses-configure, https://security.microsoft.com/tenantAllowBlockList
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
XXXXXXX ... free basic plan only
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
![](https://app.cloudscout.one/wp-content/uploads/2020/01/csodots96.png)
change history
Date | Property | old | new |
2024-10-12 | MC Messages | Updated September 30, 2024: We have updated the timeline below. Thank you for your patience.
NOTE: This applies to customers with Microsoft Exchange Online Protection or Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans. https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-ip-addresses-configure Soon, it will be possible to create IPv6 allow and block entries in the Tenant Allow/Block Lists. This message is associated with Microsoft 365 Roadmap ID 406166. [When this will happen:] General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early October 2024 (previously late September) and expect to complete by early November 2024 (previously late October). | Updated October 11, 2024: We have updated the timeline below. Thank you for your patience.
NOTE: This applies to customers with Microsoft Exchange Online Protection or Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans. https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-ip-addresses-configure Soon, it will be possible to create IPv6 allow and block entries in the Tenant Allow/Block Lists. This message is associated with Microsoft 365 Roadmap ID 406166. [When this will happen:] General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early October 2024 (previously late September) and expect to complete by mid-October 2024 (previously early November). |
2024-10-12 | MC Last Updated | 10/01/2024 02:16:32 | 2024-10-11T23:57:37Z |
2024-10-12 | MC Summary | Microsoft Defender for Office 365 will soon support IPv6 allow and block entries for customers with specific service plans. The rollout will begin in early October 2024 and complete by early November 2024, allowing admins to manage IPv6 addresses directly in the Tenant Allow/Block Lists. | Microsoft Defender for Office 365 is updating to support IPv6 in Tenant Allow/Block List, with a revised rollout timeline starting early October 2024. This update applies to customers with specific service plans and will allow admins to block or allow IPv6 addresses without submissions. Rollout requires no admin action prior to the update. |
2024-10-01 | MC Messages | Updated September 27, 2024: We have updated the content. Thank you for your patience.
NOTE: This applies to customers with Microsoft Exchange Online Protection or Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans. https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-ip-addresses-configure Soon, it will be possible to create IPv6 allow and block entries in the Tenant Allow/Block Lists. This message is associated with Microsoft 365 Roadmap ID 406166. [When this will happen:] General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late September 2024 and expect to complete by late October 2024. | Updated September 30, 2024: We have updated the timeline below. Thank you for your patience.
NOTE: This applies to customers with Microsoft Exchange Online Protection or Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans. https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-ip-addresses-configure Soon, it will be possible to create IPv6 allow and block entries in the Tenant Allow/Block Lists. This message is associated with Microsoft 365 Roadmap ID 406166. [When this will happen:] General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early October 2024 (previously late September) and expect to complete by early November 2024 (previously late October). |
2024-10-01 | MC Last Updated | 09/28/2024 02:10:36 | 2024-10-01T02:16:32Z |
2024-10-01 | MC Summary | Microsoft Defender for Office 365 will soon support IPv6 entries in Tenant Allow/Block List for customers with specific service plans. Rollout starts late September 2024 and ends late October 2024, allowing admins to block or allow IPv6 addresses without prior submissions. | Microsoft Defender for Office 365 will soon support IPv6 allow and block entries for customers with specific service plans. The rollout will begin in early October 2024 and complete by early November 2024, allowing admins to manage IPv6 addresses directly in the Tenant Allow/Block Lists. |
2024-09-28 | MC prepare | This rollout will happen automatically by the specified date with no admin action required before the rollout. If one wants to block emails from IPv6 addresses or allow email from IPv6 addresses, the admin need to create entries to do so.
https://learn.microsoft.com/defender-office-365/connection-filter-policies-configure https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-email-spoof-configure?source=recommendations https://learn.microsoft.com/Exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/enhanced-filtering-for-connectors https://learn.microsoft.com/powershell/module/exchange/new-tenantallowblocklistitems?view=exchange-ps https://security.microsoft.com/tenantAllowBlockList https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=406166 | This rollout will happen automatically by the specified date with no admin action required before the rollout. If one wants to block emails from IPv6 addresses or allow email from IPv6 addresses, the admin need to create entries to do so.
Additional references: Allow or block IP addresses using the Tenant Allow/Block List - Microsoft Defender for Office 365 | Microsoft Learn https://learn.microsoft.com/defender-office-365/connection-filter-policies-configure https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-email-spoof-configure?source=recommendations https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-ip-addresses-configure https://learn.microsoft.com/Exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/enhanced-filtering-for-connectors https://learn.microsoft.com/powershell/module/exchange/new-tenantallowblocklistitems?view=exchange-ps https://security.microsoft.com/tenantAllowBlockList https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=406166 |
2024-09-28 | MC MessageTagNames | New feature, Admin impact | Updated message, New feature, Admin impact |
2024-09-28 | MC Summary | Microsoft Defender for Office 365 will soon support IPv6 allow/block entries for customers with specific service plans. Rollout begins late September 2024, with completion by late October 2024. Admins can manage entries via the Defender portal or PowerShell without submissions. Entry limits vary by plan. | Microsoft Defender for Office 365 will soon support IPv6 entries in Tenant Allow/Block List for customers with specific service plans. Rollout starts late September 2024 and ends late October 2024, allowing admins to block or allow IPv6 addresses without prior submissions. |
2024-09-28 | MC Last Updated | 09/14/2024 00:26:38 | 2024-09-28T02:10:36Z |
2024-09-28 | MC Messages | NOTE: This applies to customers with Microsoft Exchange Online Protection or Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans.
Soon, it will be possible to create IPv6 allow and block entries in the Tenant Allow/Block Lists. This message is associated with Microsoft 365 Roadmap ID 406166. [When this will happen:] General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late September 2024 and expect to complete by late October 2024. | Updated September 27, 2024: We have updated the content. Thank you for your patience.
NOTE: This applies to customers with Microsoft Exchange Online Protection or Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans. https://learn.microsoft.com/defender-office-365/tenant-allow-block-list-ip-addresses-configure Soon, it will be possible to create IPv6 allow and block entries in the Tenant Allow/Block Lists. This message is associated with Microsoft 365 Roadmap ID 406166. [When this will happen:] General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late September 2024 and expect to complete by late October 2024. |
2024-09-28 | MC Title | Microsoft Defender for Office 365: Tenant Allow/Block List will support IPv6 allow and block entries | (Updated) Microsoft Defender for Office 365: Tenant Allow/Block List will support IPv6 allow and block entries |
2024-09-28 | MC How Affect | Before this rollout: Admins cannot block or allow IPv6 addresses.
After this rollout, you can make IPv6 allow and block entries in these formats: Colon-hexadecimal notation single IPv6 address (for example, 2001:0db8:85a3:0000:0000:8a2e:0370:7334) Zero compression single IPv6 address (for example, 2001:db8::1) Classless inter-domain routing (CIDR) IPv6 (for example, 2001:0db8::/32). The range supported is 1-128. The IP block entry will drop any email sent from that IP at the edge, whereas the IP allow will just override the IP filtering, allowing the rest of the Defender for Office 365 stack to evaluate threats. IP block has a higher priority over IP allow entries. Admins can create entries in the Defender portal or with the Microsoft PowerShell New-TenantAllowBlockListItems cmdlet (ListType parameter with value IP) without need for submissions. This change will not impact any of your current Tenant Allow/Block List entries or your IPv4 entries in the hosted connection filter policy or enhanced filtering connection policy Last used date support for IPv6 allow and block will be added soon. Entry limits for IPv6: Exchange Online Protection: The maximum number of allow entries is 500, and the maximum number of block entries is 500 (1000 entries in total). Defender for Office 365 Plan 1: The maximum number of allow entries is 1000, and the maximum number of block entries is 1000 (2000 entries in total). Defender for Office 365 Plan 2: The maximum number of allow entries is 5000, and the maximum number of block entries is 10000 (15000 entries in total). Permissions: The same existing set of permissions we have for Tenant Allow/Block List will also apply to this rollout. | Before this rollout: Admins cannot block or allow IPv6 addresses.
After this rollout, you can make IPv6 allow and block entries in these formats: Colon-hexadecimal notation single IPv6 address (for example, 2001:0db8:85a3:0000:0000:8a2e:0370:7334) Zero compression single IPv6 address (for example, 2001:db8::1) Classless inter-domain routing (CIDR) IPv6 (for example, 2001:0db8::/32). The range supported is 1-128. The IP block entry will drop any email sent from that IP at the edge, whereas the IP allow will just override the IP filtering, allowing the rest of the Defender for Office 365 stack to evaluate threats. IP block has a higher priority over IP allow entries. Admins can create entries in the Defender portal or with the Microsoft PowerShell New-TenantAllowBlockListItems cmdlet (ListType parameter with value IP) without need for submissions. This change will not impact any of your current Tenant Allow/Block List entries or your IPv4 entries in the hosted connection filter policy or enhanced filtering connection policy Last used date support for IPv6 allow and block will be added soon. Entry limits for IPv6: Exchange Online Protection: The maximum number of allow entries is 500, and the maximum number of block entries is 500 (1000 entries in total). Defender for Office 365 Plan 1: The maximum number of allow entries is 1000, and the maximum number of block entries is 1000 (2000 entries in total). Defender for Office 365 Plan 2: The maximum number of allow entries is 5000, and the maximum number of block entries is 10000 (15000 entries in total). Permissions: The same existing set of permissions we have for Tenant Allow/Block List will also apply to this rollout. |
Last updated 4 weeks ago