What are the high-level Microsoft 365 Network Connectivity Principles?

Microsoft 365 has a massive presence in modern businesses (some reports claiming as high as 30% global productivity software market share). So it should come as no surprise that Microsoft has defined a set of architectural best practices for connecting and communicating with this platform. In today's article, I'd like to briefly summarize the core points.

• Identify Microsoft 365 Traffic
  • In order to prioritize Microsoft 365 network traffic, you need to be able to differentiate it from generic Internet traffic.
  • Microsoft has a published endpoint list which can be used to configure network devices properly.
• Connect locally / Keep it direct
  • Let users connect directly to the internet from their location instead of back-hauling everything through headquarters.
  • The shortest, most direct route between user and closest Microsoft 365 endpoint offers the best performance.
• Rethink Security Layers
  • (I'll be the first to admit that this principle is a bit controversial but I can understand the thought process.)
  • Use Microsoft 365 security features to reduce reliance on performance-impacting network security technologies.
  • Traditional proxies and inspection tools can slow things down.

From a practical standpoint, that means customers can implement some quick wins for immediate improvement:

• Setup local internet breakouts in SD-WAN topologies.
• Use split-tunnel VPNs - Let Microsoft 365 traffic bypass the VPN
• Deploy local DNS servers - If name resolution is fast and local, it'll take less time for endpoints to know where to go.

For more information, check out the following resource:

Microsoft 365 network connectivity principles - Microsoft 365 Enterprise

This article provides the most recent guidance for securely optimizing Microsoft 365 network connectivity.

Microsoft Learnkelleyvice-msft