Microsoft Teams / Office 365 interference
We had an overview about Microsoft Teams and its external access feature in one of our previous blog post. In this blog post we are elaborating on some additional issues related to external access. Just to summarize it again, External access is a way for external Teams users from an entire domain to find, call, chat, and set up meetings with you in Teams. You can also use external access to communicate with external users who are still using Skype for Business.
Today almost every big (if not all) enterprises have some sort of Office 365 subscriptions hence their domain is provisioned in Office 365. Though Microsoft Teams are getting more and more popular we can see that there are customers who decide to use different collaboration platforms (e.g. on-premise Cisco UC, Slack, etc.) even if they have an active Office 365 subscription. There are platforms which offer native SIP Skype federation capabilities like the Cisco VCS. The problem is in this setup with External Access that the already existing domain matches with domain used on the external platform and will hijack the traffic even if Microsoft Teams is not used by the organization. This scenario the traffic will never reach the Skype interoperability gateway and the outside world.
Figure 1 — Microsoft Teams domain interferes with an onprem domain
To avoid these situations NextPlane offers an API based federation which makes sure that the traffic can bypass the internal domain lookup in Office 365 and the communication can be forced to break out from Office 365.
Figure 2 — Microsoft Teams traffic is forced to break out from Office 365
Originally published at https://nextplane.net on February 5, 2020.