Pre-requisites for Monitoring Microsoft Office 365 Environments

Before attempting to monitor Microsoft Office 365 or any of its cloud-based service offerings (eg., Exchange Online, SharePoint Online etc.), you need to make sure that certain pre-requisites are fulfilled. The general pre-requisites for Office 365 monitoring are as follows:

1. The eG agent should be deployed on a remote host running one of the following Windows versions:

   • Windows Server 2022
   • Windows Server 2016
   • Windows Server 2019
   • Windows 11
   • Windows 10
   • Windows 8.1
2. The Windows system hosting the remote agent should have internet connection.
3. .NET 4.8 (or above) should pre-exist on the eG agent host.
4. Windows Management Framework (WMF) 5.1.14 (or above) should be installed on the eG agent host
5. Basic authentication for WinRM should be enabled on the eG agent host. This is because, the eG agent collects loads of metrics from Microsoft Office 365 by executing the cmdlets of the Exchange Online PowerShell V2 (EXO V2) module. Though this module uses modern authentication, an important pre-requisite of this module is to enable basic authentication for WinRM. Please note that the eG agent will not be able to collect metrics from the cmdlets of the EXO V2 module if the basic authentication for WinRM is disabled using a Group Policy on the eG agent host.

In addition to the above, you need to fulfill a few more critical pre-requisites, before you can begin monitoring your Office 365 environment. These requirements vary according to the type/mode of authentication that is enabled for the target Microsoft O365 environment - Basic Authentication or Modern Authentication.

Basic authentication is the process of connecting to Office 365 applications using only a username and password. When you enter your username and password in an email client, these are transmitted to Exchange Online for verification and authentication before connecting you to the cloud service. One of the main vulnerabilities of basic authentication is that applications store user credentials on the device, which creates more opportunities for hackers trying to steal passwords. Moreover, many of Microsoft’s identity and access management features, like Conditional Access and multi-factor authentication (MFA) are not available with this Office 365 legacy authentication.

Modern authentication is a combination of different authentication and authorization methods to access Microsoft Office cloud resources. Modern authentication methods include options such as multi-factor authentication (MFA), certificate-based authentication (CBA) and smart cards. The modern authentication framework adds an extra layer of security for users logging in to their Microsoft 365 resources from client apps. In addition, it allows for conditional access policies.

To know the monitoring requirements for Office 365 environments where each of the above authentication modes are enabled, click on the corresponding links below:

Pre-requisites for Monitoring Office 365 Environments where Basic Authentication is Enabled

Pre-requisites for Monitoring Office 365 Environments where Modern Authentication is Enabled