Summary

Even having a geo-fence in your environment is not enough anymore. Attackers are using Anonymous Proxies to jump the geo-fence and attack environments. To help prevent that, you can block those proxies using Microsoft Defender for Cloud Apps.

Perquisites

You must have a Conditional Access Application Control policy deployed.

Steps to enable the block of the proxies.

1. Navigate to Microsoft Defender XDR.
2. Navigate to Cloud Apps > Policies > Policy Management
3. Select Create Policy > Access Policy