CloudMicrosoft 365Office 365

Exchange Online Protection – MS 365 Advance Threat Protection

Exchange Online Protection

Exchange Online Protection is a service that protects Exchange organization from viruses and spam emails.

As you know, an email system is a critical service for any business and no business wants to compromise with an email system.

You need to purchase it for your on-premises organization to secure your exchange.

However, Exchange online already include this service with the subscription.

EOP Exchange online protection is an online service that does not require any additional hardware and software.


How you can use Exchange Online Protection (EOP)

You can use EOP in the following scenarios

Standalone Scenario: It’s a cloud base protection for the exchange, legacy system, or any SMTP email system. An organization has to pay for it as an additional service.


As Microsoft Exchange Online: If you are using exchange online, the EOP service is already protecting your exchange from virus and spam emails.

By Default Microsoft Exchange online has this service.

If your organization is using Online Exchange, there is no need to purchase EOP at additional cost.


Hybrid Exchange Environment: you can also use EOP if you are using an exchange hybrid environment.

You can configure mail routing in a mixed-mode so that, email can land securely.


Functionality Of EOP

  • EOP scans incoming, outgoing emails along with internal messages, which helps to protect the organization from malicious content.
  • Multiple antivirus system helps to protect with email-borne and other malicious code.
  • It uses robust anti-spam technology to achieve higher accuracy.
  • Provides the different filters to comply with government regulation and corporate policies.
  • With the help of directory edge-based blocking It rejects the messages sent to invalid users.
  • Powerful anti-spoofing protection by supporting SPF, DKIM, Dmarc
  • However, if Exchange on-premises is combined with Azure AD, it automatically synchronizes the safe list and block list.
  • All the functionality is inbuilt and no additional settings are required to configure filtering.
  • You need to only configure the Send connector in the on-premises Exchange environment so that messages are sent to the EOP for scanning


Microsoft 365 Advanced Threat Protection

Microsoft 365 advance threat protection delivers additional protection against advanced threats, such as advance malware & malicious URLs.

Therefore, some of the functionality of (ATP) are below

ATP has an extra layer of the latest protection for viruses and malware, that has three different scanning protection engine.


Protection Against Unknown Virus & Malware:

ATP uses the safe attachment feature to defense against unknown viruses and malware and provides better security to the messaging system.

All the attachments and messages that do not have any sign of virus or malware are routed to different hypervisor systems.

Therefore, this system analyzes the behavior of attachments and messages via machine learning and analysis techniques.

Finally, if no suspicious activity is found, then the message is released for successful delivery.


Real-Time Click Protection:

Though, EOP Scans each and every message in transit and also try to block the malicious hyperlinks in the emails.

However, sometimes hackers try to hide the malicious URLs, that pretends to be a safe URL.

In such a case, the link will redirect the user to the unsafe site.

But the safe link feature of Advance Threat Protection (ATP) protects the users if they click on such a link intentionally or accidentally.

ATP only blocks the bad links, whereas it allows the good link to open for the users.


URL Trace & Rich Reporting:

Atp has tracking capabilities and rich reporting which identifies the category of the attack.

Moreover, message tracing helps to investigate messages that have unknown viruses or malware.

Also, URL tracing helps in tracking malicious links in the messages.


Before Configuring Mailflow using Exchange Online Protection

For inbound and outbound mail flow, you should think that, do you really want an on-premises anti-spam solution or move to EOP.

If you are already using any anti-spoofing system.

So, before moving to the Exchange Online Protection system, you have to reconfigure your DNS records, such as SPF, Dmarc & DKIM.

By reconfiguring the above record in your DNS you can get anti-spoofing protection.

In case of any query feel free to contact on

For further reading about how eop works visit

Back to top button