CloudMicrosoft 365Office 365

Exchange Online Protection – MS 365 Advance Threat Protection

Photo of Techi Jack Techi JackJanuary 16, 2021
0 1,538 3 minutes read
exchange online protection

Exchange Online Protection

Exchange Online Protection is a service that protects Exchange organization from viruses and spam emails.

As you know, an email system is a critical service for any business and no business wants to compromise with an email system.

You need to purchase it for your on-premises organization to secure your exchange.

However, Exchange online already include this service with the subscription.

EOP Exchange online protection is an online service that does not require any additional hardware and software.

 

How you can use Exchange Online Protection (EOP)

You can use EOP in the following scenarios

Standalone Scenario: It’s a cloud base protection for the exchange, legacy system, or any SMTP email system. An organization has to pay for it as an additional service.

 

As Microsoft Exchange Online: If you are using exchange online, the EOP service is already protecting your exchange from virus and spam emails.

By Default Microsoft Exchange online has this service.

If your organization is using Online Exchange, there is no need to purchase EOP at additional cost.

 

Hybrid Exchange Environment: you can also use EOP if you are using an exchange hybrid environment.

You can configure mail routing in a mixed-mode so that, email can land securely.

 

Functionality Of EOP

  • EOP scans incoming, outgoing emails along with internal messages, which helps to protect the organization from malicious content.
  • Multiple antivirus system helps to protect with email-borne and other malicious code.
  • It uses robust anti-spam technology to achieve higher accuracy.
  • Provides the different filters to comply with government regulation and corporate policies.
  • With the help of directory edge-based blocking It rejects the messages sent to invalid users.
  • Powerful anti-spoofing protection by supporting SPF, DKIM, Dmarc
  • However, if Exchange on-premises is combined with Azure AD, it automatically synchronizes the safe list and block list.
  • All the functionality is inbuilt and no additional settings are required to configure filtering.
  • You need to only configure the Send connector in the on-premises Exchange environment so that messages are sent to the EOP for scanning

 

Microsoft 365 Advanced Threat Protection

Microsoft 365 advance threat protection delivers additional protection against advanced threats, such as advance malware & malicious URLs.

Therefore, some of the functionality of (ATP) are below

ATP has an extra layer of the latest protection for viruses and malware, that has three different scanning protection engine.

 

Protection Against Unknown Virus & Malware:

ATP uses the safe attachment feature to defense against unknown viruses and malware and provides better security to the messaging system.

All the attachments and messages that do not have any sign of virus or malware are routed to different hypervisor systems.

Therefore, this system analyzes the behavior of attachments and messages via machine learning and analysis techniques.

Finally, if no suspicious activity is found, then the message is released for successful delivery.

 

Real-Time Click Protection:

Though, EOP Scans each and every message in transit and also try to block the malicious hyperlinks in the emails.

However, sometimes hackers try to hide the malicious URLs, that pretends to be a safe URL.

In such a case, the link will redirect the user to the unsafe site.

But the safe link feature of Advance Threat Protection (ATP) protects the users if they click on such a link intentionally or accidentally.

ATP only blocks the bad links, whereas it allows the good link to open for the users.

 

URL Trace & Rich Reporting:

Atp has tracking capabilities and rich reporting which identifies the category of the attack.

Moreover, message tracing helps to investigate messages that have unknown viruses or malware.

Also, URL tracing helps in tracking malicious links in the messages.

 

Before Configuring Mailflow using Exchange Online Protection

For inbound and outbound mail flow, you should think that, do you really want an on-premises anti-spam solution or move to EOP.

If you are already using any anti-spoofing system.

So, before moving to the Exchange Online Protection system, you have to reconfigure your DNS records, such as SPF, Dmarc & DKIM.

By reconfiguring the above record in your DNS you can get anti-spoofing protection.

In case of any query feel free to contact on info@techijack.com

For further reading about how eop works visit

Photo of Techi Jack Techi JackJanuary 16, 2021
0 1,538 3 minutes read
Photo of Techi Jack

Techi Jack

Techi Jack is an alternate internet name for Vikas Jakhmola, an IT professional with more than 12 years' experience. Currently, he is working as a freelancer. His experience includes setting up networks and servers for multiple organizations. He has been working with the server since 2003. TechiJack, or Vikas Jakhmola, shares his expertise and knowledge on his blog and in training courses.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, Techi Jack  |  All Rights Reserved  |  Made #withGovind

All third party trademarks™ or registered® trademarks (including logos and icons) referenced by Techi Jack (“Techijack”) remain the property of their respective owners. Exchange Server, Windows, Windows Server, and DirectSound are registered trademarks of Microsoft Corporation. Unless specifically identified as such, Techijack’s use of third party trademarks does not indicate any relationship, sponsorship, or endorsement between Techijack and the owners of these trademarks. Any references by Techijack to third party trademarks is to identify the corresponding third party goods and/or services and shall be considered nominative fair use under the trademark law.

Back to top button