Protect Your Organization with Exchange Online Protection (EOP)

Download Report

Transcript Protect Your Organization with Exchange Online Protection (EOP)

Security
challenges
•
•
•
•
Multi-engine malware protection
Continuously evolving anti-spam protection
Data Loss Prevention features
Encryption of sensitive email
Common administration console
•
•
Office 365 integration
Detailed reporting
Enterprise class reliability
•
•
•
•
Geographically load-balanced datacenters
Queuing capabilities to help ensure no mail is lost
24x7x365 Microsoft Support
$$$ backed SLA
Used by many
100,000s of
customers
Used by many
10,000,000s of
users
Processing Billions
of emails a day
Supported by SMEs
who wrote the code
24x7x365
Using Thousands of
servers
Across dozens of
Datacenters
worldwide
EOP
Corporate Network
On-premises server - Inbound and Outbound email
filtered through EOP
Spam Analysts
Email is routed to EOP DC based on MX record
resolution
(Contoso-com.mail.protection.outlook.com)
IP-based edge
blocks
Envelope blocks
Virus
Scanning
AV Engine 1
Customer
Feedback
Policy Enforcement
SPAM Protection
False +ve / -ve
Safe Sender/Recipient
Custom Rules
AV Engine 2
Content scanning and
Heuristics
SPF & Sender ID Filter
AV Engine 3
Bulk Mail filtering
International Spam
Quarantine
Advanced SPAM
management
Corporate Network
Corporate Network
Virus
Scanning
AV Engine 1
AV Engine 2
Policy Enforcement
SPAM Protection
Custom Rules
Content scanning and
Heuristics
Outbound Pool
Low Score
Advanced SPAM
management
AV Engine 3
High Score
Quarantine
Spam Analysts
High Risk Delivery
Pool
• 1. Connection filtering
• Blocks up to 80% of all spam
based on IP block/allow lists.
• 2. Sender-Recipient Filtering
• Blocks up to 15% of all spam
based on internal lists and
sender reputation.
• 3. Content Filtering
• Blocks up to 5% of all spam
based on internal lists and
heuristics.
10
• Connection filtering
• Static IP allow/block list
• Opt-in to Microsoft-maintained
reputable sender list
• Content spam categories
• Blatant spam
• High confidence spam
• Content Filtering Actions
•
•
•
•
•
Delete
Quarantine
Add X-Header
Modify Subject
Redirect
Block external threats quickly
Block email based on language
Advanced fingerprinting technologies
that identify and stop new spam and
phishing vectors in real time.
Enable more control
Mark all bulk messages as spam
Block email based on geography
Block unwanted email based on
language or geographic origin
• Suspect junk mail by default goes
to the Outlook junk mail folder.
• Uses Outlook safe senders and
block lists.
• SPAM Quarantine is currently
available to administrators only, but
end-users will get access shortly.
• Email Spam Notification for the
end-users
14
Delete messages
Delete attachments
Sender notifications
Robust, customizable
notifications
Admin notifications
16
• Same rule set as Exchange Transport Rules
• Includes some new conditions:
• The sender…IP matches any of these addresses
• Attachment scanning
• Any attachment…has executable content
• The message…contains sensitive information
• The message…size exceeds
17
• Same rule set as Exchange Transport Rules
• Includes some new actions:
• Generate incident report
• Require TLS Encryption
• Put message in quarantine mailbox
• Use the following outbound connector…
18
• Same rule set as Exchange Transport Rules
• Includes some new options:
• Rules can be configured to run for a specific time period
• Rules can be run in Test Mode
• Information Rights Management and Office 365 Message Encryption can
be applied to messages using a transport rule.
19
Helps to
• identify
• monitor
• protect
sensitive data through
deep content analysis.
Extended Message trace and improved reporting
Directory Based Edge Blocking
Match Sub-domains
Remote PowerShell for customers without hosted
mailboxes
 End user access to Quarantine
 DKIM for inbound email
 Support for IPV6




No Am
EMEA
PRC
APAC
•
•
•
•
Multi-engine malware protection
Continuously evolving anti-spam protection
Data Loss Prevention features
Encryption of sensitive email
Common administration console
•
•
Office 365 integration
Detailed reporting
Enterprise class reliability
•
•
•
•
•
Geographically load-balanced datacenters
Queuing capabilities to help ensure no mail is lost
24x7x365 Microsoft Support
$$$ backed SLA
EOP provisioned through the Office 365 commerce platform
Session
Title
Timing
Tue 10:45 AM - 12:00 PM
Room
SPR.202
Encryption in Exchange
Ballroom E
SPR.201
Eliminate the Regulatory Compliance
Nightmare
Tue 9:00 AM-10:15 AM
MR 19ab
SPR.UN.305
Exchange Online Protection: Notes
from the field
Wed 10:15 AM – 11:30 AM
Ballroom G
SPR.UN.304
Experts Unplugged: EOP &
Encryption
Wed 8:30-9:45 AM
Wed 1:00-2:15 PM
MR 18d
MR 17b
SPR.401
Extending Data Loss Prevention For
Your Business
Wed 4:45 PM- 6:00 PM
MR 18bc
SPR.203
Protect your Organization with
Exchange Online Protection (EOP)
Mon 4:30 PM - 5:45 PM
MR 18bc
SPR.301
So how does Microsoft handle my
spam?
Tue 4:45 PM – 6:00 PM
MR 19ab
SPR.401
Using Connectors & Mail Routing
Wed 2:45 PM - 4:00 PM
MR 18bc
ARC.304
Exchange Server 2013 Transport
Architecture
Tues 9:00 AM - 10:15 AM
Ballroom F
EDC.302
Advanced Data Loss Prevention in
Exchange
Tues 1:30 PM-2:45 PM
Ballroom F
EDC.UN.301
Experts Unplugged: Data Loss
Prevention
Tue 3:00 PM-4:15 PM
Wed 10:15 AM-11:30 AM
MR 18d
MR 13ab
EDC.204
Data Loss Prevention in Exchange,
Outlook, OWA
Mon 2:45 Pm-4:00PM
MR 18bc
MNG.304
Reporting On O365 Mail flow and
Mailbox Data
Wed 1:00 PM-2:15 PM
MR 17a