Levon Esibov - PowerPoint Presentation

Slide1
Slide2

Levon EsibovPrincipal Group Program ManagerMicrosoft

Protect Your Organization with Exchange Online Protection (EOP)

SPR203Slide3

How may I protectmy employees from spam and malware

my company from data lossusing Exchange

Online

Protection

even if I’m not moving my mailboxes to the Cloud?Slide4

Security challenges

Rapidly evolving external threatsPotential loss of sensitive data Keeping email safe without impacting usersSlide5

Stop viruses and malware

Multi-engine malware protection

Continuously evolving anti-spam protection

Protect sensitive data

Data Loss Prevention features

Encryption of sensitive email

Common administration consoleOffice 365 integrationDetailed reportingEnterprise class reliabilityGeographically load-balanced datacentersQueuing capabilities to help ensure no mail is lost24x7x365 Microsoft Support$$$ backed SLA

Exchange Online Protection (EOP)Slide6

Exchange Online Protection in numbers

Used by many 100,000s of customers

Used by many 10,000,000s of users

Processing

Billions

of emails a day

Using Thousands of serversAcross dozens of Datacenters worldwideSupported by SMEs who wrote the code 24x7x365Slide7

EOP Conceptual Diagram

On-premises server - Inbound and Outbound email filtered through EOP

Corporate Network

EOPSlide8

EOP Inbound Filtering

Email is routed to EOP DC based on MX record resolution

(Contoso-com.mail.protection.outlook.com)

IP-based edge blocks

Envelope blocks

Virus

Scanning

AV Engine 1

AV Engine 2

AV Engine 3

SPAM Protection

Safe Sender/Recipient

Policy Enforcement

Custom Rules

Content scanning and Heuristics

Bulk Mail filtering

SPF & Sender ID Filter

Quarantine

International Spam

Advanced SPAM management

Customer Feedback

False +ve / -ve

Spam Analysts

Corporate NetworkSlide9

EOP Outbound Filtering

High Risk Delivery Pool

High Score

Outbound Pool

Low Score

SPAM Protection

Content scanning and Heuristics

Advanced SPAM management

Virus

Scanning

AV Engine 1

AV Engine 2

AV Engine 3

Policy Enforcement

Custom Rules

Quarantine

Spam Analysts

Corporate NetworkSlide10

1. Connection filtering

Blocks up to 80% of all spam based on IP block/allow lists.

2. Sender-Recipient

Filtering

Blocks up to 15% of all spam based on internal lists and sender reputation.

3. Content Filtering

Blocks up to 5% of all spam based on internal lists and heuristics. Multi-layered anti-spam protection10Slide11

Connection

filtering Static IP allow/block list

Opt-in to Microsoft-maintained reputable sender list

Content

spam

categories

Blatant spamHigh confidence spamContent Filtering ActionsDeleteQuarantineAdd X-HeaderModify SubjectRedirectControl anti-spam filtering 11Slide12

Effective spam blocking

Block external threats quickly

Advanced fingerprinting technologies that identify and stop new spam and phishing vectors in real time.

Enable more control

Mark all bulk messages as spam

Block unwanted email based on language or geographic origin

Block email based on language

Block email based on geographySlide13

Suspect junk mail by default goes to the Outlook junk mail folder.

Uses Outlook safe senders and block lists.

SPAM Quarantine is currently available

to administrators

only, but end-users will get access shortly.

Email Spam Notification for the end-users

Junk mail managementSlide14

Anti-malware

14Slide15

Simple configuration

Delete messages

Delete attachments

Robust, customizable notifications

Sender notifications

Admin notificationsSlide16

Managing policy

16Slide17

Same rule set as Exchange Transport Rules

Includes some new conditions:The sender…IP matches any of these addresses

Attachment scanning

Any attachment…has executable content

The message…contains sensitive information

The message…size exceeds

EOP Rules17Slide18

Same rule set as Exchange Transport Rules

Includes some new actions:Generate incident report

Require TLS Encryption

Put message in quarantine mailbox

Use the following outbound connector…

EOP Rules

18Slide19

Same rule set as Exchange Transport Rules

Includes some new options:Rules can be configured to run for a specific time period

Rules can be run in Test Mode

Information Rights Management

and Office 365 Message Encryption can

be applied to messages using a transport rule.

EOP Rules19Slide20

Helps to

identify

monitor

protect

sensitive data through deep content analysis.

Data Loss Prevention

Easy to useMonitorProtectIdentifySlide21

Common management console

Anti-spam, anti-malware and DLP controls integrated into the Exchange Admin Center and Office 365.Slide22

Admin DemoSlide23

Granular reporting options

Provides a clear view on spam filtering, malware attacks and DLP enforcementSlide24

Reporting DemoSlide25

Continuous investments: Since Jan 2014 added

Extended Message trace and improved reporting

Directory

Based Edge Blocking

Match

Sub-domains

Remote PowerShell for customers without hosted mailboxesEnd user access to QuarantineDKIM for inbound emailSupport for IPV6Slide26

No Am

APAC

EMEA

Mail is ALWAYS processed ONLY in your region!

PRCSlide27

Exchange Online Protection Setup

Add and verify domain ownership, and setup MX recordFine tune anti-malware and anti-spam settings

Create rules to meet business needs

Run Hybrid Wizard to configure connectorsSlide28

Stop viruses and malware

Multi-engine malware protection

Continuously evolving anti-spam protection

Protect sensitive data

Data Loss Prevention features

Encryption of sensitive email

Common administration consoleOffice 365 integrationDetailed reportingEnterprise class reliabilityGeographically load-balanced datacentersQueuing capabilities to help ensure no mail is lost24x7x365 Microsoft Support$$$ backed SLA

Easily transition from EOP to Office 365

EOP provisioned through the Office 365 commerce platformExchange Online Protection (EOP)Slide29

QuestionsSlide30

Related Sessions to Attend

Session

Title

Timing

Room

SPR.202

Encryption in ExchangeTue 10:45 AM - 12:00 PMBallroom ESPR.201Eliminate the Regulatory Compliance NightmareTue 9:00 AM-10:15 AMMR 19abSPR.UN.305Exchange Online Protection: Notes from the fieldWed 10:15 AM – 11:30 AMBallroom GSPR.UN.304Experts Unplugged: EOP & EncryptionWed 8:30-9:45 AMWed 1:00-2:15 PMMR 18dMR 17b

SPR.401

Extending Data Loss Prevention For Your BusinessWed 4:45 PM- 6:00 PMMR 18bc

SPR.203Protect your Organization with Exchange Online Protection (EOP)Mon 4:30 PM - 5:45 PM

MR 18bcSPR.301So how does Microsoft handle my spam?

Tue 4:45 PM – 6:00 PM

MR 19ab SPR.401

Using Connectors & Mail Routing

Wed 2:45 PM - 4:00 PM

MR 18bc

ARC.304

Exchange Server 2013 Transport Architecture

Tues 9:00 AM - 10:15 AM

Ballroom F

EDC.302

Advanced Data

Loss

Prevention in Exchange

Tues 1:30 PM-2:45 PM

Ballroom F

EDC.UN.301

Experts Unplugged: Data Loss Prevention

Tue 3:00 PM-4:15 PM

Wed 10:15 AM-11:30

AM

MR 18d

MR 13ab

EDC.204

Data Loss Prevention

in

Exchange, Outlook, OWA

Mon 2:45 Pm-4:00PM

MR 18bc

MNG.304

Reporting On O365

Mail flow

and Mailbox Data

Wed 1:00 PM-2:15

PM

MR 17aSlide31
Slide32

©

2014

Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.