Principal Group Program Manager Microsoft Protect Your Organization with Exchange Online Protection EOP SPR203 How may I protect my employees from spam and malware my company from data loss using Exchange ID: 605923
Download Presentation The PPT/PDF document "Levon Esibov" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1Slide2
Levon EsibovPrincipal Group Program ManagerMicrosoft
Protect Your Organization with Exchange Online Protection (EOP)
SPR203Slide3
How may I protectmy employees from spam and malware
my company from data lossusing Exchange
Online
Protection
even if I’m not moving my mailboxes to the Cloud?Slide4
Security challenges
Rapidly evolving external threatsPotential loss of sensitive data Keeping email safe without impacting usersSlide5
Stop viruses and malware
Multi-engine malware protection
Continuously evolving anti-spam protection
Protect sensitive data
Data Loss Prevention features
Encryption of sensitive email
Common administration consoleOffice 365 integrationDetailed reportingEnterprise class reliabilityGeographically load-balanced datacentersQueuing capabilities to help ensure no mail is lost24x7x365 Microsoft Support$$$ backed SLA
Exchange Online Protection (EOP)Slide6
Exchange Online Protection in numbers
Used by many 100,000s of customers
Used by many 10,000,000s of users
Processing
Billions
of emails a day
Using Thousands of serversAcross dozens of Datacenters worldwideSupported by SMEs who wrote the code 24x7x365Slide7
EOP Conceptual Diagram
On-premises server - Inbound and Outbound email filtered through EOP
Corporate Network
EOPSlide8
EOP Inbound Filtering
Email is routed to EOP DC based on MX record resolution
(Contoso-com.mail.protection.outlook.com)
IP-based edge blocks
Envelope blocks
Virus
Scanning
AV Engine 1
AV Engine 2
AV Engine 3
SPAM Protection
Safe Sender/Recipient
Policy Enforcement
Custom Rules
Content scanning and Heuristics
Bulk Mail filtering
SPF & Sender ID Filter
Quarantine
International Spam
Advanced SPAM management
Customer Feedback
False +ve / -ve
Spam Analysts
Corporate NetworkSlide9
EOP Outbound Filtering
High Risk Delivery Pool
High Score
Outbound Pool
Low Score
SPAM Protection
Content scanning and Heuristics
Advanced SPAM management
Virus
Scanning
AV Engine 1
AV Engine 2
AV Engine 3
Policy Enforcement
Custom Rules
Quarantine
Spam Analysts
Corporate NetworkSlide10
1. Connection filtering
Blocks up to 80% of all spam based on IP block/allow lists.
2. Sender-Recipient
Filtering
Blocks up to 15% of all spam based on internal lists and sender reputation.
3. Content Filtering
Blocks up to 5% of all spam based on internal lists and heuristics. Multi-layered anti-spam protection10Slide11
Connection
filtering Static IP allow/block list
Opt-in to Microsoft-maintained reputable sender list
Content
spam
categories
Blatant spamHigh confidence spamContent Filtering ActionsDeleteQuarantineAdd X-HeaderModify SubjectRedirectControl anti-spam filtering 11Slide12
Effective spam blocking
Block external threats quickly
Advanced fingerprinting technologies that identify and stop new spam and phishing vectors in real time.
Enable more control
Mark all bulk messages as spam
Block unwanted email based on language or geographic origin
Block email based on language
Block email based on geographySlide13
Suspect junk mail by default goes to the Outlook junk mail folder.
Uses Outlook safe senders and block lists.
SPAM Quarantine is currently available
to administrators
only, but end-users will get access shortly.
Email Spam Notification for the end-users
Junk mail managementSlide14
Anti-malware
14Slide15
Simple configuration
Delete messages
Delete attachments
Robust, customizable notifications
Sender notifications
Admin notificationsSlide16
Managing policy
16Slide17
Same rule set as Exchange Transport Rules
Includes some new conditions:The sender…IP matches any of these addresses
Attachment scanning
Any attachment…has executable content
The message…contains sensitive information
The message…size exceeds
EOP Rules17Slide18
Same rule set as Exchange Transport Rules
Includes some new actions:Generate incident report
Require TLS Encryption
Put message in quarantine mailbox
Use the following outbound connector…
EOP Rules
18Slide19
Same rule set as Exchange Transport Rules
Includes some new options:Rules can be configured to run for a specific time period
Rules can be run in Test Mode
Information Rights Management
and Office 365 Message Encryption can
be applied to messages using a transport rule.
EOP Rules19Slide20
Helps to
identify
monitor
protect
sensitive data through deep content analysis.
Data Loss Prevention
Easy to useMonitorProtectIdentifySlide21
Common management console
Anti-spam, anti-malware and DLP controls integrated into the Exchange Admin Center and Office 365.Slide22
Admin DemoSlide23
Granular reporting options
Provides a clear view on spam filtering, malware attacks and DLP enforcementSlide24
Reporting DemoSlide25
Continuous investments: Since Jan 2014 added
Extended Message trace and improved reporting
Directory
Based Edge Blocking
Match
Sub-domains
Remote PowerShell for customers without hosted mailboxesEnd user access to QuarantineDKIM for inbound emailSupport for IPV6Slide26
No Am
APAC
EMEA
Mail is ALWAYS processed ONLY in your region!
PRCSlide27
Exchange Online Protection Setup
Add and verify domain ownership, and setup MX recordFine tune anti-malware and anti-spam settings
Create rules to meet business needs
Run Hybrid Wizard to configure connectorsSlide28
Stop viruses and malware
Multi-engine malware protection
Continuously evolving anti-spam protection
Protect sensitive data
Data Loss Prevention features
Encryption of sensitive email
Common administration consoleOffice 365 integrationDetailed reportingEnterprise class reliabilityGeographically load-balanced datacentersQueuing capabilities to help ensure no mail is lost24x7x365 Microsoft Support$$$ backed SLA
Easily transition from EOP to Office 365
EOP provisioned through the Office 365 commerce platformExchange Online Protection (EOP)Slide29
QuestionsSlide30
Related Sessions to Attend
Session
Title
Timing
Room
SPR.202
Encryption in ExchangeTue 10:45 AM - 12:00 PMBallroom ESPR.201Eliminate the Regulatory Compliance NightmareTue 9:00 AM-10:15 AMMR 19abSPR.UN.305Exchange Online Protection: Notes from the fieldWed 10:15 AM – 11:30 AMBallroom GSPR.UN.304Experts Unplugged: EOP & EncryptionWed 8:30-9:45 AMWed 1:00-2:15 PMMR 18dMR 17b
SPR.401
Extending Data Loss Prevention For Your BusinessWed 4:45 PM- 6:00 PMMR 18bc
SPR.203Protect your Organization with Exchange Online Protection (EOP)Mon 4:30 PM - 5:45 PM
MR 18bcSPR.301So how does Microsoft handle my spam?
Tue 4:45 PM – 6:00 PM
MR 19ab SPR.401
Using Connectors & Mail Routing
Wed 2:45 PM - 4:00 PM
MR 18bc
ARC.304
Exchange Server 2013 Transport Architecture
Tues 9:00 AM - 10:15 AM
Ballroom F
EDC.302
Advanced Data
Loss
Prevention in Exchange
Tues 1:30 PM-2:45 PM
Ballroom F
EDC.UN.301
Experts Unplugged: Data Loss Prevention
Tue 3:00 PM-4:15 PM
Wed 10:15 AM-11:30
AM
MR 18d
MR 13ab
EDC.204
Data Loss Prevention
in
Exchange, Outlook, OWA
Mon 2:45 Pm-4:00PM
MR 18bc
MNG.304
Reporting On O365
Mail flow
and Mailbox Data
Wed 1:00 PM-2:15
PM
MR 17aSlide31Slide32
©
2014
Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.