Upload
jennifer-preston
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
Levon EsibovPrincipal Group Program ManagerMicrosoft
Protect Your Organization with Exchange Online Protection (EOP)
SPR203
How may I protectmy employees from spam and malwaremy company from data loss
using Exchange Online Protection
even if I’m not moving my mailboxes to the Cloud?
Security challenges
Rapidly evolving external threats
Potential loss of sensitive data
Keeping email safe without impacting users
Stop viruses and malware• Multi-engine malware protection• Continuously evolving anti-spam protection
Protect sensitive data• Data Loss Prevention features• Encryption of sensitive email
Common administration console• Office 365 integration• Detailed reporting
Enterprise class reliability• Geographically load-balanced datacenters• Queuing capabilities to help ensure no mail is lost• 24x7x365 Microsoft Support• $$$ backed SLA
Exchange Online Protection (EOP)
Exchange Online Protection in numbersUsed by many
100,000s of customers
Used by many 10,000,000s of users
Processing Billions of emails a day
Using Thousands of servers
Across dozens of Datacenters worldwide
Supported by SMEs who wrote the code 24x7x365
EOP Conceptual Diagram
On-premises server - Inbound and Outbound email filtered through EOP
Corporate Network
EOP
EOP Inbound Filtering
Email is routed to EOP DC based on MX record resolution
(Contoso-com.mail.protection.outlook.com)
IP-based edge blocks
Envelope blocks
Virus Scanning
AV Engine 1
AV Engine 2
AV Engine 3
SPAM ProtectionSafe
Sender/Recipient
Policy Enforcement
Custom RulesContent scanning
and Heuristics
Bulk Mail filtering
SPF & Sender ID Filter
Quarantine
International Spam
Advanced SPAM management
Customer Feedback
False +ve / -ve
Spam Analysts
Corporate Network
EOP Outbound Filtering
High Risk Delivery PoolHigh Score
Outbound Pool
Low Score
SPAM Protection
Content scanning and Heuristics
Advanced SPAM management
Virus Scanning
AV Engine 1
AV Engine 2
AV Engine 3
Policy Enforcement
Custom Rules
QuarantineSpam Analysts
Corporate Network
• 1. Connection filtering • Blocks up to 80% of all spam
based on IP block/allow lists.
• 2. Sender-Recipient Filtering
• Blocks up to 15% of all spam based on internal lists and sender reputation.
• 3. Content Filtering• Blocks up to 5% of all spam
based on internal lists and heuristics.
Multi-layered anti-spam protection
10
• Connection filtering • Static IP allow/block list• Opt-in to Microsoft-maintained
reputable sender list
• Content spam categories• Blatant spam• High confidence spam
• Content Filtering Actions• Delete• Quarantine• Add X-Header• Modify Subject• Redirect
Control anti-spam filtering
11
Effective spam blockingBlock external threats quicklyAdvanced fingerprinting technologies that identify and stop new spam and phishing vectors in real time.
Enable more control Mark all bulk messages as spam
Block unwanted email based on language or geographic origin
Block email based on language
Block email based on geography
• Suspect junk mail by default goes to the Outlook junk mail folder.
• Uses Outlook safe senders and block lists.
• SPAM Quarantine is currently available to administrators only, but end-users will get access shortly.
• Email Spam Notification for the end-users
Junk mail management
Anti-malware
14
Simple configuration
Delete messagesDelete attachments
Robust, customizable notifications
Sender notifications
Admin notifications
Managing policy
16
• Same rule set as Exchange Transport Rules• Includes some new conditions:• The sender…IP matches any of these addresses• Attachment scanning• Any attachment…has executable content• The message…contains sensitive information• The message…size exceeds
EOP Rules
17
• Same rule set as Exchange Transport Rules• Includes some new actions:• Generate incident report• Require TLS Encryption• Put message in quarantine mailbox• Use the following outbound connector…
EOP Rules
18
• Same rule set as Exchange Transport Rules• Includes some new options:
• Rules can be configured to run for a specific time period• Rules can be run in Test Mode• Information Rights Management and Office 365 Message
Encryption can be applied to messages using a transport rule.
EOP Rules
19
Helps to • identify• monitor• protect sensitive data through deep content analysis.
Data Loss Prevention
Easy to use
Monitor
Protect
Identify
Common management consoleAnti-spam, anti-malware and DLP controls integrated into the Exchange Admin Center and Office 365.
Admin Demo
Granular reporting optionsProvides a clear view on spam filtering, malware attacks and DLP enforcement
Reporting Demo
Continuous investments: Since Jan 2014 added
Extended Message trace and improved reporting
Directory Based Edge Blocking Match Sub-domains Remote PowerShell for customers without
hosted mailboxes End user access to Quarantine DKIM for inbound email Support for IPV6
No Am
APAC
EMEA
Mail is ALWAYS processed ONLY in your region!
PRC
Exchange Online Protection Setup
1. Add and verify domain ownership, and setup MX record
2. Fine tune anti-malware and anti-spam settings3. Create rules to meet business needs4. Run Hybrid Wizard to configure connectors
Stop viruses and malware• Multi-engine malware protection• Continuously evolving anti-spam protection
Protect sensitive data• Data Loss Prevention features• Encryption of sensitive email
Common administration console• Office 365 integration• Detailed reporting
Enterprise class reliability• Geographically load-balanced datacenters• Queuing capabilities to help ensure no mail is lost• 24x7x365 Microsoft Support• $$$ backed SLA
Easily transition from EOP to Office 365• EOP provisioned through the Office 365 commerce platform
Exchange Online Protection (EOP)
Questions
Related Sessions to Attend Session Title Timing Room
SPR.202 Encryption in Exchange Tue 10:45 AM - 12:00 PM Ballroom E
SPR.201Eliminate the Regulatory Compliance Nightmare Tue 9:00 AM-10:15 AM MR 19ab
SPR.UN.305Exchange Online Protection: Notes from the field Wed 10:15 AM – 11:30 AM Ballroom G
SPR.UN.304Experts Unplugged: EOP & Encryption
Wed 8:30-9:45 AMWed 1:00-2:15 PM
MR 18dMR 17b
SPR.401Extending Data Loss Prevention For Your Business Wed 4:45 PM- 6:00 PM MR 18bc
SPR.203
Protect your Organization with Exchange Online Protection (EOP) Mon 4:30 PM - 5:45 PM MR 18bc
SPR.301So how does Microsoft handle my spam? Tue 4:45 PM – 6:00 PM MR 19ab
SPR.401Using Connectors & Mail Routing Wed 2:45 PM - 4:00 PM MR 18bc
ARC.304Exchange Server 2013 Transport Architecture Tues 9:00 AM - 10:15 AM Ballroom F
EDC.302Advanced Data Loss Prevention in Exchange Tues 1:30 PM-2:45 PM Ballroom F
EDC.UN.301Experts Unplugged: Data Loss Prevention
Tue 3:00 PM-4:15 PMWed 10:15 AM-11:30 AM
MR 18dMR 13ab
EDC.204Data Loss Prevention in Exchange, Outlook, OWA Mon 2:45 Pm-4:00PM MR 18bc
MNG.304Reporting On O365 Mail flow and Mailbox Data Wed 1:00 PM-2:15 PM MR 17a
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.