08 O365 SMB JS V2 Exchange Online Protection Blue
Transcript of 08 O365 SMB JS V2 Exchange Online Protection Blue
![Page 1: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/1.jpg)
Mod 8:Exchange Security & ProtectionChris Oakman | Managing Partner Infrastructure Team | Eastridge TechnologyStephen Hall | CEO & SMB Technologist | District Computers
Version 2.0 for Office 365
![Page 2: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/2.jpg)
Day 1Administering Office 365
Day 2Administering Exchange Online
Office 365 Overview & Infrastructure Lync Online Administration
Office 365 User Management Administering SharePoint OnlineOffice 365 DirSync, Single Sign-On & ADFS Exchange Online Basic Management
MEAL BREAK
Exchange Online Deployment & Migration
Exchange Security & Protection
Exchange Online Archiving & Compliance
Jump Start Schedule – Target Agenda
![Page 3: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/3.jpg)
Module 8: Exchange Security & ProtectionFor Midsize Businesses and Enterprises
• Service Introduction & Overview • Spam control• Anti-Malware• Managing Policy• Managing Exchange Security & Policy in Office 365• Mail flow rules, Message Tracing & Delivery Reports
![Page 4: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/4.jpg)
What is EOP?
Executive Office of the PresidentEqual Opportunity ProgramEdge of Pavement
English-only Policy Emergency Oxygen PackEdge of Panic
Emergency Operations PlanEthernet over PowerElevation of Privilege
Exchange Online Protection
![Page 5: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/5.jpg)
• Cloud-based email filtering service that:• Protects against spam and malware• Safeguards organizations from messaging-policy violations• Simplifies Exchange messaging environment management
• Replaces Forefront Online Protection for Exchange (FOPE)
• All FOPE customers will be migrated to EOP
• Adds anti-malware protection to Exchange Online
Exchange Online Protection (EOP)
![Page 6: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/6.jpg)
• Exchange Policies that contain sets of conditions to filter email messages
• made up of transport rules, actions and exceptions• Must be activated in the Exchange Administration Center (EAC) to filter live
messages
• Can inform senders they may be about to violate a policy before they even send an offending message
• Done through the configuration of policy tips
Exchange Data Loss Prevention (DLP)
http://technet.microsoft.com/en-us/library/jj150527%28v=exchg.150%29.aspx
NOTE: DLP is a premium feature that requires an Exchange Online Plan 2 License. Included with ALL Office 365 Midsize business & enterprise plans
![Page 7: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/7.jpg)
Exchange Security and Protection Stop viruses and malware
Exchange Online Protection works to block spam and viruses before entering networkBasic level of anti-malware built into Exchange Server Protect Sensitive Data Scan Exchange transport for sensitive content with DLP feature in the cloud or on-premisesGranular control on email using RMS
Exchange Online Protection
Exchange Servers
![Page 8: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/8.jpg)
Exchange Security and Protection (Cont’d) Stop viruses and malware
Exchange Online Protection provides multi-engine protection
Protect sensitive data Scan exchange transport for sensitive content with Data Loss Prevention featuresGranular control on email using RMS
Anti-Spam
Anti-Malware
Unified Management Policy
![Page 9: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/9.jpg)
Protect communicationsBasic level of built-in anti-malware and enhanced spam filtering to help protect your email environment from threats
Exchange Security and Protection (Cont’d)
Enforce policyData Loss Prevention (DLP) controls that can detect sensitive data in email before it is sent and automatically block, hold or notify the sender
Simplify managementUnified administration of anti-spam, anti-malware, and DLP within Exchange
![Page 10: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/10.jpg)
Comprehensive protectionMulti-engine antivirus Continuously evolving anti-spam protectionBuilt on Forefront Online Protection for Exchange (FOPE)
Exchange Online Protection (EOP)
Enterprise-class reliabilityGeographically load-balanced datacentersQueuing capabilities to help ensure that no mail is lost
Common administration consoleMicrosoft Office 365 integrationDetailed reporting
![Page 11: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/11.jpg)
DLP helps to identifymonitorprotect
sensitive data through deep content analysis
Data Loss Prevention (DLP) in Exchange
Easy to use
Monitor
Protect
Identify
![Page 12: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/12.jpg)
Module 8: Exchange Online Protection & SecurityFor Midsize Businesses and Enterprises
• Service Introduction & Overview • Spam control• Anti-Malware• Managing Policy• Managing Exchange Security & Policy in Office 365• Mail flow rules, Message Tracing & Delivery Reports
![Page 13: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/13.jpg)
1. Connection filtering Blocks up to 80% of all spam, based on
IP block/allow lists
2. Sender-recipient filteringBlocks up to 15% of all spam, based on internal lists and sender reputation
3. Content filteringBlocks up to 5% of all spam, based on internal lists and heuristics
Multi-Layered Anti-Spam Protection
![Page 14: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/14.jpg)
Connection filtering Static IP allow/block listOpt-in to Microsoft-maintained reputable sender listContent spam categoriesBlatant spamHigh-confidence spamContent filtering actionsDeleteQuarantineAdd X-headerModify subjectRedirect
Control Anti-Spam Filtering
![Page 15: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/15.jpg)
Effective Spam BlockingBlock external threats quicklyAdvanced fingerprinting technologies that identify and stop new spam and phishing vectors in real time
Enable more control Mark all bulk messages as spamBlock unwanted email based on language or geographic origin
Block email based on language
Block email based on geography
![Page 16: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/16.jpg)
EOP Inbound Filtering Email is routed to EOP DC based on
MX record resolution(Contoso-
com.mail.protection.outlook.com)
IP-based edge blocks
Envelope blocks
Virus Scanning
AV Engine 1
AV Engine 2
AV Engine 3
SPAM ProtectionSafe
Sender/Recipient
Policy Enforcement
Custom RulesContent Scanning
and Heuristics
Bulk Mail Filtering
SPF & Sender ID Filter
Quarantine
International SpamAdvanced SPAM
Management
Customer Feedback
False +ve / -ve
Spam Analysts
Corporate Network
![Page 17: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/17.jpg)
EOP Outbound Filtering
High Risk Delivery PoolHigh Score
Outbound Pool
Low Score
SPAM Protection
Content Scanning and Heuristics
Advanced SPAM Management
Virus Scanning
AV Engine 1
AV Engine 2
AV Engine 3
Policy Enforcement
Custom Rules
QuarantineSpam Analysts
Corporate Network
![Page 18: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/18.jpg)
Module 8: Exchange Online Protection & SecurityFor Midsize Businesses and Enterprises
• Service Introduction & Overview • Spam control• Anti-Malware• Managing Policy• Managing Exchange Security & Policy in Office 365• Mail flow rules, Message Tracing & Delivery Reports
![Page 19: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/19.jpg)
Basic level built in to Exchange ServerSimple configuration and monitoringSame antivirus engine as System Center Endpoint ProtectionScans through the transport service
Anti-Malware Protection
![Page 20: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/20.jpg)
Simple ConfigurationDelete messagesDelete attachmentsRobust, customizable notifications
Sender notifications
Admin notifications
![Page 21: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/21.jpg)
Module 8: Exchange Online Protection & SecurityFor Midsize Businesses and Enterprises
• Service Introduction & Overview • Spam control• Anti-Malware• Managing Policy• Managing Exchange Security & Policy in Office 365• Mail flow rules, Message Tracing & Delivery Reports
![Page 22: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/22.jpg)
Same rule set as Exchange Transport RulesIncludes some new conditions:The sender IP matches any of these addressesAttachment scanningAny attachment has executable contentThe message contains sensitive informationThe message size exceeds…
EOP Rules
![Page 23: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/23.jpg)
Same rule set as Exchange Transport RulesIncludes some new actions:Generate incident reportRequire TLS encryptionPut message in quarantine mailboxUse the following outbound connector…
EOP Rules (Cont’d)
![Page 24: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/24.jpg)
Same rule set as Exchange Transport RulesIncludes some new options:Rules can be configured to run for a specific time periodRules can be run in Test ModeInformation Rights Management (IRM) can be applied to messages using a transport rule
EOP Rules (Cont’d)
![Page 25: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/25.jpg)
Establish policies to protect sensitive dataRules can be run in Test Mode or applied to live emailInformation Rights Management (IRM) can be applied to messages using a transport ruleMethods to create DLP policies• Out-of-the-box template supplied by Microsoft• Import a pre-built policy file from outside your organization• Create a custom policy without any pre-existing conditions
DLP Rules
http://technet.microsoft.com/en-us/library/jj150527%28v=exchg.150%29.aspx#dlp_establish
![Page 26: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/26.jpg)
Module 8: Exchange Online Protection & SecurityFor Midsize Businesses and Enterprises
• Service Introduction & Overview • Spam control• Anti-Malware• Managing Policy• Managing Exchange Security & Policy in Office 365• Mail flow rules, Message Tracing & Delivery Reports
![Page 27: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/27.jpg)
Office 365 Admin Center & Exchange Admin Center • Anti-spam• Anti-malware• DLP controls
Common Management Console
![Page 28: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/28.jpg)
DLP Rules
![Page 29: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/29.jpg)
DEMO | Exchange Online Protection
• Anti-Malware Policy• Anti-Spam Policy [in]• Content filter Policy• Anti-Spam Policy [out]• Quarantine
![Page 30: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/30.jpg)
Module 8: Exchange Online Protection & SecurityFor Midsize Businesses and Enterprises
• Service Introduction & Overview • Spam control• Anti-Malware• Managing Policy• Managing Exchange Security & Policy in Office 365• Mail flow rules, Message Tracing & Delivery Reports
![Page 31: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/31.jpg)
Exchange transport rulesExchange Mail Flow Rules
http://technet.microsoft.com/en-US/library/ms.exch.eac.NewTransportRule(EXCHG.150).aspx?v=15.0.702.0&l=1&s=BPOS_S_E15_0
![Page 32: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/32.jpg)
Message trace + delivery reports = a lot of power to troubleshoot mail-flow issuesTrace messages sent from one internal Office 365 tenant mailbox to anotherSimple search interface (no required fields)Top 1000 of the last 48h of message resultsResults include date, from, to, subject and a summary status
EOP Message Tracing
![Page 33: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/33.jpg)
Granular Reporting OptionsProvide a clear view on spam filtering, malware attacks, and DLP enforcement
33
![Page 34: 08 O365 SMB JS V2 Exchange Online Protection Blue](https://reader031.fdocuments.in/reader031/viewer/2022030308/577cc9b61a28aba711a467d8/html5/thumbnails/34.jpg)
Reporting Demo