Presentation is loading. Please wait.

Presentation is loading. Please wait.

Demo Advanced Threat Protection

Published by馗盗 程 Modified over 5 years ago

Similar presentations

Presentation on theme: "Demo Advanced Threat Protection"— Presentation transcript:

1 Demo Advanced Threat Protection
INSTRUCTIONS: Set Screen Resolution to 1920x1080 Start the Slide Show If you are projecting to a second monitor, use Presenter View on your PC to read the talk track and see where to click next (note that this is a PowerPoint, so the “clicks” are intended to make the presentation as close to a Live Code demo as possible)

2 Microsoft has made great investments for Office 365 in the area of compliance. Exchange Online Protection has been in place for a while in Office 365. In the Exchange admin center, administrators can create filtering policies for different types of content.    CLICK STEP(S) Click Exchange in the left nav.

3 CLICK STEP(S) Click protection in the left nav.

4 With spam filtering, administrators can use risk levels to enhance their organizations’ bulk protection capabilities. The higher the threshold is set, the more bulk that can get through to users. CLICK STEP(S) Click the pen icon to edit the rule.

5 CLICK STEP(S) Click spam and bulk actions in the left nav.

6 CLICK STEP(S) Click the drop down under Bulk in the left nav.

7 The higher the threshold is set, the more bulk email that can get through to users. 
CLICK STEP(S) Click Cancel.

8 IP addresses can also be blocked.
CLICK STEP(S) Click connection filter.

9 Of course, administrators cannot possibly identify every potentially harmful IP address.
CLICK STEP(S) Click the pen icon to edit the rule.

10 CLICK STEP(S) Click connection filtering.

11 Microsoft provides them with a safe list, a growing list of IP addresses that are known to be benign.  CLICK STEP(S) Click Cancel.

12 Administrators can also implement policies that detect malware in individual messages, whether intentional or not. CLICK STEP(S) Click malware filter.

13 CLICK STEP(S) Click the pen icon to edit the rule.

14 CLICK STEP(S) Click settings.

15 As a response to detection, the messages can be deleted, or they can be delivered with attachments removed from them. CLICK STEP(S) Click the right scroll bar to scroll down to show the admin field.

16 Notifications about malware detection can be sent to both internal and external senders as well as administrators.  CLICK STEP(S) Click Cancel.

17 Advanced Threat Protection (ATP) expands on existing content filtering capabilities, hardening organizational environments.  CLICK STEP(S) Click advanced threats in the left nav.

18 Malware filtering policies in the protection area of the Exchange admin center work great for threats that are known by anti-virus programs and that have corresponding signature files. ATP goes even further by using Safe Attachments to detect threats that are unknown by anti-virus programs. CLICK STEP(S) Click the pen icon to edit the policy.

19 With Safe Attachments, messages containing attachments are routed through a detonation chamber, where they are analyzed for potentially malicious behavior.  CLICK STEP(S) Click settings in the left nav.

20 If, for example, an attachment is trying to access a user’s registry, a Safe Attachment policy can block that attachment, replace it, or simply monitor the scan results. Additionally, administrators can redirect blocked, replaced, or monitored attachments to a specific address.  CLICK STEP(S) Click Cancel.

21 ATP also uses Safe Links to scan messages and detect potentially malicious URLs, like those from phishing scams. CLICK STEP(S) Click safe links.

22 CLICK STEP(S) Click the pen icon to edit the policy.

23 Safe Link policies check URLs against a list of known malicious links.
CLICK STEP(S) Click settings.

24 A link can then be rewritten so that, when clicked, users are redirected to a protective shell and notified that the original URL has been classified as malicious. Administrators can track user clicks to these links and allow users to click through to the original URLs. Administrators can also identify a list of URLs that should not be rewritten, should they happen to inadvertently end up on the list of known malicious links.    CLICK STEP(S) Click Cancel.

25 The information worker experience for ATP is all about protection.
CLICK STEP(S) Click the Edge browser to show Sara’s OWA experience.

26 Here, Alex has sent Sara a message with an attachment.
CLICK STEP(S) Click the third message, from Alex Darrow.

27 The organization’s Safe Attachment policy detected that there were unverified signatures in the attachment and thus blocked it. CLICK STEP(S) Click the attachment (Keys.js).

28 CLICK STEP(S) Click OK.

29 In the message, Sara still has access to the original message body, but the malware threat was removed. Meanwhile, the attachment was redirected to the administrator for further analysis. CLICK STEP(S) Click the first message, from Alex Darrow as well.

30 In this message about cheap flights, she clicks a known phishing link.
CLICK STEP(S) Click “site”, the hyperlink in the message.

31 The organization’s Safe Link policy found that link to be malicious and rewrote it. Sara is thus redirected to a protective shell, which alerts her about the classification of that URL.   CLICK STEP(S) Click the “Mail – Sara Davis – Outlook” tab in Edge.

32 The policy is selective enough to remove only malicious links
The policy is selective enough to remove only malicious links. Even within a single with both safe and malicious links, only the malicious links will be removed. CLICK STEP(S) Click the “Bing” hyperlink.

33 Within that same message about cheap flights, Sara clicks the link in the signature line and navigates to Bing.com as expected.  Back in the Exchange admin center…. CLICK STEP(S) Click the Edge browser in the bottom to switch to the admin center.

34 …. administrators can review a report that tracks individual user clicks of malicious URLs in messages. CLICK STEP(S) Click mail flow in the left nav.

35 CLICK STEP(S) Click url trace.

36 The report contains URL traces from the previous seven days
The report contains URL traces from the previous seven days. These traces and can be filtered by date and time, by recipients, or by a list of exact URLs. CLICK STEP(S) Click in the right scroll bar to scroll down.

37 Here, the administrator filters with Sara as the recipient to see her recent trace activities, which includes the URLs that were rewritten. CLICK STEP(S) Click add recipient.

38 CLICK STEP(S) Click Sara Davis.

39 CLICK STEP(S) Click add.

40 CLICK STEP(S) Click OK.

41 CLICK STEP(S) Click the right scroll bar to scroll down.

42 CLICK STEP(S) Click search.

43 <Results do not show up>
As shown in this demo, Microsoft has made great investments in the Exchange admin center to expand threat protection in Office 365.

Download ppt "Demo Advanced Threat Protection"

Similar presentations

Microsoft® Lync™ 2010 IM and Presence Training

Microsoft® Lync™ 2010 IM and Presence Training
Setting up your Lyreco E-Mail Account.

Setting up your Lyreco Account.
Refresher Instruction Guide Strategic Planning and Assessment Module

Refresher Instruction Guide Strategic Planning and Assessment Module
Web Filtering. ExchangeDefender Web Filtering provides policy-controlled protection from dangerous content on the web. Web Filtering is agent based, allowing.

Web Filtering. ExchangeDefender Web Filtering provides policy-controlled protection from dangerous content on the web. Web Filtering is agent based, allowing.
Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of servers Across dozens of.

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.
On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing email environment.

On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing environment.
 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.

 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.
1 of 6 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 6 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of.

Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of.
HOW TO USE EMAIL BY ALEX ROSS ALEX ROSS. HOW TO CREATE EMAIL ACCOUNT FOR DUMMIES Email is a great way to communicate with others. We can interact with.

HOW TO USE BY ALEX ROSS ALEX ROSS. HOW TO CREATE ACCOUNT FOR DUMMIES is a great way to communicate with others. We can interact with.
How to Get The Most Out of Outlook 2003 Michele Schwartzman Division of Customer Support 301-594-6248 Summer 2006.

How to Get The Most Out of Outlook 2003 Michele Schwartzman Division of Customer Support Summer 2006.
OSP214. SECURITY PRIVACY RELIABILITY & SERVICE CONTINUITY COMPLIANCE.

OSP214. SECURITY PRIVACY RELIABILITY & SERVICE CONTINUITY COMPLIANCE.
What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.

What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.
1 FOR OFFICIAL USE ONLY How To Add a CATMS Team Mailbox to Your Outlook E-mail Profile.

1 FOR OFFICIAL USE ONLY How To Add a CATMS Team Mailbox to Your Outlook Profile.
Message Trace Office 365 May 2013.

Message Trace Office 365 May 2013.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
E- MAIL APPLICATION CALENDAR MODUL. B ENEFITS OF CALENDAR Calendar sharing. Outlook Web App now enables your users to share their calendars with people.

E- MAIL APPLICATION CALENDAR MODUL. B ENEFITS OF CALENDAR Calendar sharing. Outlook Web App now enables your users to share their calendars with people.
Advanced User Guide to Outlook and all its features.

Advanced User Guide to Outlook and all its features.

Similar presentations

Ads by Google