Presentation is loading. Please wait.

Presentation is loading. Please wait.

Comprehensive protection Multi-engine antivirus Continuously evolving anti-spam protection Policy enforcement Enterprise class reliability Geographically.

Published byKrystal Summersett Modified over 9 years ago

Similar presentations

Presentation on theme: "Comprehensive protection Multi-engine antivirus Continuously evolving anti-spam protection Policy enforcement Enterprise class reliability Geographically."— Presentation transcript:

1

2

3

4

5 Comprehensive protection Multi-engine antivirus Continuously evolving anti-spam protection Policy enforcement Enterprise class reliability Geographically load-balanced datacenters Queuing capabilities to help ensure no mail is lost Live phone support Streamlined administration console Office 365 integration Detailed reporting

6

7 Spam Protection Outlook Safe/Blocked Senders Content Scanning Bulk Mail Filtering Content Filter Advanced Options Customer Feedback False Positive/Negatives Customer Feedback False Positive/Negatives Policy Quarantine Policy Quarantine Edge Blocks Email is routed to EOP data centres based on MX record resolution Policy Enforcement Custom Rules Allows/Rejects SPAM Quarantine SPAM Quarantine Spam Analysts - The Big Picture Virus Scanning AV Engine 1 AV Engine 2 AV Engine 3 Envelope blocks IP-based edge blocking

8 NDR Delivery Pool Bulk Delivery Pool Internet Outbound Pool High Risk Delivery Pool Higher Risk Outbound Pool Normal Score Spam Protection Content Scanning and Heuristics Content Filter Advanced Options Virus Scanning AV Engine 1 AV Engine 2 AV Engine 3 Policy Enforcement Custom Rules Quarantine Email Encryption Spam Analysts – The Big Picture

9

10

11 Step 1: Verify prerequisites Step 2: Configure mail flow (connectors) Step 3: Add and validate domains Step 4: Customize spam and policy settings Step 5: Enable mail flow Step 6: Monitor and fine tune

12

13

14 On-Prem Mail Environment Exchange Online Protection Outbound Connector Inbound Connector Outbound TLS Connector Inbound TLS Connector EOP connectors between on-premises and EOP need to be created *Additional connectors can be created between EOP and partners to force TLS Configure mail flow (connectors) Partner Environment

15 Prior to EOP (Fabrikam uses EOP) With EOP (Fabrikam uses EOP) Contoso Fabrikam Cert CN = mail.contoso.com Cert CN = mail.fabrikam.com Contoso EOP Fabrikam Cert CN = mail.contoso.com Cert CN = mail.protection.outlook.com Cert CN = mail.fabrikam.com

16 On-Prem Mail APAC Exchange Online Protection On-Prem Mail AMER On-Prem Mail EMEA Outbound Connector 1 Outbound Connector 3 Outbound Connector 2 Inbound Connector 1

17

18

19 Spam and policy customization

20 EOP and the Junk Mail folder Two rules Two rules need to be added to the on premise environment if you would like spam moved to the junk mail folder. Set-OrganizationConfig –SCLJunkThreshold 4 New-TransportRule "NameForRule" -HeaderContainsMessageHeader "X-Forefront-Antispam- Report" -HeaderContainsWords "SFV:SPM" -SetSCL 6 New-TransportRule "NameForRule" -HeaderContainsMessageHeader "X-Forefront-Antispam- Report" -HeaderContainsWords "SFV:SKS" -SetSCL 6 End users need to be educated about the use of the Junk Mail folder in Outlook

21

22 Spam and policy customization (ESN)

23 End user access to quarantine

24 Enable mail flow DNS changes MX record (domain-suffix.mail.protection.outlook.com) SPF record (v=spf1 include:spf.protection.outlook.com –all) Do not change CNAME DNS entries for stand alone customers On-premise changes Create smart host from on premise environment to EOP Restrict on premises firewall to only accept port 25 traffic from EOPEOP

25

26 Monitor and fine tune Goals Is the service operating as expected? Make adjustments to rules or settings as needed Evaluate effectiveness of spam settings Tools Reports (Office 365 Portal or Mail Protection Reports for Office 365) Submitting spam and false positive messages to Microsoft Junk Mail Reporting ToolJunk Mail Reporting Tool for Outlook

27

28 Exchange Server 2013 Exchange Online EOP Stand Alone

29

30 Do this Use a test domain, subdomain or low volume domain for trying different service features Create O365 connectors before adding domains Disable EOP inbound connector (type is on-prem) until you are ready to use it Use the Remote Connectivity Analyzer to troubleshootRemote Connectivity Analyzer Restrict inbound SMTP access to allow ONLY from EOP IP rangesEOP IP ranges Enable Microsoft’s IP Safe List in the Connection Filter When creating safe / black lists, use IP first, and if not possible, then use the domain Don’t do this Daisy chain services Use EOP for sending bulk mail Enable all Content Filter Advanced Options out of the box Safe list your own domain

31

32 Existing email environment Office 365 directory sync Secure mail flow Exchange Online ProtectionOn-premises

33

34 Telnet is your friend Telnet can be used to test mail flow from EOP to your on-prem environment. This allows verifying mail flow will work before doing the MX cutover. You do/type thisServer responds with this telnet tenantDomainMXRecordHere 25220 helo your_sending_server_fqdn250 mail from: you@domain.invalid250 Sender OK rcpt to: recipient@contoso.com250 Recipient OK data followed by the enter keyServer provides directions on how to enter data. subject: Enter the subject and hit enter twice Enter the body text. To finish the message, type a period on a line by itself and hit enter. 250 Message queued for delivery. Quit221 Service closing transmission channel

35

36 Quarantine Online viewer only supports up to 500 messages More can be viewed via PowerShell Get-QuarantineMessage CmdletGet-QuarantineMessage Can only release in bulk through Release-QuarantineMessage CmdletRelease-QuarantineMessage Limits Max message size for EOP delivering to stand-alone customers is 150 MB Max message size for EOP delivering to Office 365 hosted mailboxes is 35 MB Max 100 Transport Rules per tenant – DLP policies consume part of this quota Max of 900 domains per tenant EOP outbound connectors use round robin for delivery

37 Since January 2014 Extended Message trace (90 days) Directory Based Edge Blocking & Match sub-domains Remote PowerShell for customers without hosted mailboxes (EOP stand alone) End user access to the quarantine Office 365 Message Encryption Coming Soon DKIM for inbound email Support for IPv6 Future Outbound DKIM and DMARC Improvements to Bulk mail Advanced Spam Filter option

38 What they offer Exchange Online Protection implementation and configuration assistance up to 90 days Administrator training on Exchange Online Protection Advise customer on service best practices Single point of contact for duration of engagement Eligibility Net new customers who purchase 1000+ seats EOP stand alone, O365D Exception basis for O365 Hybrid How to Engage an IPM Contact your Technical Account Manager for more information.

39

40

41 www.microsoft.com/learning http://microsoft.com/msdn http://microsoft.com/technet http://channel9.msdn.com/Events/TechEd

42

43

44

Download ppt "Comprehensive protection Multi-engine antivirus Continuously evolving anti-spam protection Policy enforcement Enterprise class reliability Geographically."

Similar presentations

Message Trace & Headers for Office 365 Enhancements (Feb 2014)

Message Trace & Headers for Office 365 Enhancements (Feb 2014)
Office 365 for Enterprises ITExpo February 2, 2012.

Office 365 for Enterprises ITExpo February 2, 2012.
Admin: Simple to provision and configure Policy driven via Transport Rules Customizable branding of encrypted emails and mail reading portal Allows.

Admin: Simple to provision and configure Policy driven via Transport Rules Customizable branding of encrypted s and mail reading portal Allows.
 This session details common scenarios for deploying Office 365 services. Office 365 provides a breadth of capability, but often there is a key scenario.

 This session details common scenarios for deploying Office 365 services. Office 365 provides a breadth of capability, but often there is a key scenario.
TrustPort Net Gateway Email traffic protection. WWW.TRUSTPORT.COM Keep It Secure Entry point protection –Clear separation of the risky internet and secured.

TrustPort Net Gateway traffic protection. Keep It Secure Entry point protection –Clear separation of the risky internet and secured.
Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.
Exchange Online Protection & Mail Flow

Exchange Online Protection & Mail Flow
Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of servers Across dozens of.

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.
On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing email environment.

On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing environment.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Curtis Parker | December 2010 | Microsoft Corporation.

Curtis Parker | December 2010 | Microsoft Corporation.
FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE INTERCONTINENTAL GROUP Information security in real business firewall security.

FROM RICHARD RODRIGUES JOHN ANIMALU FELIX SHULMAN THE HONORARY MEMBERS OF THE INTERCONTINENTAL GROUP Information security in real business firewall security.
Microsoft Ignite /16/2017 1:30 PM

Microsoft Ignite /16/2017 1:30 PM
Connector- Based Customer Delivery Pool Mailbox (On-premises) Mailbox or Application (On-premises) Higher Risk High Risk Delivery Pool Resolve.

Connector- Based Customer Delivery Pool Mailbox (On-premises) Mailbox or Application (On-premises) Higher Risk High Risk Delivery Pool Resolve.
Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro

Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro
Fact check True or False: Over half of the messages received today in Exchange Online are spam True. About 67 % of all messages are spam True or False:

Fact check True or False: Over half of the messages received today in Exchange Online are spam True. About 67 % of all messages are spam True or False:
Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.

Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of.

Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of.
Office 365 SMTP Relay June 2013. Relay Method Send to rcpts in domain Relay to Internet via O365 Configuration Requirements Requires Authentication.

Office 365 SMTP Relay June Relay Method Send to rcpts in domain Relay to Internet via O365 Configuration Requirements Requires Authentication.

Similar presentations

Ads by Google