security challenges used by many 100,000s of customers used by many 10,000,000s of users processing...
TRANSCRIPT
![Page 1: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/1.jpg)
![Page 2: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/2.jpg)
Levon EsibovPrincipal Group Program ManagerMicrosoft
Protect Your Organization with Exchange Online Protection (EOP)
SPR203
![Page 3: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/3.jpg)
How may I protectmy employees from spam and malwaremy company from data loss
using Exchange Online Protection
even if I’m not moving my mailboxes to the Cloud?
![Page 4: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/4.jpg)
Security challenges
Rapidly evolving external threats
Potential loss of sensitive data
Keeping email safe without impacting users
![Page 5: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/5.jpg)
Stop viruses and malware• Multi-engine malware protection• Continuously evolving anti-spam protection
Protect sensitive data• Data Loss Prevention features• Encryption of sensitive email
Common administration console• Office 365 integration• Detailed reporting
Enterprise class reliability• Geographically load-balanced datacenters• Queuing capabilities to help ensure no mail is lost• 24x7x365 Microsoft Support• $$$ backed SLA
Exchange Online Protection (EOP)
![Page 6: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/6.jpg)
Exchange Online Protection in numbersUsed by many
100,000s of customers
Used by many 10,000,000s of users
Processing Billions of emails a day
Using Thousands of servers
Across dozens of Datacenters worldwide
Supported by SMEs who wrote the code 24x7x365
![Page 7: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/7.jpg)
EOP Conceptual Diagram
On-premises server - Inbound and Outbound email filtered through EOP
Corporate Network
EOP
![Page 8: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/8.jpg)
EOP Inbound Filtering
Email is routed to EOP DC based on MX record resolution
(Contoso-com.mail.protection.outlook.com)
IP-based edge blocks
Envelope blocks
Virus Scanning
AV Engine 1
AV Engine 2
AV Engine 3
SPAM ProtectionSafe
Sender/Recipient
Policy Enforcement
Custom RulesContent scanning
and Heuristics
Bulk Mail filtering
SPF & Sender ID Filter
Quarantine
International Spam
Advanced SPAM management
Customer Feedback
False +ve / -ve
Spam Analysts
Corporate Network
![Page 9: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/9.jpg)
EOP Outbound Filtering
High Risk Delivery PoolHigh Score
Outbound Pool
Low Score
SPAM Protection
Content scanning and Heuristics
Advanced SPAM management
Virus Scanning
AV Engine 1
AV Engine 2
AV Engine 3
Policy Enforcement
Custom Rules
QuarantineSpam Analysts
Corporate Network
![Page 10: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/10.jpg)
• 1. Connection filtering • Blocks up to 80% of all spam
based on IP block/allow lists.
• 2. Sender-Recipient Filtering
• Blocks up to 15% of all spam based on internal lists and sender reputation.
• 3. Content Filtering• Blocks up to 5% of all spam
based on internal lists and heuristics.
Multi-layered anti-spam protection
10
![Page 11: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/11.jpg)
• Connection filtering • Static IP allow/block list• Opt-in to Microsoft-maintained
reputable sender list
• Content spam categories• Blatant spam• High confidence spam
• Content Filtering Actions• Delete• Quarantine• Add X-Header• Modify Subject• Redirect
Control anti-spam filtering
11
![Page 12: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/12.jpg)
Effective spam blockingBlock external threats quicklyAdvanced fingerprinting technologies that identify and stop new spam and phishing vectors in real time.
Enable more control Mark all bulk messages as spam
Block unwanted email based on language or geographic origin
Block email based on language
Block email based on geography
![Page 13: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/13.jpg)
• Suspect junk mail by default goes to the Outlook junk mail folder.
• Uses Outlook safe senders and block lists.
• SPAM Quarantine is currently available to administrators only, but end-users will get access shortly.
• Email Spam Notification for the end-users
Junk mail management
![Page 14: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/14.jpg)
Anti-malware
14
![Page 15: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/15.jpg)
Simple configuration
Delete messagesDelete attachments
Robust, customizable notifications
Sender notifications
Admin notifications
![Page 16: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/16.jpg)
Managing policy
16
![Page 17: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/17.jpg)
• Same rule set as Exchange Transport Rules• Includes some new conditions:• The sender…IP matches any of these addresses• Attachment scanning• Any attachment…has executable content• The message…contains sensitive information• The message…size exceeds
EOP Rules
17
![Page 18: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/18.jpg)
• Same rule set as Exchange Transport Rules• Includes some new actions:• Generate incident report• Require TLS Encryption• Put message in quarantine mailbox• Use the following outbound connector…
EOP Rules
18
![Page 19: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/19.jpg)
• Same rule set as Exchange Transport Rules• Includes some new options:
• Rules can be configured to run for a specific time period• Rules can be run in Test Mode• Information Rights Management and Office 365 Message
Encryption can be applied to messages using a transport rule.
EOP Rules
19
![Page 20: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/20.jpg)
Helps to • identify• monitor• protect sensitive data through deep content analysis.
Data Loss Prevention
Easy to use
Monitor
Protect
Identify
![Page 21: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/21.jpg)
Common management consoleAnti-spam, anti-malware and DLP controls integrated into the Exchange Admin Center and Office 365.
![Page 22: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/22.jpg)
Admin Demo
![Page 23: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/23.jpg)
Granular reporting optionsProvides a clear view on spam filtering, malware attacks and DLP enforcement
![Page 24: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/24.jpg)
Reporting Demo
![Page 25: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/25.jpg)
Continuous investments: Since Jan 2014 added
Extended Message trace and improved reporting
Directory Based Edge Blocking Match Sub-domains Remote PowerShell for customers without
hosted mailboxes End user access to Quarantine DKIM for inbound email Support for IPV6
![Page 26: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/26.jpg)
No Am
APAC
EMEA
Mail is ALWAYS processed ONLY in your region!
PRC
![Page 27: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/27.jpg)
Exchange Online Protection Setup
1. Add and verify domain ownership, and setup MX record
2. Fine tune anti-malware and anti-spam settings3. Create rules to meet business needs4. Run Hybrid Wizard to configure connectors
![Page 28: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/28.jpg)
Stop viruses and malware• Multi-engine malware protection• Continuously evolving anti-spam protection
Protect sensitive data• Data Loss Prevention features• Encryption of sensitive email
Common administration console• Office 365 integration• Detailed reporting
Enterprise class reliability• Geographically load-balanced datacenters• Queuing capabilities to help ensure no mail is lost• 24x7x365 Microsoft Support• $$$ backed SLA
Easily transition from EOP to Office 365• EOP provisioned through the Office 365 commerce platform
Exchange Online Protection (EOP)
![Page 29: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/29.jpg)
Questions
![Page 30: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/30.jpg)
Related Sessions to Attend Session Title Timing Room
SPR.202 Encryption in Exchange Tue 10:45 AM - 12:00 PM Ballroom E
SPR.201Eliminate the Regulatory Compliance Nightmare Tue 9:00 AM-10:15 AM MR 19ab
SPR.UN.305Exchange Online Protection: Notes from the field Wed 10:15 AM – 11:30 AM Ballroom G
SPR.UN.304Experts Unplugged: EOP & Encryption
Wed 8:30-9:45 AMWed 1:00-2:15 PM
MR 18dMR 17b
SPR.401Extending Data Loss Prevention For Your Business Wed 4:45 PM- 6:00 PM MR 18bc
SPR.203
Protect your Organization with Exchange Online Protection (EOP) Mon 4:30 PM - 5:45 PM MR 18bc
SPR.301So how does Microsoft handle my spam? Tue 4:45 PM – 6:00 PM MR 19ab
SPR.401Using Connectors & Mail Routing Wed 2:45 PM - 4:00 PM MR 18bc
ARC.304Exchange Server 2013 Transport Architecture Tues 9:00 AM - 10:15 AM Ballroom F
EDC.302Advanced Data Loss Prevention in Exchange Tues 1:30 PM-2:45 PM Ballroom F
EDC.UN.301Experts Unplugged: Data Loss Prevention
Tue 3:00 PM-4:15 PMWed 10:15 AM-11:30 AM
MR 18dMR 13ab
EDC.204Data Loss Prevention in Exchange, Outlook, OWA Mon 2:45 Pm-4:00PM MR 18bc
MNG.304Reporting On O365 Mail flow and Mailbox Data Wed 1:00 PM-2:15 PM MR 17a
![Page 31: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/31.jpg)
![Page 32: Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of](https://reader036.vdocuments.us/reader036/viewer/2022062421/56649d9d5503460f94a86297/html5/thumbnails/32.jpg)
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.