Forum Discussion
Quality of Exchange Online Protection
For mail, EOP is very good and doing the job. Make sure to learn about Transport Rules. Experience in REGEX is a plus enabling you to create moe challenging Rules.
SPAM filter has recently been improved with known attachments filter. Now, you can quickly and easily block 96 known attachments. If you want others, use the transport rules.
Malware filter is excellant, but like everything else, zero day is still a challenge although EOP seems to catch up quickly
ZAP is my favorite. Mail (even that which has been delivered to Inbox) is continously and dynamically protected. If the reputaton of a sender exceeds limits, and the mail has not yet been read, it moves it out of Inbox into Junk.
Combine all of this with SCL setting, Personal Quarantine (user viewable) and System Quarantine (admin only) and it is doing its job.
Using another vendor as desktop/server protection will enhance your security umbrella.
But, make no mistake, you need to do your part and learn/administer it all - David
We deploy EOP as well as advanced threat protection. The malware filters and ZAP are good, and safe attachments works well, but we find safelinks fails for the majority of phishing stuff that makes it through. and we also have to supplement the filter with transport rules to catch a lot of phishing material that makes it through due to the phishers doing due diligence.