Forum Discussion
Quality of Exchange Online Protection
For mail, EOP is very good and doing the job. Make sure to learn about Transport Rules. Experience in REGEX is a plus enabling you to create moe challenging Rules.
SPAM filter has recently been improved with known attachments filter. Now, you can quickly and easily block 96 known attachments. If you want others, use the transport rules.
Malware filter is excellant, but like everything else, zero day is still a challenge although EOP seems to catch up quickly
ZAP is my favorite. Mail (even that which has been delivered to Inbox) is continously and dynamically protected. If the reputaton of a sender exceeds limits, and the mail has not yet been read, it moves it out of Inbox into Junk.
Combine all of this with SCL setting, Personal Quarantine (user viewable) and System Quarantine (admin only) and it is doing its job.
Using another vendor as desktop/server protection will enhance your security umbrella.
But, make no mistake, you need to do your part and learn/administer it all - David
EOP works fine for our customers. And if they want (extra) protection against zero-day exploits have a look at https://products.office.com/en-us/exchange/online-email-threat-protection