Forum Discussion
Quality of Exchange Online Protection
- Sep 17, 2016
For mail, EOP is very good and doing the job. Make sure to learn about Transport Rules. Experience in REGEX is a plus enabling you to create moe challenging Rules.
SPAM filter has recently been improved with known attachments filter. Now, you can quickly and easily block 96 known attachments. If you want others, use the transport rules.
Malware filter is excellant, but like everything else, zero day is still a challenge although EOP seems to catch up quickly
ZAP is my favorite. Mail (even that which has been delivered to Inbox) is continously and dynamically protected. If the reputaton of a sender exceeds limits, and the mail has not yet been read, it moves it out of Inbox into Junk.
Combine all of this with SCL setting, Personal Quarantine (user viewable) and System Quarantine (admin only) and it is doing its job.
Using another vendor as desktop/server protection will enhance your security umbrella.
But, make no mistake, you need to do your part and learn/administer it all - David
We've been using Exchange Online with it's built-in protection for nearly a year and a half now without any additional third-party anti-spam service and I'm quite pleased with it. We're a mid-sized government agency, and before going to Exchange Online we ran a pair of on-prem Barracuda Spam Firewall's which did a very good job of catching and filtering spam.
But really, EOP is one of the better features with Office 365. We've actually seen a reduction from the Barracuda in what actually gets through. It's been nice.
For mail, EOP is very good and doing the job. Make sure to learn about Transport Rules. Experience in REGEX is a plus enabling you to create moe challenging Rules.
SPAM filter has recently been improved with known attachments filter. Now, you can quickly and easily block 96 known attachments. If you want others, use the transport rules.
Malware filter is excellant, but like everything else, zero day is still a challenge although EOP seems to catch up quickly
ZAP is my favorite. Mail (even that which has been delivered to Inbox) is continously and dynamically protected. If the reputaton of a sender exceeds limits, and the mail has not yet been read, it moves it out of Inbox into Junk.
Combine all of this with SCL setting, Personal Quarantine (user viewable) and System Quarantine (admin only) and it is doing its job.
Using another vendor as desktop/server protection will enhance your security umbrella.
But, make no mistake, you need to do your part and learn/administer it all - David
- Victor SafonovApr 10, 2018Copper Contributor
Hello
thank you for the detailed answer. We are basically at the same point right now and thinking if we need a third party or not. Since topic is ~about 2 years old I would like to know what changes are there.
Thank you in advance- David MargossianApr 10, 2018Brass Contributor
Victor,
Definitely a lot of changes in the last few months and all for the better. EOP and ATP (add-on or E5) have been adding features and protection. While I am saying it is far better, I do recommend you engage your Microsoft Account team for better and more accurate informations.
Phishing is a new tag in the headers, and EOP has sensing it better and sending to Junk/Quarantine. More features are being added to GUI based programming and away from Transport rules making it easier to administer.
Lastly, the newly updated Security And Compliance Center have added a lot of features for EOP and ATP. Reporting has also increased with more realtime reports than previous. All in all, lets of improvement in 6plus months and worth looking it. - David
- Victor SafonovApr 11, 2018Copper Contributor
David,
Thanks a lot for update. We are already working with MS team and definitely seeing lots of benefits and new features.
regards