Forum Discussion

Deleted's avatar
Deleted
Sep 06, 2016

Quality of Exchange Online Protection

We currently run a third party antispam solution in front of Exchange Online and find that we don't get much spam in our mail boxes. Now the agreement on this third party solution is up for renewal a...
  • David Margossian's avatar
    David Margossian
    Sep 17, 2016

    For mail, EOP is very good and doing the job.  Make sure to learn about Transport Rules.  Experience in REGEX is a plus enabling you to create moe challenging Rules.

    SPAM filter has recently been improved with known attachments filter. Now, you can quickly and easily block 96 known attachments.  If you want others, use the transport rules.

    Malware filter is excellant, but like everything else, zero day is still a challenge although EOP seems to catch up quickly

    ZAP is my favorite. Mail (even that which has been delivered to Inbox) is continously and dynamically protected.  If the reputaton of a sender exceeds limits, and the mail has not yet been read, it moves it out of Inbox into Junk.

    Combine all of this with SCL setting, Personal Quarantine (user viewable) and System Quarantine (admin only) and it is doing its job.

    Using another vendor as desktop/server protection will enhance your security umbrella.

     

    But, make no mistake, you need to do your part and learn/administer it all - David

Victor Safonov's avatar
Victor Safonov
Copper Contributor

Hello 
thank you for the detailed answer. We are basically at the same point right now and thinking if we need a third party or not.  Since topic is ~about 2 years old I would like to know what changes are there.
Thank you in advance

David Margossian's avatar
David Margossian
Brass Contributor
Apr 10, 2018

Victor,

Definitely a lot of changes in the last few months and all for the better.  EOP and ATP (add-on or E5) have been adding features and protection.  While I am saying it is far better, I do recommend you engage your Microsoft Account team for better and more accurate informations.

 

Phishing is a new tag in the headers, and EOP has sensing it better and sending to Junk/Quarantine.   More features are being added to GUI based programming and away from Transport rules making it easier to administer.

 

Lastly, the newly updated Security And Compliance Center have added a lot of features for EOP and ATP.  Reporting has also increased with more realtime reports than previous.  All in all, lets of improvement in 6plus months and worth looking it. - David

  • Victor Safonov's avatar
    Victor Safonov
    Copper Contributor
    Apr 11, 2018

    David, 

    Thanks a lot for update. We are already working with MS team and definitely seeing lots of benefits and new features. 
    regards