Cloud Girl's Microsoft Blog

Exchange Online Advanced Threat Protection

Nicole Sheridan - Friday, July 17, 2015

Exchange online plans 1 & 2 both come with a fairly sound spam and malware filter that can be modified by the user where required. But with the increasing number of hackers and their increasing knowledge of IT Infrastructure, some users require more advanced protection. With this in mind, Microsoft have released Advanced Threat Protection. This will be available on the August price list so can be bought through Open from August 1st! Customers buying direct from Microsoft can buy now through their existing portal! 

What does it do? 

It protects against unknown attacks; by protecting against unsafe attachments and expanding protection against malicious links, it complements the security features of Exchange Online Protection to provide better zero-day protection.

Safe attachments: 

Prevent malicious attacks hidden in attachments from impacting your business, even if the origin and DNA of the attack is not known. This is done by using real-time behavioral malware analysis that uses machine learning techniques to evaluate the content for suspicious activity. All messages and attachments that don’t have a known virus/malware signature are routed to a special hypervisor environment, where a behavior analysis is performed using a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the message is released for delivery to the mailbox.

Safe Links: 

Exchange Online already scans content from links sent in mail, Safe Links expands on this by protecting your entire environment when you do click that link! Office365 will rewrite the URL’s as they are being scanned and they will then go through real time examination. If a link is unsafe, the user is warned not to visit the site or informed that the site has been blocked. Reporting is available, so administrators can track which users clicked a link and when they clicked it. 

ATP Reporting Tool

Track who in your organization is being targeted by malicious attacks, investigate messages that have been blocked due to unknown viruses or malware, while URL trace capability allows you to track individual malicious links in the messages that have been clicked.

Who can use ATP?

Any individual or group within your organization can buy this new feature, it doesn’t have to be licensed organization wide. If you have users who use exchange on premise, they must have exchange online protection in order to add Advanced Threat Protection. 
Advanced Threat Protection will also be built into the New Enterprise E3 plan when it is released later this year! 

Comments ((Disabled)) | Trackbacks (0) | Permalink