Exchange Online – Protection #Office365 #guru365
June 3, 2013 Leave a comment
Exchange Online is protected by…. Exchange Online Protection. Not the most ‘funky/trendy’ name Microsoft could come up with, but it does what it says on the tin. (Exchange Ronseal?)
It helps combat malware in your email messaging cloud and on-premises environment.
To define what it protects, I’ll further define the terms used;
- Malware – consists of viruses and spyware.
- Viruses – infect other programs and data, and spread throughout your computer and network.
- Spyware – Gathers personal information, such as passwords and usernames and sends it to the author of the spyware ‘application’.
Exchange Online Protection offers a multi-layered malware protection, not only protecting you from inbound malware but protecting you outbound too. (By protecting meaning you don’t infect your happy customers, turning them into unhappy customers).
What Exchange Online Protection consists of;
- Layered defences against malware – Exchange Online Protection uses multiple anti-malware scan enginers to help protect against known and unknown threats. These engines include heuristic detection to provide early protection against an outbreak. This layered solution has been proven to provide more protection than just a single engine.
- Real-time Threat Response – During some outbreaks, the Microsoft Anti-malware team may have gathered enough information to define policies that detect the threat even before it has reached a scan engine, they are published to the network every two hours to provide an additional layer of protection.
- Fast Anti-Malware Definition Deployment – Exchange Online Protection maintains close relationships with partners who develop anti-malware engines. As a result this gives Microsoft the ability to recieve and integrate definitions before public release. The service checks for any updates, every hour.
Internal messages in your organisation are not scanned for malware, it is only for the inbound and outbound traffic received or sent to a mailbox. You can however utilise your onsite Exchange 2013 server to include this type of malware scanning.
Archive files are scanned and the engines are able to drill into compressed files such as .zip/.rar etc
Malware detected emails can be traced through the Exchange Cloud service to find out why a message was detected to contain malware.