Presentation is loading. Please wait.

Presentation is loading. Please wait.

Scott Schnoll Senior Content Developer Microsoft Corporation Securing Your Exchange Deployment.

Published byKevin Stone Modified over 8 years ago

Similar presentations

Presentation on theme: "Scott Schnoll Senior Content Developer Microsoft Corporation Securing Your Exchange Deployment."— Presentation transcript:

1 Scott Schnoll Senior Content Developer Microsoft Corporation Securing Your Exchange Deployment

2 Agenda Anti-spam and anti-malware Policy and Reporting Encryption Exchange Online Protection

3 Inspirirani ljudima. Anti-spam and Anti-malware

4 ~2.9 million messages per second ~300 billion messages per day ~100 trillion messages per year

5 1.3 billion messages per day 740 million Spam messages per day

6 Multi-layered anti-spam protection Connection filtering Blocks up to 80% of all spam based on IP block/allow lists Sender-Recipient Filtering Blocks up to 15% of all spam based on internal lists and sender reputation Content Filtering Blocks up to 5% of all spam based on internal lists and heuristics

7 Granular anti-spam filtering controls Connection filtering Static IP allow/block list Opt-in to Microsoft-maintained reputable sender list Content spam categories Obvious spam High confidence spam Content Filtering Actions Delete Quarantine Add X-Header Modify Subject Redirect

8 Improved spam blocking Bulk Mail control Mark all bulk messages as spam Block external threats quickly Advanced fingerprinting technologies that identify and stop new spam and phishing vectors in real time.

9 International spam Block unwanted email based on language or geographic origin Block email based on language Block email based on geography

10 Junk mail management Recommendation: Send suspected junk mail to the Outlook junk mail folder Users can manage safe senders and block lists through Outlook Spam quarantine managed by administrators

11 End User Spam Notification Set Frequency from 1-15 days Localized ESN

12 Reporting False Negatives & False Positives Outlook Junk Mail Reporting Tool for missed spam http://www.microsoft.com/en- us/download/details.aspx?id=18275 Send spam email as an attachment to abuse@messaging.microsoft.com Send false positive messages to false_positive@messaging.microsoft.com

13 Simple configuration Delete messages Delete attachments Robust, customizable notifications Sender notifications Admin notifications

14 Simple configuration Delete messages Delete attachments Robust, customizable notifications Sender notifications Admin notifications

15 Inspirirani ljudima. Policy and Reporting

16 Simple Policy Management Built on Exchange transport rules engine Conditions Actions Exceptions Conditions Actions Exceptions

17 Flexible rule conditions The sender…IP matches any of these addresses Attachment scanning Any attachment…has executable content The message…size exceeds

18 Flexible rule actions Block or redirect messages Modify messages Apply additional security Route messages through specific connectors

19 Rule options Rules can be configured to run for a specific time period time Rules can be run in Test Mode

20 Built-in granular reporting options Provides a clear view on spam filtering and malware attacks

21 Reporting O365 Reports Page

22 Reporting Received Mail

23 Reporting Sent Mail

24 Reporting Received Spam

25 Reporting Malware Detections

26 Reporting Rule Matches

27 Excel mail protection reports Excel Workbook available to enable self-service analysis Connects to the reporting web service Data can be refreshed from within the workbook at any time Drill through from recent summary data to the underlying detailed information

28 Message tracing Powerful troubleshooting tools for mail flow issues Simple search interface (no required fields) EOP keeps 7 days of data Subject text provided for each message Top 1000 of the last 48h of message results Wildcard support for multiple email addresses or domain names Results include date, from, to, subject, summary status

29 Inspirirani ljudima. Encryption

30 TLS Network Encryption Opportunistic TLS enabled by default Forced inbound/outbound transport layer security (TLS) can be set up to secure all routing channels with business regulated partners Message-level Encryption Policy-based encryption from sender to recipient with no end-user training or software installation provided through Microsoft Exchange Hosted Encryption (EHE)

31 Exchange Hosted Encryption Send Encrypted email to any recipient without prior setup Encryption is performed via policy rules and enforced in the EOP cloud Encrypted emails are not saved by EHE Identity-Based Encryption (IBE) uses email address as ID for public key EHE saves public keys so users should use strong passwords as their credentials No cost for recipient non-licensed user All replies and forwards remain encrypted for any mail recipient

32 Data protection at rest Information protection using RMS Data Protection in motion Information can be protected with RMS at rest or in motion Data protection at rest

33 RMS over standard approaches FunctionalityRMS in Office 365 S/MIMEACLs (Access Control Lists) BitLockerCloud Encryption Gateways (CEGs) Data is encrypted in the cloud Encryption persists with content Protection tied to user identity Protection tied to Policy (edit, print, do not forward, expire after 30 days) Secure collaboration with teams and individuals Native integration with my services (Content Indexing, eDiscovery, BI, Virus/Malware scanning) Lost or stolen hard disk *RMS can be applied to Office documents and PDF using FOX IT pro.

34 Enable RMS RMS can be activated right inside Office 365 Admin console Enable Rights Management in the tenant admin

35 Enable RMS RMS can be applied to Emails RMS can be applied to SharePoint libraries RMS can be applied to any Office documents Apply RMS to content Files are protected if they are viewed using Webapps or downloaded to a local machine

36 How do I know my data and private information are safe? To learn more about the steps we’ve taken to ensure the safety of your data and private information, go to the Office 365 Trust Center – http://aka.ms/O365TC All of the Office 365 Trust Center promises apply to EOP

37 Inspirirani ljudima. Exchange Online Protection

38 Protect communications Multi-engine anti-malware and enhanced spam filtering to help protect your email environment from threats Enforce policy Flexible tools for policy enforcement that provide the right level of control Streamlined management Flexible administration of anti-spam, anti-malware and policy rules

39 EOP Service Level Agreements EOP SLAs 100% known virus detection 99% spam detection rate False positive ratio of less than 1:250,000 messages EOP Standalone Customer SLAs 99.999% uptime* Average email delivery time of less than 1 minute*

40 EOP Connection to Exchange

41 EOP Deployment scenarios Works with any SMTP email platform! Every Office 365 customer is an EOP customer Easy transition from EOP stand-alone to Office 365 On-premises server - Inbound and Outbound email filtered through EOP On Premise Corporate Network EOP O365 Exchange Online

42 Inspirirani ljudima. EOP Architecture

43 EOP Inbound Filtering Email is routed to EOP DC’s based on MX record resolution (mail.messaging.microsoft.com) IP-based edge blocking Reputation blocking Virus scanning AV Engine 1 AV Engine 2 AV Engine 3 SPAM protection Safe Sender/Recipient Policy enforcement Custom Rules Content scanning and Heuristics Bulk Mail filtering SPF & Sender ID Filter Quarantine *International Spam* Advanced SPAM management Customer feedback False +ve / -ve Customer feedback False +ve / -ve Spam analysts Corporate network Regular expressions URL block lists Envelope blocks Forefront blocks Allows/Rejects

44 Outbound Pool EOP Outbound Filtering High Risk Delivery Pool High Score Outbound Pool Low Score SPAM protection Content scanning and Heuristics Advanced SPAM management Virus scanning AV Engine 1 AV Engine 2 AV Engine 3 Policy enforcement Custom Rules Quarantine Spam Analysts Corporate network Bulk Delivery Pool Bulk Mail Internet Email Encryption

45 Directory Synchronization On-premises Exchange Online Protection Office 365 Directory Sync Secure mail flow Existing email environment

46 Management console Anti-spam, anti-malware, and policy controls accessed through the Office 365 Admin Center

47 Inspirirani ljudima. Summary

48 Exchange provides multi-layered anti-spam and anti- malware protection with granular filtering controls Exchange supports encryption of messages and Office documents in transit and at rest Exchange Online includes built-in granular reporting that provides a clear view on spam filtering and malware attacks Exchange Online Protection can work with any SMTP platform and provide robust inbound and outbound message filtering

49 Inspirirani ljudima. Pitanja i odgovori. Scott Schnoll scott.schnoll@microsoft.com Twitter: @Schnoll Blog: http://aka.ms/Schnoll

50

Download ppt "Scott Schnoll Senior Content Developer Microsoft Corporation Securing Your Exchange Deployment."

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Comprehensive protection Multi-engine antivirus Continuously evolving anti-spam protection Policy enforcement Enterprise class reliability Geographically.

Comprehensive protection Multi-engine antivirus Continuously evolving anti-spam protection Policy enforcement Enterprise class reliability Geographically.
Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.
Exchange Online Protection & Mail Flow

Exchange Online Protection & Mail Flow
Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of servers Across dozens of.

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.
On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing email environment.

On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing environment.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
Curtis Parker | December 2010 | Microsoft Corporation.

Curtis Parker | December 2010 | Microsoft Corporation.
Security and Organizational Governance Anand Lakshminarayanan Senior Product Manager Microsoft Corporation.

Security and Organizational Governance Anand Lakshminarayanan Senior Product Manager Microsoft Corporation.
Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro

Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro
Fact check True or False: Over half of the messages received today in Exchange Online are spam True. About 67 % of all messages are spam True or False:

Fact check True or False: Over half of the messages received today in Exchange Online are spam True. About 67 % of all messages are spam True or False:
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.

Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of.

Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.

Similar presentations

Ads by Google