Presentation is loading. Please wait.

Presentation is loading. Please wait.

Exchange Online Advanced Threat Protection

Published byErwin Kohler Modified over 6 years ago

Similar presentations

Presentation on theme: "Exchange Online Advanced Threat Protection"— Presentation transcript:

1 Exchange Online Advanced Threat Protection

2 Evolving threat space Any new outbreak consists of two parts
Original Virus or URL Mass Virus or URL infections Mass Virus or URL infections Virus and URL Outbreak New variant Any new outbreak consists of two parts Zero hour attack Elongated period of attack Traditional AV/AS cannot protect against zero day attack comprehensibly Attackers can go completely unnoticed during zero day attack

3 Evolving threat space Short-span attacks can be just minutes to hours
Serial variant attacks Short-span attacks can be just minutes to hours Serial variant attacks generally repeat pattern every few hours T=0 T=5 T=10 T=15 T=100 Phisher creates malicious domain First phishing message sent Phishing message lands in user inbox Domain classified as malware on URL block lists User clicks on link in message Attacker can easily change the links in the message after mail is delivered

4 Exchange Online advanced threat protection
Protection against unknown malware/virus Behavioral analysis with machine learning Admin alerts Time of click protection Real time protection against Malicious URLs Growing URL coverage Rich reporting and tracing Built-in URL trace Reports for advanced threats 4 pillars

5 Suspicious attachment
Service architecture Safe Multiple filters + 3 antivirus engines with Exchange Online protection Malicious links Recipient Safe links rewrite Unsafe Suspicious attachment Detonation chamber (sandbox) Executable? Registry call? Elevation? ……? Sender

6 Safe attachments Protect against zero day exploits in attachments by blocking messages Provides admins visibility into compromised users Leverages sandboxing technology IP + envelop filter Signature- based AV Blocking known exploits EOP user without ATP with ATP Antispam filter

7 Safe attachment—experience
Admin sets policy Admin gets notification if message is blocked

8 Rewriting URLs to redirect to a web server
Safe links IP + envelop filter Signature- based AV Blocking known exploits EOP user without ATP Antispam filter Rewriting URLs to redirect to a web server with ATP User clicking URL is taken to EOP web servers for the latest check at the “time of click” Web servers perform latest URL reputation check Protect against sites with malicious content, phishing sites Provides admins visibility into compromised users Rewriting the URLs to proxy them through another server

9 Safe links—experience
Users notified if a malicious link is clicked in Admin sets policy

10 Rich reporting and click trace
Admins have complete visibility into who clicked on what links Reporting by file types and disposition

11 Purchasing Exchange Online ATP
Customer Channel at launch ERP at launch All commercial customers Direct, CSP, Open, MPSA, and EA channels $2 per user per month Multi-tenant government customers Direct, Open, MPSA, and EA channels at an ERP of $1.75 per user per month at launch $1.75 per user per month Office 365 Government Community Cloud (GCC), and Office 365 Nonprofit customers Not available Office 365 Education Customers Direct, Open, and EES $1.40/ Faculty/month $.70/Student/Month

12

Download ppt "Exchange Online Advanced Threat Protection"

Similar presentations

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of servers Across dozens of.

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.
What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via email, text message, online chat, blogs or various other.

What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.

 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.

Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.
What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.

What’s New in Exchange Online. Disclaimer This presentation contains preliminary information that may be changed substantially prior to final commercial.
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
CensorNet Ltd An introduction to CensorNet Mailsafe Presented by: XXXXXXXX Product Manager Tel: XXXXXXXXXXXXX.

CensorNet Ltd An introduction to CensorNet Mailsafe Presented by: XXXXXXXX Product Manager Tel: XXXXXXXXXXXXX.
Phishing and Intrusion Prevention Tod Beardsley, TippingPoint (a division of 3Com), 02/15/06 – IMP-201.

Phishing and Intrusion Prevention Tod Beardsley, TippingPoint (a division of 3Com), 02/15/06 – IMP-201.
Sushant Rao, Senior Product Manager www.mailfrontier.com Emerging Threats: Stop Spam, Virus, and Phishing Outbreaks through End-to-End Attack Monitoring.

Sushant Rao, Senior Product Manager Emerging Threats: Stop Spam, Virus, and Phishing Outbreaks through End-to-End Attack Monitoring.
Director of Research, SANS Institute

Director of Research, SANS Institute
B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel 434920317 1.

B OTNETS T HREATS A ND B OTNETS DETECTION Mona Aldakheel
Hosted Security: Complete Protection With A Peace Of Mind Leonard Sim Client Services Manager – South Asia Symantec Hosted Services 1.

Hosted Security: Complete Protection With A Peace Of Mind Leonard Sim Client Services Manager – South Asia Symantec Hosted Services 1.
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
The Changing World of Endpoint Protection

The Changing World of Endpoint Protection

Similar presentations

Ads by Google