Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding Microsoft Forefront Online Protection for Exchange Nathan Winters Microsoft Corporation EXL201.

Published byKathlyn Daniel Modified over 9 years ago

Similar presentations

Presentation on theme: "Understanding Microsoft Forefront Online Protection for Exchange Nathan Winters Microsoft Corporation EXL201."— Presentation transcript:

1 Understanding Microsoft Forefront Online Protection for Exchange Nathan Winters Microsoft Corporation EXL201

2

3 FOPE Overview

4 Edge Blocking End User Quarantine Administrator Console Corporate Network Messaging Administrator Employees Inbound Filtered Email About 90% of Email is junk Outbound Filtered Email External Senders/ Recipients Exchange Server Anti-spam Antivirus Policy Automatic Spooling * Encryption * Requires additional Exchange Hosted Encryption License Active Directory FOPE Directory Synchronization Tool Legitimate Email Junk Email Forefront Online Protection for Exchange Multi-layer spam and malware protection with flexible policy enforcement

5

6 Rapid Email Delivery Average delivery commitment of less than 1 minute Network Uptime > 99.999% 100% Known Virus Protection > 98% Spam Detection < 1:250,000 False Positive Ratio Network Performance Spam & Malware Filtering These are part of the Exchange Online SLA & FOPE SLA FOPE SLA only

7 User Inbox User Junk Email Folder Administrator Quarantine Connection Filtering 1 Content Filtering 3 Sender-Recipient Filtering 2 Blocks up to 80% of all spam based on IP block/allow lists. Blocks up to 5% of all spam based on internal lists and heuristics. Blocks up to 15% of all spam based on internal lists and sender reputation. Connection Filtering Sender-Recipient Filtering Content Filtering Filtering based on connection, sender, recipient and content for best results

8 SPAM Protection Safe senders Spam Prevention If server down, E-mail queued for up to 5 days E-mail enters the global data center network – MX (mail.messaging.microsoft.com) Directory Services SPAM prevention IP Reputation based Filtering Reputation database Mail addressed to non existent users if rejected Mail form IP Spammers are blocked Look up e-mail filtering settings for domain Virus Scanning Engine 1 Engine 2 Engine 3 Policy Enforcement Custom Policy Rules Attachment and message attribute management Custom Spam Filter management Rules Based Scoring Fingerprint Engines Content and Policy Quarantine SPAM Quarantine SPAM E-mail server available? Delivered in a flow-controlled fashion when server is available Queue Mailbox Store SPAM SMTP Reject: 5xx Spam Analysts Customer Feedback False +ve / -ve Customer Feedback False +ve / -ve Sync SEWRSEWR

9 Look up e-mail filtering settings for domain Virus Scanning Engine 1 Engine 2 Engine 3 Policy Enforcement Custom Policy Rules Attachment and message attribute management SPAM Protection Custom Spam Filter management Rules Based Scoring Fingerprint Engine Content and Policy Quarantine Mail Server High Risk Delivery Pool High Risk Delivery Pool High Spam Score Outbound Pool Low Spam Score Safe senders

10 FOPE http://www.microsoft.com/exchange/en-us/forefront-online- protection-for-exchange.aspx Setup and Configuration

11

12

13 demo Name Title Group Administration

14

15

16

17

18

19

20

21

22

23 FOPE Managing Junk Mail

24

25 Direct access to Junk Mail folder Block/allow senders directly within message Manage safe/block sender lists directly in Outlook or Outlook Web App Default approach: users manage junk mail in Outlook/OWA Junk Mail Management in Exchange Online

26 Junk Mail Management (cont.) Flexibility to use FOPE Spam Quarantine

27

28 FOPE Connectors and Policies

29 Outbound Connector (controls email sent from your domain) Inbound Connector (controls email sent to your domain) Source IP Source Domain Reject non Source IP Opportunistic TLS Forced TLS Spam Connection Policy Opportunistic TLS Forced TLS Smart host MX Destination domain

30

31

32

33 Encryption via policy rules & enforced in the FOPE cloud; based on Voltage SecureMail technology Identity-Based Encryption (IBE) uses email address as ID for public key No cost for recipient non-licensed user All replies and forwards remain encrypted for any mail recipient Encrypted emails are not saved by EHE Send encrypted mail to anyone; no prior setup by / for external recipients

34 Use FOPE Admin Center for these tasks Track messages outside your organization Perform transport-related tasks not available in transport rules: Specific header attributes Custom dictionaries, character sets Actions such as quarantine or encrypt Configure org-wide safe/blocked senders Configure granular antispam settings (e.g. backscatter, SPF) View reports on spam/virus filtering Configure forced TLS Track messages within your organization Set up transport rules to: Add disclaimers to e-mails Look for keywords and regular expressions in attachments Block e-mail sent to the outside world (by sender, domain, etc) Moderate e-mail delivery Configure journaling of e-mails to external archive Use Exchange Admin Tools for these tasks

35 FOPE Mail Routing Basics

36 Mailboxes BUSINESS PARTNER FOPE Edge Policy Spam woodgrovebank.com contoso.com Mailboxes Outbound Connector Inbound Connector Maintain secure and trusted communication channel with partners Avoid email interception/ eavesdropping Virus* Opportunistic TLS is on by default for Office 365 customers (no action is required to enable it) Inbound Forced TLS option can be used to secure end-to-end communication ON-PREM / HOSTED *Virus scanning is performed by FPE for O365 tenants

37

38 FOPE Edge Policy Spam From: Joe@contoso.com To: sales@fabrikam.com From: Joe@contoso.com To: sales@fabrikam.com Contoso.mail.onmicrosoft.com DLP appliance or service INTERNET Mailboxes Outbound Connector Value Proposition Use data leakage protection (DLP) or encryption appliances from third parties Perform custom processing or address rewrite Maintain “total mail control” during coexistence (inbound and outbound mail is all routed through on-prem server contoso.com Virus* EXCHANGE ONLINE / ON PREM *Virus scanning is performed by FPE for O365 tenants ON PREMISES / HOSTED JOURNAL

39

40 FOPE Edge Policy From: jane@fabrikam.com To: salesman@contoso.com From: jane@fabrikam.com To: salesman@contoso.com contoso.com fabrikam.com Mailboxes SAFE-LISTED PARTNER Inbound Connector Value Proposition Reduce the chance of false positives (legitimate email from trusted partner being flagged as spam) Virus* Spam *Virus scanning is performed by FPE for O365 tenants EXCHANGE ONLINE / ON PREM

41

42 FOPE Mail Routing for O365 Hybrid

43 MX record pointed to the cloud MX record pointed on-premises

44 Mailboxes ON-PREMISES Customer Mail Processing/Filtering EXCHANGE ONLINE Mailboxes FOPE Edge Policy Spam INTERNET Inbound From: sales@fabrikam.com To: Joe@contoso.com Inbound From: sales@fabrikam.com To: Joe@contoso.com contoso.com Outbound Exchange Send Connector Inbound FOPE Connector Virus* *Virus scanning is performed by FPE for O365 tenants Contoso.mail.onmicrosoft.com

45 Mailboxes ON-PREMISES Customer Mail Processing/Filtering EXCHANGE ONLINE Mailboxes FOPE Edge Policy Spam INTERNET Outbound From: joe@contoso.com To: sales@fabrikam.com Outbound From: joe@contoso.com To: sales@fabrikam.com contoso.com Outbound FOPE Connector Inbound Exchange Receive Connector Virus* Contoso.mail.onmicrosoft.com

46 EXCHANGE ONLINE Mailboxes FOPE Edge Virus Policy Spam Mailboxes ON-PREMISES Customer Mail Processing/Filtering Intra Org From: salesman@contoso.com To: Joe@contoso.com Intra Org From: salesman@contoso.com To: Joe@contoso.com contoso.com Outbound Exchange Send Connector Inbound FOPE Connector Contoso.mail.onmicrosoft.com

47 Mailboxes ON-PREMISES Customer Mail Processing/Filtering EXCHANGE ONLINE Mailboxes FOPE Edge Policy Spam INTERNET Inbound From: sales@fabrikam.com To: Joe@contoso.com Inbound From: sales@fabrikam.com To: Joe@contoso.com contoso.com Outbound FOPE Connector Inbound Exchange Receive Connector Virus* Shared Address Space with FOPE Relay (MX Points to FOPE O365) – Inbound *Migration to FOPE / Office 365 Contoso.mail.onmicrosoft.com

48 Mailboxes ON-PREMISES Customer Mail Processing/Filtering EXCHANGE ONLINE Mailboxes FOPE Edge Policy Spam INTERNET Outbound From: Joe@contoso.com To: sales@fabrikam.com Outbound From: Joe@contoso.com To: sales@fabrikam.com contoso.com `Exchange Send Connector Virus* Inbound FOPE Connector Contoso.mail.onmicrosoft.com

49

50

51 EXL301 – Archiving in the Cloud with Exchange Online Archiving (EOA) EXL303 – Configuring Hybrid Exchange the Easy Way Today – EXL307 – Using a Load balancer in your Exchange 2010 environment

52 Geek Out with Perry Blog: http://blogs.technet.com/b/perryclarke/http://blogs.technet.com/b/perryclarke/ Exchange Team Blog: http://blogs.technet.com/b/exchange/http://blogs.technet.com/b/exchange/ Exchange TechNet Tech Center: http://technet.microsoft.com/exchangehttp://technet.microsoft.com/exchange MEC Website and Registration: http://www.mecisback.com/http://www.mecisback.com/

53

54 Connect. Share. Discuss. http://europe.msteched.com Learning Microsoft Certification & Training Resources www.microsoft.com/learning TechNet Resources for IT Professionals http://microsoft.com/technet Resources for Developers http://microsoft.com/msdn

55 Evaluations http://europe.msteched.com/sessions Submit your evals online

56

57

Download ppt "Understanding Microsoft Forefront Online Protection for Exchange Nathan Winters Microsoft Corporation EXL201."

Similar presentations

Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Comprehensive protection Multi-engine antivirus Continuously evolving anti-spam protection Policy enforcement Enterprise class reliability Geographically.

Comprehensive protection Multi-engine antivirus Continuously evolving anti-spam protection Policy enforcement Enterprise class reliability Geographically.
Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.

Microsoft ® Exchange Online Advanced Security Name Title Microsoft Corporation.
Overview of Server Roles in Exchange Server 2010 In Exchange Server 2010, servers are installed with specific functional roles: Mailbox Server role Edge.

Overview of Server Roles in Exchange Server 2010 In Exchange Server 2010, servers are installed with specific functional roles: Mailbox Server role Edge.
Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of servers Across dozens of.

Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of servers Across dozens of.
On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing email environment.

On-premises Exchange Online Protection Office 365 Directory Sync ADFS (optional) Single sign on Secure mail flow Existing environment.
Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.

Module 6 Implementing Messaging Security. Module Overview Deploying Edge Transport Servers Deploying an Antivirus Solution Configuring an Anti-Spam Solution.
Curtis Parker | December 2010 | Microsoft Corporation.

Curtis Parker | December 2010 | Microsoft Corporation.
Security and Organizational Governance Anand Lakshminarayanan Senior Product Manager Microsoft Corporation.

Security and Organizational Governance Anand Lakshminarayanan Senior Product Manager Microsoft Corporation.
Unified. Simplified. Unified Communications Launch 2007.

Unified. Simplified. Unified Communications Launch 2007.
Microsoft Ignite /16/2017 1:30 PM

Microsoft Ignite /16/2017 1:30 PM
Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro

Forefront Online Protection for Exchange Renato Francesco Giorgini Evangelist IT Pro
Fact check True or False: Over half of the messages received today in Exchange Online are spam True. About 67 % of all messages are spam True or False:

Fact check True or False: Over half of the messages received today in Exchange Online are spam True. About 67 % of all messages are spam True or False:
What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.

What’s New in WatchGuard XCS 10.0 Update 3 WatchGuard Training.
Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.

Understanding Microsoft Forefront Online Protection for Exchange Robert Gillies Solution Architect Microsoft Corporation EXL201.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.

Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of emails a day Using Thousands of.

Security challenges Used by many 100,000s of customers Used by many 10,000,000s of users Processing Billions of s a day Using Thousands of.
Office 365 SMTP Relay June 2013. Relay Method Send to rcpts in domain Relay to Internet via O365 Configuration Requirements Requires Authentication.

Office 365 SMTP Relay June Relay Method Send to rcpts in domain Relay to Internet via O365 Configuration Requirements Requires Authentication.
Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.

Exchange 2010 Overview Name Title Group. What You Tell Us Communication overload Globally distributed customers and partners High cost of communications.
Agenda Next Generation Antispam Protection Forefront Overview Forefront Security for Exchange Server Forefront Online Security for Exchange Hybrid Software.

Agenda Next Generation Antispam Protection Forefront Overview Forefront Security for Exchange Server Forefront Online Security for Exchange Hybrid Software.

Similar presentations

Ads by Google