BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Microsoft Exchange Online Protection is a cloud-based service that provides email security gateway functionality for Microsoft Exchange users. This functionality involves detecting and blocking common email-transmitted threats, including spam, malware and phishing attempts, thus preventing many attacks from reaching their destinations and possibly succeeding in compromising data and systems. Email security gateways are needed by most organizations to block attacks and greatly reduce the volume of malicious emails reaching users.
There is only a single version of Microsoft Exchange Online Protection: a public cloud-based service. It is used to complement organizations' Microsoft Exchange implementations.
The Microsoft Exchange Online Protection service focuses on providing fundamental security capabilities: antivirus, antimalware, antiphishing and antispam. The only advanced security feature supported by Microsoft EOP is message tracing; Microsoft Exchange Online Protection does not support executable sandboxing, threat intelligence feeds, data loss prevention, email encryption or any other advanced security features. Of all the major email security gateway offerings, the Microsoft Exchange Online Protection service has the fewest security features.
The Microsoft Exchange Online Protection service is designed to block 99% of spam emails and 100% of emails containing known viruses. Further, Microsoft's service should have a false positive rate below 1 in 250,000.
Microsoft Exchange Online Protection is available for a small recurring payment -- the base price listed on Microsoft's site is $1.00 per user per month.
A link to a free trial is also available.
The Microsoft Exchange Online Protection service may be of interest to organizations with Microsoft Exchange implementations that currently lack some fundamental security capabilities, such as antiphishing technologies.
Organizations that already have these fundamental capabilities and are seeking to add advanced security features to their enterprises should consider other email security gateway products which provide executable sandboxing and threat intelligence feed support at a minimum.
In part one of this series, learn the basics of email security gateways in the enterprise
In part two of this series, read about the enterprise use cases for email security gateways
In part three of this series, find out about the purchasing criteria for email security gateway products
In part four of this series, compare the best email security gateways in the industry