Exchange Online Protection Overview

Securing Your Exchange ServerSpeaker nameTitleMicrosoft corporation

Presentation available @http://ignite.office.comUpdated: Oct. 15, 2013

11/1/20131Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.1.3 Billion messages per day

740 Million Spam messages per day

Today, on an average 1.3 Billion messages are handled in Exchange on a daily basis. Out of these, about 67% of the messages are spam. This highlights the need for email security2Protect communicationsMulti-engine anti-malware and enhanced spam filtering to help protect your email environment from threats

Exchange Online Protection

Enforce policyFlexible tools for policy enforcement that provide the right level of controlStreamlined managementFlexible administration of anti-spam, anti-malware and policy rules

3EOP SLAs:100% known virus detection99% spam detection rateFalse positive ratio of less than 1:250,000 messages99.999% uptime*Average email delivery time of less than 1 minute*

*These elements apply to EOP standalone customers, not to O365 customers

EOP Service Level Agreementshttp://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=3711/1/20134Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.EOP connection to ExchangeSave costly bandwidth by delivering only clean mail to your network Maintain outbound server reputation

Simple to DeployAdd and verify domain ownership, and setup MX recordFine tune anti-malware and anti-spam settingsCreate rules to meet business needsRun Hybrid Wizard to configure connectors

Exchange Online Protection

Exchange Server

Top Catch Rate for Anti-virus and Anti-Spam both in the cloud and on-premisesCloud email gateway blocks spam and viruses before entering networkFor outgoing mail, we also catch outbound spam. If managed on-premises then any outgoing spam in your network could cause your servers to be placed on block lists.

Exchange servers have basic level of built-in virus scanning for internal mail Recommended guidance for Exchange Server 2013 Security: Use EOP + Exchange Server 2013 built-in AV features.

11/1/20135Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.EOP Deployment ScenariosWorks with any SMTP email platform!Every Office 365 customer is an EOP customer Easy transition from EOP stand-alone to Office 365On-premises server - Inbound and Outbound email filtered through EOP

On Premise Corporate NetworkEOP

O365 Exchange OnlineEOP to O365 OnrampMake it easy for me to get started with filteringOnboard to Office 365 Provisioning and Signup infrastructureTake all my investments forwardCommon users and roles used across FOPE and ExOConsistent domain management between FOPE and ExOCommon directory sync (one time configuration)Make is easy to upgradeUpgrading from ExO-FO to ExO-MB reduced to mailbox migration

6

EOP Architecture

EOP Inbound Filtering Email is routed to EOP DCs based on MX record resolution(mail.messaging.microsoft.com)IP-based edge blockingReputation BlockingVirus ScanningAV Engine 1AV Engine 2AV Engine 3SPAM ProtectionSafe Sender/RecipientPolicy EnforcementCustom RulesContent scanning and HeuristicsBulk Mail filteringSPF & Sender ID Filter Quarantine *International Spam*Advanced SPAM managementCustomer FeedbackFalse +ve / -ve

Spam Analysts

Corporate Network

Regular ExpressionsURL Block listsEnvelope blocksForefront blocksAllows/Rejects8Outbound PoolOutbound PoolEOP Outbound FilteringHigh Risk Delivery PoolHigh ScoreOutbound PoolLow Score

SPAM ProtectionContent scanning and HeuristicsAdvanced SPAM managementVirus ScanningAV Engine 1AV Engine 2AV Engine 3

Policy EnforcementCustom Rules Quarantine

Spam Analysts

Corporate Network

Bulk Delivery PoolBulk Mail

InternetEmail EncryptionEOP Improvement: The outbound delivery pools have been extended to have a three way spilt -- normal, high-risk pool, bulk mail. Within the Normal pool we around 10 sub pools delivering normal mail, to help with preserving outbound mail reputation. If any mail is considered to be SPAM and therefore affects our reputation, using multiple outbound pool limits the impact.

In addition, we do pro-active monitoring of external reputation providers, and we can take corrective action before it affects our customers.

11/1/20139Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Directory SynchronizationOn-premisesExchange Online Protection

Office 365 Directory SyncSecure mail flow

Existing email environment Optional configuration to manage users/groups

Office 365 Active Directory Synchronization

Policy rules for specific users/groupsSynchronize Outlook safe/block sender listsThe Hybrid configuration wizard will setup the appropriate connectors for secure mail flow between your on-premises Exchange server and EOP.

Unlike FOPE which had a separate Directory Sync process (DST), EOP can take advantage of the Office 365 DirSync process. This configuration is optional if you want to setup rules based on users/groups or user attributes, or if you want to Sync Outlook safe/blocked senders lists then you need to setup DirSync.

10Management consoleAnti-spam, anti-malware, and policy controls accessed through the Office 365 Admin Center

11/1/201311Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Administration demoThis demo should show the EOP admin console, walk through of different tabs and services. 11/1/201312Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Anti-spam11/1/201313Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.1. Connection filtering Blocks up to 80% of all spam based on IP block/allow lists. 2. Sender-Recipient FilteringBlocks up to 15% of all spam based on internal lists and sender reputation. 3. Content FilteringBlocks up to 5% of all spam based on internal lists and heuristics.

Multi-layered anti-spam protection

2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.11/1/201314Connection filtering Static IP allow/block listOpt-in to Microsoft-maintained reputable sender listContent spam categoriesObvious spamHigh confidence spamContent Filtering ActionsDeleteQuarantineAdd X-HeaderModify SubjectRedirectGranular anti-spam filtering controls

2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.11/1/201315Improved spam blockingBulk Mail control Mark all bulk messages as spam

Block external threats quicklyAdvanced fingerprinting technologies that identify and stop new spam and phishing vectors in real time.

11/1/201316Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.International spamBlock unwanted email based on language or geographic origin

Block email based on languageBlock email based on geography11/1/201317Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Recommendation: Send suspected junk mail to the Outlook junk mail folder. Spam quarantine managed by administrators.Users can manage safe senders and block lists through Outlook.

Junk mail management

18End User Spam NotificationSet Frequency from 1-15 days

Localized ESN

19

Reporting False Negatives and False PositivesOutlook Junk Mail Reporting Tool for missed spamhttp://www.microsoft.com/en-us/download/details.aspx?id=18275 Send spam email as an attachment to abuse@messaging.microsoft.com

Send false positive messages tofalse_positive@messaging.microsoft.com

20

Simple configurationDelete messagesDelete attachments

Robust, customizable notifications

Sender notifications Admin notifications11/1/201321Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Anti-spam demoThis demo Should show the following:

International Spam managementMalware managementDelete Messages/AttachmentsBulk MailEnd User Spam Notification11/1/201322Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Anti-malwareEOP has multi-engine Anti-malware with 100% detection of known viruses.

11/1/201323Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Simple configurationDelete messagesDelete attachments

Robust, customizable notifications

Sender notifications Admin notificationsFOPE would always block; we are introducing a new action that will remove the attachments and then let the message through. But there are two caveats: (1) The actions will be named Delete message (=block) and Delete attachments (=replace or strip).

EOP introduces the ability to remove the attachments of an infected email message, but still deliver the message content. (We attach a note in place of the deleted attachments to inform the recipient that the attachments were removed.) EOP also provides the ability, when configuring sender notifications, to distinguish between inbound and outbound messages. (In FOPE, you had to enable sender notifications for both inbound and outbound or for neither. In EOP, you can enable one without the other, and customize the message for each.)

Exchange 2013 on-premises server vs. EOP. Exchange 2013 Server built-in anti-malware provides only the Microsoft anti-malware engine. The anti-malware configuration is identical to EOP. However, because on-premises administrators have control of the server itself, there is an additional set of configuration that is not available in EOP (through the Set-MalwareFilteringEngine cmdlet). Some of these settings are: the ability to bypass inbound or outbound anti-malware during troubleshooting, configuring update frequency and paths, and some error/timeout behavior.

11/1/201324Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Managing Policy11/1/201325Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Simple Policy ManagementBuilt on Exchange transport rules engine

ConditionsActionsExceptionsConditionsActionsExceptions26Flexible rule conditions

The senderIP matches any of these addressesAttachment scanningAny attachmenthas executable contentThe messagesize exceeds

11/1/201327Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Flexible rule actions

Block or redirect messagesModify messagesApply additional securityRoute messages through specific connectors

11/1/201328Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Rule options

Rules can be configured to run for a specific time period time

Rules can be run in Test Mode

11/1/201329Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Policy management demoThis demo should show:

Creation, edit, enforcement of a rule

11/1/201330Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Built-in granular reporting optionsProvides a clear view on spam filtering and malware attacks

31Reporting

O365 Reports Page11/1/201332Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.ReportingReceived Mail

11/1/201333Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.ReportingSent Mail

11/1/201334Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.ReportingReceived Spam

11/1/201335Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.ReportingMalware Detections

11/1/201336Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.ReportingRule Matches

11/1/201337Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Excel mail protection reportsExcel Workbook available to enable self-service analysis

Connects to the reporting web service Data can be refreshed from within the workbook at any timeDrill through from recent summary data to the underlying detailed information

Excel Workbook can be downloaded from here: http://www.microsoft.com/en-us/download/details.aspx?id=30716

Requires Excel 2013

EOP stores 60 days of summary data, but only 7 days of detail data

38Message tracingPowerful troubleshooting tools for mail flow issues Simple search interface (no required fields)EOP keeps 7 days of dataSubject line text is provided for each messageTop 1000 of the last 48h of message resultsWildcard support for multiple email addresses or domain names. Results include date, from, to, subject, summary status

11/1/201339Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Reporting Demo11/1/201340Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Encryption11/1/201341Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.TLS Network EncryptionOpportunistic TLS enabled by default Forced inbound/outbound transport layer security (TLS) can be set up to secure all routing channels with business regulated partnersMessage-level EncryptionPolicy-based encryption from sender to recipient with no end-user training or software installation provided through Microsoft Exchange Hosted Encryption (EHE)

EncryptionEHE Encryption

Send Encrypted email to any recipient without prior setupEncryption is performed via policy rules and enforced in the EOP cloudIdentity-Based Encryption (IBE) uses email address as ID for public keyEHE saves public keys so users should use strong passwords as their credentialsNo cost for recipient non-licensed userAll replies and forwards remain encrypted for any mail recipientEncrypted emails are not saved by EHE

Data protection at rest

Data protection at rest

Data protection at rest

Information protection using RMS

Data Protection in motionData Protection in motionInformation can be protected with RMS at rest or in motionData protection at rest

RMS enables secure collaboration through encryption for content at rest or in motion with intelligence (Identity and Policy) for content at rest or in motion to enable

Lock up personal data stores with BitLocker / BitLocker to GoEveryday Metaphor: Lock on the front door of your home. Good, but once open, everyone gets in.Great way to protect against lost laptops and other assets but not at a granular level

Rights Management Everyday Metaphor: Certified mail that, when closed, requires re-certification before reuse. Protection for data in the wild with flexible terms-of-use, and transport agnosticGeneric file protection using Rights Protected Folders

SharePoint Secure LibrariesEveryday Metaphor: A well run public Library whose librarian actually asks to see your identityGreat way to host data that can be centralized; data that leaves is protected

Pro-active protection (aka DLP) via Exchange, FOPE, FCI, ISV offers, etc.Everyday Metaphor: A persistent yard caretaker for your digital landscape Volunteer application of RM will only get you so far DLP offers at strategic points does wonders!

Combined, these offers give you protection of lost assets, data in repositories, data in flight (user protected or not), and IT controlled* auditing of data usage.

44RMS over standard approachesFunctionalityRMS in Office 365S/MIMEACLs (Access Control Lists)BitLockerCloud Encryption Gateways (CEGs)Data is encrypted in the cloudEncryption persists with contentProtection tied to user identityProtection tied to Policy (edit, print, do not forward, expire after 30 days)Secure collaboration with teams and individualsNative integration with my services (Content Indexing, eDiscovery, BI, Virus/Malware scanning)Lost or stolen hard diskRMS can be applied to Office documents and PDF using FOX IT pro.Add speaker notes to this slide45Enable RMSRMS can be activated right inside Office 365 Admin console

Enable Rights Management in the tenant adminService Uptime, Recovery Time Objective (RTO), Recovery Point Objective (RPO) are a few ways to measure service continuity.11/1/201346Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.Enable RMSRMS can be applied to Emails

Apply RMS to contentRMS can be applied to SharePoint librariesFiles are protected if they are viewed using Webapps or downloaded to a local machine

RMS can be applied to any Office documents

Service Uptime, Recovery Time Objective (RTO), Recovery Point Objective (RPO) are a few ways to measure service continuity.11/1/201347Microsoft Office365 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.EHE / RMS Demo11/1/201348Microsoft Exchange 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.How do I know my data and private information are safe?To learn more about the steps weve taken to ensure the safety of your data and private information, go to the Office 365 Trust Center.All of the Office 365 Trust Center promises apply to EOP

Protect communicationsMulti-engine anti-malware and enhanced spam filtering to help protect your email environment from threats

Exchange Online Protection

Enforce policyFlexible tools for policy enforcement that provide the right level of controlStreamlined managementFlexible administration of anti-spam, anti-malware and policy rules

50

Q&A

2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.11/1/201354

All statements in this report attributable to Gartner represent Microsoft interpretation of data, research opinion or viewpoints published as part of a syndicated subscription service by Gartner, Inc., and have not been reviewed by Gartner. Each Gartner publication speaks as of its original publication date (and not as of the date of this presentation). The opinions expressed in Gartner publications are not representations of fact, and are subject to change without notice.