Microsoft’s Exchange Online Protection (EOP) Explained in Simple Terms

Microsoft’s Exchange Online Protection (EOP) Explained in Simple Terms

Companies send and receive potentially hundreds of emails internally and externally every day. Even after the advent of instant messaging and business communication platforms (like Skype for Business and Microsoft Teams), email remains yet in use. However, emails contain attachments that could potentially pose risks to your organization. If you (or your employees) are not particularly careful about the attachments you open on your work computers, your network security could be rather easily breached.

Fortunately, if you use any edition of the Microsoft Office 365 productivity suite that includes Exchange Online (such as Office 365 E1, Office 365 E3, and Office 365 E5), you are protected by the Exchange Online Protection (EOP) by Microsoft. But wait, what is Exchange Online Protection? Let us find out!

What is Exchange Online Protection (EOP)?

Exchange Online Protection is Microsoft’s cloud-based email security service that filters out spam and malicious emails from your inbox. You can purchase it separately or as part of any Microsoft Office 365 edition that includes Exchange Online like Office 365 Enterprise E3 or Office 365 Enterprise E5. Microsoft’s Exchange Online Protection pricing depends on the number of users you need to secure on a monthly basis.

How does Exchange Online Protection (EOP) Work?

EOP offers both inbound email protection as well as outbound email protection. Let us go through each in detail.

Microsoft EOP Inbound Email Protection

Microsoft EOP works by receiving all incoming emails on your behalf to one of its data centers across the world where it deeply scans them for malware or spam before approving and sending them to you.

Technically, Exchange Online Protection’s functioning can be explained in five steps.

  1. Sender’s incoming email is routed to one of Microsoft EOP datacenters.
  2. EOP applies the connection filtering rules set up by the company and accepts or blocks incoming email depending on its IP. Any inbound emails from a blocked IP are rejected and deleted automatically.
  3. EOP evaluates the incoming email with its anti-malware settings and deletes it automatically if the email is deemed to be malicious.
  4. EOP applies policy filtering (transport rules) to the email meaning that if the receiver has set up custom rules for the incoming email, they are enforced. For example, EOP could be configured to automatically delete inbound emails from specific senders.
  5. EOP applies the content filtering rules where it scans the email content and tries to find properties of spam. Depending on the receiver’s settings, this email may either be sent to their inbox or junk folder.
  6. Finally, the incoming email is received by the intended recipient if it cleared all previous checkpoints.

Refer to the given diagram to understand how Exchange Online Protection (EOP) works.

Diagram showing how Exchange Online Protection (EOP) works.

Microsoft EOP Outbound Email Protection

Microsoft EOP’s outbound email protection works like its inbound counterpart, but unlike the inbound protection settings, the IT administrator has no control over Microsoft EOP’s outbound email delivery rules. EOP applies outbound connection filtering and content filtering to a company’s outgoing emails and may prevent them from being delivered to the recipient if it (EOP) deems them as spam or malicious. If an Office 365 customer continues sending outbound emails that are frequently marked as spam by EOP’s outbound email protection, his/her account shall be blocked from sending emails altogether and the respective administrator will be notified.

Such restrictions are part of Microsoft’s efforts to prevent its customers from being blacklisted as spammers by other parties.

Does Exchange Online Protection (EOP) Protect On-Premises Servers?

Yes. If your company handles email hosting through on-premises infrastructure, you can still benefit from the Microsoft EOP standalone subscription; another option is to opt-in for a separate Microsoft Exchange Online plan which includes EOP. You can add the Data Loss Prevention (DLP) function to your EOP by opting for the Exchange Enterprise CAL.

Why Does Your Company Need Exchange Online Protection (EOP)?

Exchange Online Protection (EOP) is an efficient anti-spam and anti-malware cloud-based security feature. If you own any edition of Office 365 that includes Exchange Online, you are already protected by Microsoft’s security standards. However, in case you are running some edition of Microsoft Exchange Server on your physical infrastructure, you may still consider getting an Exchange Online Protection standalone subscription because it lets you completely control inbound email delivery. A single piece of malicious code could completely compromise your company, so you cannot afford to take chances when it comes to security.

If you manage your company’s email servers through on-premises infrastructure, consider migrating to Office 365. Apps4Rent offers various plans to suit your business requirements, and you get Exchange Online Protection (EOP) automatically with every edition of Office 365 (except Office 365 Business Plan and Office 365 Pro Plus Plan) at no extra cost.

We understand that you may be using third-party email anti-spam and anti-malware applications, but it may be more cost-effective and prudent for your company to switch to Microsoft EOP especially when you do not need to shell out additional dollars for the same as an Office 365 customer.

    Submit Your Requirement

    Comments are closed.