Editor’s note 11/7/2016
Post was updated to reflect that Exchange Online Advanced Threat Protection is now Office 365 Advanced Threat Protection.
Today’s post on Office 365 Advanced Threat Protection was written by Shobhit Sahay, technical product manager for the Office 365 team.
Today, Office 365 provides robust email protection against spam, viruses and malware with Office 365 Protection (EOP). But as hackers around the globe launch increasingly sophisticated attacks, many organizations are seeking tools that provide advanced protection. That’s why we are pleased to introduce Office 365 Advanced Threat Protection (ATP), a new email filtering service that provides additional protection against specific types of advanced threats. ATP is currently in private preview and is expected to be available this summer as an optional service for Office 365 commercial customers
ATP for Office 365 delivers the following benefits:
- Protection against unknown malware and viruses—Today EOP employs a robust and layered anti-virus protection powered with three different engines against known malware and viruses. ATP extends this protection through a feature called Safe Attachments, which protects against unknown malware and viruses, and provides better zero-day protection to safeguard your messaging system. All messages and attachments that don’t have a known virus/malware signature are routed to a special hypervisor environment, where a behavior analysis is performed using a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the message is released for delivery to the mailbox.
- Real time, time-of-click protection against malicious URLs—EOP scans each message in transit in Office 365 and provides time of delivery protection, blocking any malicious hyperlinks in a message. But attackers sometimes try to hide malicious URLs with seemingly safe links that are redirected to unsafe sites by a forwarding service after the message has been received. ATP’s Safe Links feature proactively protects your users if they click such a link. That protection remains every time they click the link, as malicious links are dynamically blocked while good links can be accessed.
- Rich reporting and URL trace capabilities—ATP also offers rich reporting and tracking capabilities, so you can gain critical insights into who is getting targeted in your organization and the category of attacks you are facing. Reporting and message tracing allows you to investigate messages that have been blocked due to an unknown virus or malware, while the URL trace capability allows you to track individual malicious links in the messages that have been clicked.
Watch this Office mechanics show where we cover these capabilities in greater detail:
We eagerly look forward to releasing this new service and to hearing your feedback.
Frequently asked questions
Q. How can I purchase this new service and how is it priced?
A. Office 365 ATP will be available for purchase to all commercial customers for $2 per user per month. It will also be available to Government Pricing customers for $1.75 per user per month.
Q. Is the service available to Office 365 Government Community Cloud (GCC), Office 365 Education and Office 365 Nonprofit customers?
A. At launch, Office 365 ATP will only be available to Office 365 commercial and multi-tenant Government (Government Pricing) customers. It will not be available to Office 365 Government Community Cloud (GCC), Office 365 Education and Office 365 Nonprofit customers.
Q. When is this capability being released? Can I get early access?
A. We are currently doing a private preview of this service with select customers. If you are interested, please reach out to us through your Microsoft account team. We are currently on track to release the service to broadly this summer.
Q. Can I use Office 365 ATP for part of my organization, or do I need to use it for everyone?
A. You can assign ATP to everyone or to a specified group of users.
Q. Can on–premises customers make use of this new service?
A. Yes, on-premises customers can use this service so long as they already use Exchange Online Protection (EOP) for inbound email filtering.