Monday, October 1, 2012

Introducing Exchange Online Protection (EOP)

If you have yet to hear, Microsoft has retired their entire Forefront product suite.  For products which will continue such as Forefront Identity Manager, these products have been moved to the System Center product suite.

As part of this move to remove the Forefront product family, Forefront protection for Exchange (FPE) and Forefront Online Protection for Exchange (FOPE) are also being removed.
Forefront Protection for Exchange (FOPE) is being replaced with a new product called Exchange Online Protection (EOP).  When I say new, it is actually the next release of FOPE.  Exchange Online Protection is an online Microsoft cloud service for filtering email.  It can be implemented for both cloud based Exchange customers such as Office 365 as well as on-premises implementations of Exchange.

In terms of Forefront Protection for Exchange (FPE), a product which is installed on a Windows server in the customers environment - there is no replacement I'm currently aware of.  Apart from the integrated spam filtering functionality which comes as part of Microsoft Exchange, Microsoft do not offer an on-premises product which customers can install for filtering email spam.  Customers will be encouraged moving forward to adopt Microsoft's online cloud services for filtering spam which can be found under EOP.

Exchange Online Protection offers customers the following functionality:

  • URL lists for spam filtering that block messages containing specific URLs within their message body. EOP includes additional lists beyond those available in FOPE.
  • The ability to skip spam filtering for trusted senders, based on subscription lists
  • The ability to filter messages written in specific languages, or sent from specific countries or regions
  • Malware filtering that can delete and strip unsafe attachments
  • The capacity to mark bulk email (such as advertisements) as spam through the user interface
  • The capability to search for, view, or release quarantined email messages in the EAC
  • Transport rules which you can use to control mail flow, based on a message’s content
  • Message tracing capability, which allows you to search for and view details about a specific message
  • Inbound connectors and outbound connectors you can use to enforce secure communication between you and a partner, or to make hybrid mail flow (where you host a portion of your mailboxes on-premises and a portion in the cloud) possible New reports, which you can use to monitor your organization’s mail flow, available in the Office 365 portal, by using a Microsoft Excel download application, or by using a Web service.
Previously FOPE had a seperate user interface to Office 365 for users to manage spam settings.  Microsoft has now consolidated this under the new Exchange Administrative Center (EAC).  For Exchange Online (Office 365) customers, EOP has now been intergrated directly into the EAC console, however for on-premises customers users will still need to go to another web address to access the online EAC for configuring Exchange Online Protection.
Below is a screenshot of the configuation interface for Exchange Online Protection (EOP):


  1. Clint, in the light of Microsoft getting rid of their Forefront product line, do you see Exchange Online Protection having a long life, or is it next on the chopping block?

  2. 55000 user migration pending to FOPE from legacy on-premise. Would you wait for EOP to go live?

    Rollling out a new service only to have it change is a huge communicaiton headache!

    Do you know if we can migrate to EOP instead of FOPE?

  3. The Forefront brand was dropped but many of the technologies live on under other umbrellas: UAG, EOP (Office 365), FIM, and System Center Endpoint Protection (Antivirus). EOP is an integral part of Office 365, which is a big bet for MSFT. EOP is also in use by many Exchange on-prem customers. The chances of EOP being on the chopping block are next to NIL. From what I know, updates are planned, adoption is growing and it necessary in order to offer cloud hosted email.

  4. Thanks for this article !

    Secure email should be an issue for everyone, especially when used for business communication...