Exchange already has quite a robust signature-based malware blocking system built in but is always lagging behind modified and emerging threats. Even with three antivirus engines, the system is largely dependent on being told what malware and viruses are out there. Phishing can also pass by if the website URL in question isn’t on a black list. While these lists are updated regularly, it’s always a game of catch up. Advanced Threat Protection (ATP) changes all that.
For malware, ATP offers Safe Attachments. Safe Attachments will route all email to a hypervisor environment which will scan emails for anything unsafe before routing it any further. The email will be virtually opened in this environment to see if it does anything that looks like virus or malware activity. Only once it is proven benign will it be routed to your inbox.
For phishing, ATP offers Safe Links. Safe Links scans emails containing URLs before delivering them and will remove obviously false ones. It will also check for hidden URLs by deep scanning them to ensure they go where they say they do. It will also “proactively protect users if they click such a link” but Microsoft doesn’t explain how.
Finally, ATP offers a range of reporting and tracing tool for administrators. Admins will be able to run detailed reports on which email addresses are being targeted, what type of attacks are being sent and trace any malicious URLs that are received. They will also have the ability to create their own blacklists to add to the ones already in Exchange.
Advanced Threat Protection isn’t available yet but is in the final stages of development. We expect to see it sometime this summer. It isn’t free either, it will add a premium to per seat costs that are yet to be announced for UK users but have been priced at $2 per seat per month in the US.
Once we have a firm release date and pricing we’ll let you know. In the meantime, if you’re planning to move to the cloud and are interested in Office 365 for your business, Excalibur can help. Contact us today to learn more!