ATP in Office 365 E5

What’s it All About?

ATP in Office 365 E5: What’s it all about?

These endless acronyms! Every company uses them, and the Microsoft universe is jam-packed with them as well. For instance we may encounter product acronyms like SPE and EMS or abbreviated features like the one used in today’s topic: ATP, or Advanced Threat Protection. It is a security feature in the Office 365 E5 Plan. Anton Neidel explains what functions the ATP in Office 365 E5 provides and how it works.

My previous article on the Office 365 E5 Plan touched on this particular feature. The term E5 will probably make you think immediately of communication. But besides this feature, there are other areas that receive a lot of attention – analysis and security.

Hard Facts About Security Vulnerabilities

Let’s start things off with a short story.

Security vulnerability scenario, source: Anton Neidel

The world is changing, and IT is no different. So it’s only logical that security requirements are evolving as well. A study by the Gartner Group reveals that $20 billion were spent on security software in 2012. This number is predicted to reach $94 billion by the end of 2017. When asked about their antivirus protection, companies will usually answer that they have a product byKaspersky, TrendMicro, McAfee, or Microsoft.

These solutions have indeed proven effective in the past, but they are becoming increasingly inefficient.
In 2010 the German research Institute AVTEST estimated that there are 49 million malware programs in the wild. McAfee reported in 2011 that two million viruses are discovered each month. In turn, Kaspersky Lab announced in 2013 that around 200,000 new malware programs are identified and neutralized every day.

But what is truly alarming is how long it takes to even detect malware once it has been released into circulation. For instance, researchers at Kaspersky Lab in Moscow discovered in 2012 that a highly complex and hitherto unknown piece of malware called FLAME had been doing the rounds for five years already, stealing data from information systems around the world. FLAME truly represented a failure of the antivirus industry, and most likely brought the entire antivirus software era to an end.

Office 365 Exchange Online: What is This Basic Protection Good For?

Office 365 Exchange Online

Microsoft Office 365 Exchange Online offers a built-in basic security system in the Exchange Online Protection (EOP) feature. EOP has the following options:

  • Anti-Spam protection
  • Spam management
  • Protection against malware
  • Transport rules
  • Reporting and logging

EOP and its market compatriots are powerless in the face of zero day attacks. A zero day attack describes malware that is entirely unknown to your virus protection and therefore remains undetected. This means that new solutions are necessary, i.e. the existing ones need to be expanded.

Advanced Threat Protection in Office 365 E5: How Does Advanced Protection Work?

Advanced Threat Protection (ATP) – is, as the name suggests, included in the security features of the Office 365 E5 Plan and is designed to protect against malware. In this respect, ATP uses the sandbox principle. Put simply, the system works like a Russian doll, installing a computer within another computer. This kind of emulation is frequently described as a virtual machine. Emails arriving in this sandbox are scanned for malware. For instance, email attachments are deliberately opened to see what happens. The actual system cannot be infected, as the malware remains enclosed in the sandbox.

Here’s an example of a cloud scenario:

source: Anton Neidel
  1. The email arrives in the incoming mail server, where it is scanned by Exchange Online Protection.
  2. ATP also scans the email for licensed users.
  3. When the system recognizes a suspicious link or content, the email is removed or the rough contents of the link are described. Naturally, the user and the admin receive notification.

NOTE: inform your users if you enable ATP, as the additional scan can mean that emails arrive with a delay of between three and five minutes.

    Ok, that’s all very well. But what happens if I have my email server on-premises? No problem! Here’s a scenario:

    source: Anton Neidel

    How are ATP and EOP Licensed?

    How can I license Exchange Online Advanced Threat Protection (ATP) and Exchange Online Protection (EOP)?

    EOP is always included in Enterprise Plans and Business Plans (provided they include Exchange Online).

    ATP is part of the Enterprise 5 Plan (E5) and can also be booked as an add-on with other plans.

    source: Anton Neidel

    Looking for More Information About Office 365 E5 Plan?

    We have put together all the information you need on Advanced Threat Protection and the other features in the Office 365 E5 Plan. Contact our experts for details.

    Contact our Office 365 experts

    Comment on this article

    Leave a comment to let us know what you think about this topic!

    Leave a comment


    Blog Editorial Team

    Trend Scouts

    IT Trends and industry-relevant novelties

    Related Articles

    • 18 Nisan 2022
    • Emrah Özbekar
    • IT Market, Publisher Advisory, Digital Transformation
    • BMC, IT Management

    Etkili IT Yönetimi Doğru Keşifle Başlar

    Sunucularınızı, sunucularınızın üzerindeki yazılımları, container altyapınızı, bulut ortamındaki kaynaklarınızı, storage ve network cihazlarınızı ve en önemlisi bunların birbirleri ile olan ilişkilerini dakikalar içerisinde size ajansız…

    IT Insight

    IT Insights in September

    The tech world is such a rapidly developing field that it may sometimes be hard to stay up to date. With our monthly IT insights, you’ll stay in the know. Read about the latest vendor news and trending topics.

    Oracle Fusion Cloud

    Oracle Fusion Cloud - Common Compliance Issues

    Early adopters of Oracle’s Fusion Cloud Services have been confronted with the first “compliance claims.” In this article we focus on the most common compliance issues seen at these customers.