Delving into Office 365's email security

Microsoft is integrating its Forefront filtering technology into Office 365 and BPOS to make it easier for Exchange admins to let go

I was surprised to learn last week at Microsoft's MVP Summit that most Exchange MVPs haven't been invited to the private beta for Office 365. Yet here I was, a new MVP, with beta access, thanks to my columnist connection with InfoWorld, no doubt. (Several infoWorld editors have Office 365 beta accounts, and InfoWorld has published its own take on Office 365's strengths and weaknesses in its beta incarnation.) It was a no-brainer that I should make friends with my colleagues and peers by giving everyone who wanted it access to Office 365 -- which is what I did.

In the process of playing with Office 365 and talking to my MVP colleagues, something new came on the radar: Forefront Online Protection for Exchange (FOPE, pronounced "fa-pee") is now integrated within the Mail Control security settings. Thus, every Exchange Online customer, of both Business Productivity Online Suite (BPOS) and Office 365, is a FOPE customer.

[ Read J. Peter Bruzzese's "Making sense of Microsoft Forefront" to learn more about the Forefront security offerings behind FOPE. | Stay up to date on the latest Windows technologies and techniques with InfoWorld's Technology: Microsoft newsletter. ]

FOPE is a hosted service that protects both incoming and outgoing mail from spam, viruses, phishing scams, and email policy violations through a variety of layered technologies. It's the latest iteration of what had been previously named Exchange Hosted Filtering (EHF) and Forefront Online Security for Exchange (FOSE).

FOPE is a powerful tool in the hands of Office 365 administrators. It use a bevy of antivirus engines, including those from Kaspersky, Symantec, and Authentium, all three of which scan messages. The FOPE service-level agreement claims it detects 100 percent of known viruses. FOPE servers query the antivirus vendors for support updates to signatures every 15 minutes. FOPE can drill down into archive files (compressed Zip files and the like), but it cannot scan password-protected or encrypted files -- FOPE doesn't have access to the passwords or encryption keys. Keep in mind that FOPE doesn't work with just Office 365; you can also use it to scan mail that comes in via your own Exchange servers. 

The custom spam filters can allow or block IP addresses, sender domains, sender addresses, and recipient addresses. FOPE doesn't quarantine a virus upon discovery -- it deletes the intruder. For spam, you can set it to quarantine or delete the messages as you prefer. FOPE spam and virus scans work with your existing edge and hub transport servers in Exchange (if you aren't using Office 365) to stamp mail; it also provides either a header to the message or an added spam confidence level (SCL) rating to help internal servers better manage spam.

1 2 Page 1