Configurare ATP Exchange online

Exchange Online Advanced Threat Protection Licensing Requirements

ATP licenses cost USD 2.00 Per User Per Month and can be added to the following Office 365 Licensing SKU’s:
  • Exchange Online Plan 1
  • Exchange Online Plan 2
  • Exchange Online Kiosk
  • Office 365 Business Essentials
  • Office 365 Business Premium
  • Office 365 Enterprise E1, E2, E3
  • Office 365 Enterprise K1 & K2
  • Office 365 Education
ATP is included with the Office 365 Enterprise E5 Plan.

Configure Safe Attachments in Advanced Threat Protection

 To configure “Safe Attachments”, the administrator needs to navigate to the “Exchange Admin Center” within the Office 365 portal.
Fig 2
Once in the “Exchange Admin Center”, select “Advanced Threats” as shown below in Fig 3. This will load up the configuration settings for “Safe Attachments” & “Safe Links”.
Fig 3
In order to create a “New Safe Attachment Policy”, under “Safe Attachments” click “+”. This will open up the “Safe Attachment Policy Configuration Window” as shown below in Fig 4.
Fig 4
In the above “Safe Attachment Policy Configuration Window”, give the policy a name, a description and select the actions for the unknown malware in attachments. These actions are self-explanatory.
To block the attachments, select “Replace” which will block the attachment found as malware but will continue to deliver the email message without the attachment to the recipient.
Options can be specified to redirect the blocked attachment to a designated mailbox under “Redirect Attachment on Detection” and checking “Enable Redirect” and specifying an email address under “Send the attachment to the following Email Address” option as shown in Fig 4 above.
Scroll down the “Safe Attachment Policy Configuration Window” to bring up the “Applied to” section to specify if the rule needs to be applied to a specific recipient, recipient domain or to a group where a recipient is a member.
Select “Recipient Domain” under the drop down menu as this policy needs to be applied to everyone in the domain and click “Save” to create the new Safe Attachment Policy as shown below in Fig 5.

FIg 5
This new policy will now block the unsafe attachments that will be received and will deliver the attachment to the designated mailbox usually to the admin.

Configure Safe Links in Advanced Threat Protection

In order to create a “New Safe Links Policy”, under “Advanced Threats” select “Safe Links” click “+”. This will open up the “Safe Links Policy Configuration Window”.
Under the “Safe Links Policy Configuration Window”, give a name and a description of the policy. Under “Select the action for unknown potentially malicious URLs in messages” select “On” to turn on the policy. Also, select “Do not allow users to click through to the original URL” option.

Fig 6
Scroll down the “Safe Links Policy Configuration Window” to bring up the “Applied to” section to specify if the rule needs to be applied to a specific recipient, recipient domain or to a group where a recipient is a member.
Select “Recipient Domain” under the drop down menu as this policy needs to be applied to everyone in the domain and click “Save” to create the new Safe Links Policy as shown below in Fig 7.

Fig 7
This policy will now prevent users from opening the unsafe URLs within their emails.

Commenti

Posta un commento

Post popolari in questo blog

Come e quando smantellare i server Exchange in una distribuzione ibrida

Immagine
Articolo tratto da technet di microsoft . Una delle opzioni più interessanti per ottenere una società a Exchange Online è quello di utilizzare l'approccio distribuzione ibrida descritto nel  Piano di una distribuzione ibrida di Exchange Online in Office 365  . Questa è l'unica opzione che permette di facilmente a bordo e caselle di posta off-board (tutte le altre opzioni native sono sul bordo). Oltre alla capacità di off-board, una configurazione ibrida ha le seguenti opzioni principali: Questo argomento vi aiuterà a capire le opzioni per lo smantellamento di cambio ibrido, e quando ognuno di queste opzioni dovrebbe essere attuato. Ci sono molte variazioni a quando e come disattivare i server ibridi di Exchange. Prendendo il tempo di comprendere le implicazioni e pianificare correttamente la disattivazione totale o parziale dei server locali è importante. Disponibilità tra sedi  . Questo ti permette di vedere / informazioni sulla di...
Continua a leggere

Manage Room Mailbox by using PowerShell

In the current article, we will review how to use PowerShell commands for managing Room mailbox in Exchange Online environment. Resource Mailbox is a special type or a Mailbox that uses for the management of meeting Rooms and Equipment. The Resource Mailbox doesn’t require a license. Management of Resource Mailbox could be implemented by using one of the following options: Self-management – the Resource Mailbox will be configured for automation of accepting meeting requests (or decline meeting request if a former meeting request was already set). Resource Mailbox delegate – The delegate is the person that will accept the meeting requests and approve or decline the meeting requests. The term “resource Mailbox” includes two types of Mailboxes – Room Mailbox and Equipment Mailbox. There is a small difference between the two types of the resource mailbox but the use, and the purpose are quite similar (most of the examples will relate to room Mailbox). A Little confession: ...
Continua a leggere

How to reset an Office 365 install to the initial activation/install state

Immagine
1.   Remove Office 365 license for Subscription based installs (not Shared Computer Licensing scenarios): To remove the Office 365 license, you must run two cscript command lines. The command lines are:         A. Run  C:\program files <x86>\Microsoft office\office15>cscript ospp.vbs /dstatus The above command line will generate a report of the currently installed/activated license.  (See Below) NOTE: You might see multiple licenses in the /dstatus report.         B. Make note of value for “ Last 5 characters of installed product key”         C.  Run  C:\program files <x86>\Microsoft office\office15>cscript ospp.vbs /unpkey:“Last 5 of installed product key”   For example:   C:\program files <x86>\Microsoft office\office15>cscript ospp.vbs /unpkey:WB222  (See Below) Repeat the st...
Continua a leggere