Microsoft Exchange Online Protection (EOP) Reviews

We use Microsoft Exchange Online Protection for scanning and protecting email attachments and URLs. Primarily we use Mimecast for URL protection, but it's good to have a second step, particularly Microsoft Exchange Online Protection, just in case something slips through.

What I like most about Microsoft Exchange Online Protection is its integration with Windows, so we have one central view for all alerts and incidents.

I'm pretty happy with Microsoft Exchange Online Protection, so off the top of my head, I can't think of any reason for me to want to change something in the solution.

Having orchestration features added to Microsoft Exchange Online Protection, particularly automation and remediation, would be quite useful.

I've been using Microsoft Exchange Online Protection for five or six years.

Microsoft Exchange Online Protection is quite stable.

Microsoft Exchange Online Protection is a scalable solution.

I haven't contacted technical support for Microsoft Exchange Online Protection.

Before Microsoft Exchange Online Protection, we used Mimecast. We still use Mimecast, but for an antimalware solution, we've always used what's available on Windows.

I didn't configure the solution, so I can't tell if the setup was straightforward or complex. Our Exchange administrators were the ones who set up Microsoft Exchange Online Protection.

We implemented the solution in-house.

Our license for Microsoft Exchange Online Protection is covered by our enterprise agreement.

There are three thousand users of Microsoft Exchange Online Protection in our company. There is no plan to increase the number of users, at least not in the near future.

Microsoft Exchange Online Protection is quite a difficult product. I would recommend it because it's a good product. My advice to others looking into using it is to make sure their rules are configured correctly, and they have turned on all the necessary features.

I'm rating Microsoft Exchange Online Protection eight out of ten.

Microsoft EOP's most valuable feature is a shared mailbox. 

The solution needs to improve its backup. 

I rate the tool's stability a ten out of ten. 

Microsoft EOP is scalable. 

The tool's deployment is straightforward. You need to get a license to use the product. 

I rate Microsoft EOP a ten out of ten. 

Microsoft Exchange Online Protection's use case can be email collaboration, data protection from various threats such as phishing or malware, and deploying anti-spam policies and anti-malware policies to ensure user safety. Additionally, the attack simulation and training features within the solution can be used to train end users across different campaigns happening over the internet. Other features like saved attachments, saved documents, and disabling options in Microsoft Exchange Online Protection can also be utilized.

The pre-set policies and configuration analyzer are the most valuable features in my opinion. The configuration analyzer is a great function to bring about strong external protection, and one can either turn on the pre-set policies or take help from the configuration analyzer to get recommendations for better protection.

One area that could be improved is handling gray emails, which are emails with attachments or newsletters that are not necessarily malicious, but are coming from different providers and are being received by various customers. Microsoft Exchange Online Protection may not be fully capable of stopping these emails until submitted for investigation over a specific period of time by Microsoft experts. This process needs improvement.

I have been working with the product for approximately six years.

The stability of this solution is quite good. It's been working well for a long time. Microsoft is constantly updating it and adding more features. I would rate it a nine out of ten.

I would rate its scalability a seven out of ten. There are certain restrictions. When you're using a Microsoft product solution, you can scale it, but if you're not, there are limitations.

If a company is doing business transactions, sending and collaborating, or choosing teams, I suggest they use Exchange Online Protection. But it may not be enough for any organization that is doing its best, as many threats are happening through different communication channels. I suggest using Office 365 as well, which comes with more advanced functionalities.

The experience with customer service from Microsoft varies. For example, if you open a ticket and get good engineers or support representatives, the experience is obviously good. It really depends on the quality of the support you receive. Overall, my experience has been average. Sometimes I get very bad responses from engineers or developers who don't understand the service or may not be properly trained on it. It can be hard for someone like me to explain everything so that they can understand the problem, and they may need to consult their team or do some research before providing a solution. These things take time. But if you get a good representative who is knowledgeable, then the experience is very smooth.

The initial setup is very simple. There are certain policies within the environment that will do the job automatically if you don't do anything. Moreover, every organization has default policies that are automatically applied if you don't do anything, but Microsoft provides documentation if you want to customize the policies. It is easy to work around the default policies if you need to make changes.

EOP is mainly deployed for the public cloud and there is no on-premises version available. However, if an organization has an on-premises email solution, they can choose to connect it to EOP to protect their emails with external protection. Organizations can reroute their emails through EOP so that all inbound and outbound emails go through the EOP solution and get filtered accordingly.

I would rate it a seven out of ten. It is a low-price solution.

Overall, I would rate Microsoft Exchange Online Protection a six out of ten. It is a good product. However, it may not meet all the requirements of today's business world. But if you combine it with different solutions in production, then it becomes a lot more effective.

We are using Microsoft Exchange Online Protection for the migration of users from on-premise to the cloud.

The most valuable features of Microsoft Exchange Online Protection are the EOP, ATP, safe links, fishing, and antispam.

Not all settings can be configured automatically and most still require manual configuration. However, there is an automation tool available that can be used to input all the configurations either as a script or a tool it would be helpful.

I have been using Microsoft Exchange Online Protection for approximately three years.

The stability of Microsoft Exchange Online Protection is good. We have not had many issues.

I rate the stability of Microsoft Exchange Online Protection a nine out of ten.

I have used Mimecast. I do not have a lot of experience in Mimecast. 

Microsoft Exchange Online Protection can handle a more broad range of areas than Mimecast.

The initial setup of Microsoft Exchange Online Protection and streamlining is complex. When we use a feature and we try to streamline them based on its outcomes can be difficult, such as false positives.

We often use third-party tools for the deployment. We try and use Microsoft native tools, such as Office Configuration Analyzer.

I help my customers implement the solution and it typically takes one week with two consultants.

The price of Microsoft Exchange Online Protection is reasonable.

If you're looking for recommendations, I suggest selecting the standard or strict settings provided by Microsoft for configuring Microsoft Exchange Online Protection. You can start with the standard settings and gradually increase the blocking and other settings such as spam confidence level based on your experience over time. It's important to keep in mind that further tuning may be required based on false positives and other factors, which will require manual adjustments based on experience. This configuration process is not a one-time setup and will evolve based on your customer experience.

I rate Microsoft Exchange Online Protection a nine out of ten.

Not a lot of our company's clients actually get Microsoft Exchange Online Protection (EOP) implemented in their IT environments.

My company's clients use Microsoft Exchange Online Protection (EOP) for email protection.

The most valuable feature of the solution is that it is a one-stop shop going through Microsoft. You don't have to worry about additional out-of-the-box features since the solution already offers a very good amount of basic protection or security for your emails. Most of our clients are small-sized businesses, so it suits them fine.

Our company faces difficulty with Microsoft Exchange Online Protection (EOP) because it's too big, clunky, and difficult for a small client to implement quickly and easily. Microsoft's competitors work a lot better since their products come out of the box directly, and one needs to turn them on to make them work. Microsoft Exchange Online Protection (EOP) requires a lot of configuration, support, and management. The aforementioned areas can be considered for improvement.

I have been using Microsoft Exchange Online Protection (EOP) for five years. I work at an IT support company that resells, implements, and offers support for Microsoft products.

My company hasn't faced any stability issues with the solution.

My company hasn't had the need to use the solution's scalability, but I believe that it is a scalable product.

My company works with small to medium-sized businesses, where even among the medium-sized ones, we prefer the smaller ones.

In general, my company is happy with Microsoft support, and we haven't needed support specifically for Microsoft Exchange Online Protection (EOP).

I rate the technical support an eight to nine out of ten.

Positive

The initial setup of the solution does not consist much of installing it, but meeting the needs of our company's clients. The setup phase requires quite a bit of planning.

There is no standard amount of time taken when it comes to the deployment of the solution. After our company's clients are prepared to make payments toward the solution, it takes around four hours to deploy the solution.

The solution falls on the higher or more expensive side of the spectrum.

The maintenance of the solution is neither too easy nor too difficult. The maintenance is not so easy because what tends to happen is things get set up, and those decisions don't get revisited regularly. There needs to be some process where the settings, decisions, and configurations get reviewed to determine whether they still meet the company's clients' needs regularly.

The solution can be more beneficial for medium and large-sized businesses compared to the smaller ones.

I rate the overall solution a six out of ten.

I primarily use the solution for online protection. It protects us from malware and spam, among other threats.

I can employ my own policies, for example, attached files and email, and I can apply security to them and analyze threats that may come in. I put together the best configurations to help protect the users.

It has offered effective protection to help us avoid email issues. For example, my CEO in the past had been compromised with malware. When we deployed this solution, we've been able to avoid issues.

The functionality is good.

It helps maintain protection. It can protect our Microsoft operations. It offers great security against malware and other threats. 

Technical support is excellent.

It is stable.

The solution can scale. 

It offers good value for money.

It doesn't protect against everything. We do need protection for, for example, endpoints. 

We'd like Citrix and Linux identity protection. We need security beyond just email so that we can avoid malicious threats.

I've been using the solution for five years in total.

It is stable. I'd rate the reliability ten out of ten. There are no bugs or glitches and it doesn't crash or freeze. 

I'd rate the solution eight out of ten in terms of scalability. It can scale. 

Microsoft support is excellent. They are very helpful and responsive. 

Positive

The initial setup was very easy. It was not difficult. We had good documentation in order to assist us. There's a lot of information available. 

The pricing is expensive, however, it is valuable to have, so that pricing is okay.

I'm not sure which version of the solution we're using. 

Overall, I would rate the solution ten out of ten. I'm very pleased with the solution.

It is an easy solution. It is useful for local users and our company because we use Microsoft 365. It is also free with Microsoft 365.

The security features could be better and more secure in the next release.

We have been using this solution for two years.

It is stable.

It is scalable. We have more than 200 users using this solution using Microsoft accounts and emails.

The deployment was easy. We have a hybrid solution. We have Exchange, we have Office 365, and we can create Office 365 users. So if we want to create with Exchange, we can also do that. And all our incoming emails go through Office 365 Online Protection.

We've used technical support a few times, and they've helped us.

The initial setup was straightforward. It has already established standards that are configured.

The solution has annual licensing.

I rate this solution a nine out of ten.

Our primary use case is to support client environments. We need to check if everything is working fine if the email flows are fine, and if any certificates need to be renewed. Those are the system admin jobs that we do as system engineers.

The console has everything we need for management. We use all the available features. Every feature available in the management console is sufficient for us to manage.

All those features within the management, the exchange management, whether it's the shell management or the console management, are sufficient by themselves for the versions of the PUs. They keep changing the versions with every update, and they also add feature updates to the consoles. So that also keeps upgrading. So, the solution keeps improving. 

The best part is Microsoft EOP also includes publishing management, more inclusive with Exchange and all SharePoint and everything as well. So, they have partial modules for each Exchange and SharePoint. So that is a good thing as well. We can now manage things through partial. It could be done remotely as well. You don't have to sit on the server. It could also be on a jumpbox and just shell into it directly to an exchange server and manage that exchange server.  

I've been using it since I started working, so it's been a while. So, I have been working with this solution since 2016. 

The solution is fairly stable. The stability depends on when there's an outage or issues. From the Microsoft standard, they have had some issues within, maybe if there are some vulnerabilities in use. If there are some rogue actors or somebody has compromised the Exchange servers or something, they've affected the Exchange server services in the past. So, they do send out information. You can obtain that information from their site, which states, "This is what has happened with the Exchange servers, or all the Exchange servers may be down at the moment." So, those sorts of outages are already reported. And if Microsoft detects them, they report it across all the platforms and communities, providing information through chat as well. So, some visibility is always there.

Stability also depends on the way you manage it, basically. It comes down to how well it's managed, set up, and managed for individual organizations at their sites. So, that's why we have server admins to see how it's managed.

If the server hardware is sufficient enough, if they have sufficient memory, or if they're properly supporting Microsoft EOP. The system requirements need to be fine-tuned. All the VMs hosted need enough memory, and there should be sufficient storage for the databases and such.

So, from Microsoft's point of view, the stability of Exchange as a product depends on the servers running based on our recommendations and specifications. So, it all hinges on the licensing the users have purchased from Microsoft. Unless there's an outage or a vicious attack, or some malicious attack on the service itself, which they report immediately, there aren't any significant issues.

So, I would rate the stability an eight out of ten.

I would rate the scalability an eight out of ten. Almost everyone in the company uses it, probably thousands of end users. We didn't encounter any problems with scalability. In fact, Microsoft provides recommendations on how to migrate to the cloud and such. So, everything is seamless. 

Even when configuring reserves, it automatically alerts you with exceptions and errors. Especially during mailbox migrations to the cloud, like stage migrations or batch migrations, it provides suggestions. For example, it might notify you that you're processing too many mailboxes at once based on their sizes and recommend reducing the quantity. These prompts are readily available. 

We opted for this solution because most of the enterprises we have to support the basic applications we support. We are the 365 admins as well as Azure admins, and also in the on-prem environment. So we keep migrating mailboxes and chatboxes over, and sometimes, we have to do complete exchange migrations to the cloud. SharePoint migrations, we handle, as well as a server management team.

The initial setup is just a standard process. You just need to follow the Microsoft documentation and send whichever you're very comfortable with your experience. For everything, there are articles and documentation with Microsoft. You just need to follow them, and it's just that you need to consider what your environment is and how to expand information about your current infrastructure. Based on that, you have to consider things while upgrading it or moving it across the cloud.

Some of them are completely cloud. Some of them are hybrid environments. They have a few on-premises for legacy printers and legacy applications. So, for SMTP communication and other stuff. But mostly, most of the users' mailboxes are on the cloud.

The time taken for deployment depends on the size of the organization, how many mailboxes they have, and the main databases. There's no one standard procedure. It could range from a few hours for a small organization to weeks for a large organization.

The licensing can be on the expensive side, especially in the cloud space. They may not be the absolute most expensive option, but they are indeed on the higher end. However, that comes with a certain level of quality. It's like comparing Apple products to other phones in the market. For example, Apple iPhones and tablets are priced higher for a reason. They are known for their security and quality, which is why they can command a premium price.

And people are willing to pay that premium because they trust the brand.

I would rate it nine out of ten because of its widespread usage and trust in the market at the enterprise level. Microsoft products, especially Exchange, are widely used and trusted. 

They have a significant presence, capturing a major share of the enterprise market. All their applications are widely used, whether it's for emails, databases, SQL, backups with OneDrive, cloud storage, or SharePoint, and more. They offer a suite of products for office tools. So, these are the commonly used tools in any organization, be it medium-sized, small, or even a small retailer. Given this, I would rate them a nine or ten because of their extensive market share, both globally and locally.

Microsoft's dependability and trust are a result of its long-standing presence in the industry. They've been in business for a significant amount of time.