Microsoft Exchange Online Protection (EOP) Reviews

I work in a financial institution and we use Microsoft Exchange Online Protection to protect our CEO's emails and all users' emails from phishing and other threats.

The most valuable feature of Microsoft Exchange Online Protection is the accidental release of information protection capabilities. Additionally, the solution is easy to use.

The price of Microsoft Exchange Online Protection could be reduced to make it more competitive.

I have been using Microsoft Exchange Online Protection for approximately one year.

Microsoft Exchange Online Protection is stable.

We have had some issues and the support we received was good and quick.

I have used other solutions, such as Carbon Black and Trend Micro Deep Discovery Email Inspector. I found that Microsoft Exchange Online Protection is a much better solution because the search time is quicker and there are more alert results.

The configuration of Microsoft Exchange Online Protection is easier than other solutions.

We did the deployment of the solution in-house.

The solution is priced high and could be less expensive compared to other solutions.

There is no maintenance needed for this solution, but we have analyzed the results from the findings from the alerts.

I would recommend this solution to others.

I rate Microsoft Exchange Online Protection a ten out of ten.

We use the product to provide full email security protection policies.

We like the holding facility that is available for potentially suspicious URLs.  This allows a real-time review to be performed before the email reaches a user's inbox.

We would like the solution to have more in-built intelligence in the way that it reviews potential security risks, rather than our team constantly having to update the policies.

We have been using this solution for around 15 years.

We have found the stability of this solution to be good.

We have found the solution to be easily scalable when new users need to be added; this is a multi-tenant product.

We have found the support to be good.  However, the default first line of issue resolution for this product is the online community and FAQ pages.

The initial setup was very straightforward due to the solution being completely cloud-based.

Licenses for this solution are available as packages of different tiers. The package will differ depending on the features that an organization wants, but all packages come with some default features included.

We would advise organizations who wish to build customized policies that this will increase the implementation time for this solution.

We would also advise organizations to carry out extensive testing before implementing this solution; this will ensure that it is set up exactly the way that they need it to be.

I would rate this solution a seven out of ten.

We use Microsoft Exchange Online Protection for scanning and protecting email attachments and URLs. Primarily we use Mimecast for URL protection, but it's good to have a second step, particularly Microsoft Exchange Online Protection, just in case something slips through.

What I like most about Microsoft Exchange Online Protection is its integration with Windows, so we have one central view for all alerts and incidents.

I'm pretty happy with Microsoft Exchange Online Protection, so off the top of my head, I can't think of any reason for me to want to change something in the solution.

Having orchestration features added to Microsoft Exchange Online Protection, particularly automation and remediation, would be quite useful.

I've been using Microsoft Exchange Online Protection for five or six years.

Microsoft Exchange Online Protection is quite stable.

Microsoft Exchange Online Protection is a scalable solution.

I haven't contacted technical support for Microsoft Exchange Online Protection.

Before Microsoft Exchange Online Protection, we used Mimecast. We still use Mimecast, but for an antimalware solution, we've always used what's available on Windows.

I didn't configure the solution, so I can't tell if the setup was straightforward or complex. Our Exchange administrators were the ones who set up Microsoft Exchange Online Protection.

We implemented the solution in-house.

Our license for Microsoft Exchange Online Protection is covered by our enterprise agreement.

There are three thousand users of Microsoft Exchange Online Protection in our company. There is no plan to increase the number of users, at least not in the near future.

Microsoft Exchange Online Protection is quite a difficult product. I would recommend it because it's a good product. My advice to others looking into using it is to make sure their rules are configured correctly, and they have turned on all the necessary features.

I'm rating Microsoft Exchange Online Protection eight out of ten.

Our primary use case is to support client environments. We need to check if everything is working fine if the email flows are fine, and if any certificates need to be renewed. Those are the system admin jobs that we do as system engineers.

The console has everything we need for management. We use all the available features. Every feature available in the management console is sufficient for us to manage.

All those features within the management, the exchange management, whether it's the shell management or the console management, are sufficient by themselves for the versions of the PUs. They keep changing the versions with every update, and they also add feature updates to the consoles. So that also keeps upgrading. So, the solution keeps improving. 

The best part is Microsoft EOP also includes publishing management, more inclusive with Exchange and all SharePoint and everything as well. So, they have partial modules for each Exchange and SharePoint. So that is a good thing as well. We can now manage things through partial. It could be done remotely as well. You don't have to sit on the server. It could also be on a jumpbox and just shell into it directly to an exchange server and manage that exchange server.  

I've been using it since I started working, so it's been a while. So, I have been working with this solution since 2016. 

The solution is fairly stable. The stability depends on when there's an outage or issues. From the Microsoft standard, they have had some issues within, maybe if there are some vulnerabilities in use. If there are some rogue actors or somebody has compromised the Exchange servers or something, they've affected the Exchange server services in the past. So, they do send out information. You can obtain that information from their site, which states, "This is what has happened with the Exchange servers, or all the Exchange servers may be down at the moment." So, those sorts of outages are already reported. And if Microsoft detects them, they report it across all the platforms and communities, providing information through chat as well. So, some visibility is always there.

Stability also depends on the way you manage it, basically. It comes down to how well it's managed, set up, and managed for individual organizations at their sites. So, that's why we have server admins to see how it's managed.

If the server hardware is sufficient enough, if they have sufficient memory, or if they're properly supporting Microsoft EOP. The system requirements need to be fine-tuned. All the VMs hosted need enough memory, and there should be sufficient storage for the databases and such.

So, from Microsoft's point of view, the stability of Exchange as a product depends on the servers running based on our recommendations and specifications. So, it all hinges on the licensing the users have purchased from Microsoft. Unless there's an outage or a vicious attack, or some malicious attack on the service itself, which they report immediately, there aren't any significant issues.

So, I would rate the stability an eight out of ten.

I would rate the scalability an eight out of ten. Almost everyone in the company uses it, probably thousands of end users. We didn't encounter any problems with scalability. In fact, Microsoft provides recommendations on how to migrate to the cloud and such. So, everything is seamless. 

Even when configuring reserves, it automatically alerts you with exceptions and errors. Especially during mailbox migrations to the cloud, like stage migrations or batch migrations, it provides suggestions. For example, it might notify you that you're processing too many mailboxes at once based on their sizes and recommend reducing the quantity. These prompts are readily available. 

We opted for this solution because most of the enterprises we have to support the basic applications we support. We are the 365 admins as well as Azure admins, and also in the on-prem environment. So we keep migrating mailboxes and chatboxes over, and sometimes, we have to do complete exchange migrations to the cloud. SharePoint migrations, we handle, as well as a server management team.

The initial setup is just a standard process. You just need to follow the Microsoft documentation and send whichever you're very comfortable with your experience. For everything, there are articles and documentation with Microsoft. You just need to follow them, and it's just that you need to consider what your environment is and how to expand information about your current infrastructure. Based on that, you have to consider things while upgrading it or moving it across the cloud.

Some of them are completely cloud. Some of them are hybrid environments. They have a few on-premises for legacy printers and legacy applications. So, for SMTP communication and other stuff. But mostly, most of the users' mailboxes are on the cloud.

The time taken for deployment depends on the size of the organization, how many mailboxes they have, and the main databases. There's no one standard procedure. It could range from a few hours for a small organization to weeks for a large organization.

The licensing can be on the expensive side, especially in the cloud space. They may not be the absolute most expensive option, but they are indeed on the higher end. However, that comes with a certain level of quality. It's like comparing Apple products to other phones in the market. For example, Apple iPhones and tablets are priced higher for a reason. They are known for their security and quality, which is why they can command a premium price.

And people are willing to pay that premium because they trust the brand.

I would rate it nine out of ten because of its widespread usage and trust in the market at the enterprise level. Microsoft products, especially Exchange, are widely used and trusted. 

They have a significant presence, capturing a major share of the enterprise market. All their applications are widely used, whether it's for emails, databases, SQL, backups with OneDrive, cloud storage, or SharePoint, and more. They offer a suite of products for office tools. So, these are the commonly used tools in any organization, be it medium-sized, small, or even a small retailer. Given this, I would rate them a nine or ten because of their extensive market share, both globally and locally.

Microsoft's dependability and trust are a result of its long-standing presence in the industry. They've been in business for a significant amount of time.

Microsoft Exchange Online Protection's use case can be email collaboration, data protection from various threats such as phishing or malware, and deploying anti-spam policies and anti-malware policies to ensure user safety. Additionally, the attack simulation and training features within the solution can be used to train end users across different campaigns happening over the internet. Other features like saved attachments, saved documents, and disabling options in Microsoft Exchange Online Protection can also be utilized.

The pre-set policies and configuration analyzer are the most valuable features in my opinion. The configuration analyzer is a great function to bring about strong external protection, and one can either turn on the pre-set policies or take help from the configuration analyzer to get recommendations for better protection.

One area that could be improved is handling gray emails, which are emails with attachments or newsletters that are not necessarily malicious, but are coming from different providers and are being received by various customers. Microsoft Exchange Online Protection may not be fully capable of stopping these emails until submitted for investigation over a specific period of time by Microsoft experts. This process needs improvement.

I have been working with the product for approximately six years.

The stability of this solution is quite good. It's been working well for a long time. Microsoft is constantly updating it and adding more features. I would rate it a nine out of ten.

I would rate its scalability a seven out of ten. There are certain restrictions. When you're using a Microsoft product solution, you can scale it, but if you're not, there are limitations.

If a company is doing business transactions, sending and collaborating, or choosing teams, I suggest they use Exchange Online Protection. But it may not be enough for any organization that is doing its best, as many threats are happening through different communication channels. I suggest using Office 365 as well, which comes with more advanced functionalities.

The experience with customer service from Microsoft varies. For example, if you open a ticket and get good engineers or support representatives, the experience is obviously good. It really depends on the quality of the support you receive. Overall, my experience has been average. Sometimes I get very bad responses from engineers or developers who don't understand the service or may not be properly trained on it. It can be hard for someone like me to explain everything so that they can understand the problem, and they may need to consult their team or do some research before providing a solution. These things take time. But if you get a good representative who is knowledgeable, then the experience is very smooth.

The initial setup is very simple. There are certain policies within the environment that will do the job automatically if you don't do anything. Moreover, every organization has default policies that are automatically applied if you don't do anything, but Microsoft provides documentation if you want to customize the policies. It is easy to work around the default policies if you need to make changes.

EOP is mainly deployed for the public cloud and there is no on-premises version available. However, if an organization has an on-premises email solution, they can choose to connect it to EOP to protect their emails with external protection. Organizations can reroute their emails through EOP so that all inbound and outbound emails go through the EOP solution and get filtered accordingly.

I would rate it a seven out of ten. It is a low-price solution.

Overall, I would rate Microsoft Exchange Online Protection a six out of ten. It is a good product. However, it may not meet all the requirements of today's business world. But if you combine it with different solutions in production, then it becomes a lot more effective.

We are using Microsoft Exchange Online Protection for the migration of users from on-premise to the cloud.

The most valuable features of Microsoft Exchange Online Protection are the EOP, ATP, safe links, fishing, and antispam.

Not all settings can be configured automatically and most still require manual configuration. However, there is an automation tool available that can be used to input all the configurations either as a script or a tool it would be helpful.

I have been using Microsoft Exchange Online Protection for approximately three years.

The stability of Microsoft Exchange Online Protection is good. We have not had many issues.

I rate the stability of Microsoft Exchange Online Protection a nine out of ten.

I have used Mimecast. I do not have a lot of experience in Mimecast. 

Microsoft Exchange Online Protection can handle a more broad range of areas than Mimecast.

The initial setup of Microsoft Exchange Online Protection and streamlining is complex. When we use a feature and we try to streamline them based on its outcomes can be difficult, such as false positives.

We often use third-party tools for the deployment. We try and use Microsoft native tools, such as Office Configuration Analyzer.

I help my customers implement the solution and it typically takes one week with two consultants.

The price of Microsoft Exchange Online Protection is reasonable.

If you're looking for recommendations, I suggest selecting the standard or strict settings provided by Microsoft for configuring Microsoft Exchange Online Protection. You can start with the standard settings and gradually increase the blocking and other settings such as spam confidence level based on your experience over time. It's important to keep in mind that further tuning may be required based on false positives and other factors, which will require manual adjustments based on experience. This configuration process is not a one-time setup and will evolve based on your customer experience.

I rate Microsoft Exchange Online Protection a nine out of ten.

We use the product to configure anti-spam solutions.

The product's most valuable feature is third-party integrations.

The management interface of Microsoft Exchange Online Protection (EOP) could be intuitive. Additionally, it could be easy to configure and fine-tune the components.

We have been using Microsoft Exchange Online Protection (EOP) for two years.

It is a stable platform.

It is a scalable product.

I work with Microsoft's technical support team a lot. In some simple cases, the services are very good. However, it needs improvement for dealing with complex issues.

Neutral

I have experience working with Mimecast and Barracuda. In comparison, Microsoft Exchange Online Protection has good integration and policies. However, it is not easy to configure.

The initial setup process is easy. At the same time, it's complicated to configure. From a maintenance perspective, it requires keeping a tab on the console for security or operations to filter out emails.

The product generates a good return on investment for the US market.

The product's pricing is competitive for the US market. However, it is expensive for the regions where businesses don't have enough budget to invest.

I recommend Microsoft Exchange Online Protection (EOP) to others and rate it a seven out of ten.

I primarily use the solution for online protection. It protects us from malware and spam, among other threats.

I can employ my own policies, for example, attached files and email, and I can apply security to them and analyze threats that may come in. I put together the best configurations to help protect the users.

It has offered effective protection to help us avoid email issues. For example, my CEO in the past had been compromised with malware. When we deployed this solution, we've been able to avoid issues.

The functionality is good.

It helps maintain protection. It can protect our Microsoft operations. It offers great security against malware and other threats. 

Technical support is excellent.

It is stable.

The solution can scale. 

It offers good value for money.

It doesn't protect against everything. We do need protection for, for example, endpoints. 

We'd like Citrix and Linux identity protection. We need security beyond just email so that we can avoid malicious threats.

I've been using the solution for five years in total.

It is stable. I'd rate the reliability ten out of ten. There are no bugs or glitches and it doesn't crash or freeze. 

I'd rate the solution eight out of ten in terms of scalability. It can scale. 

Microsoft support is excellent. They are very helpful and responsive. 

Positive

The initial setup was very easy. It was not difficult. We had good documentation in order to assist us. There's a lot of information available. 

The pricing is expensive, however, it is valuable to have, so that pricing is okay.

I'm not sure which version of the solution we're using. 

Overall, I would rate the solution ten out of ten. I'm very pleased with the solution.