Skip to main content

What is Microsoft Office 365 Advanced Threat Protection?

Office 365 Advanced Threat Protection Diagram

Microsoft Office 365 plans all come with relatively robust security settings available to configure—with the Enterprise Plan security features being the most robust. Some Microsoft Customers want a bit more control over their security posture and can use Microsoft Advanced Threat Protection plans to do this.

Microsoft Advanced Threat Protection (ATP) is an email filtering solution that resides on the Microsoft Cloud. It helps protect your company from unknown viruses and malware with robust “Zero-Day” protection. It further helps safeguard your company from real-time attacks.  ATP also includes reporting and URL tracing that helps administrators gain insight into the types of attacks appearing in your company.

This post will focus on the most common capabilities of Advanced Threat Protection. If you’re interested in learning more about the different Office 365 ATP plans, how they differ, and the specific capabilities of each, see our post on Microsoft Security and Compliance Packages.

There are three primary ways ATP helps protect messaging:

  1. Office 365 ATP can be enabled to protect Exchange Online cloud-hosted mailboxes. Customers subscribing to O365 with online Exchange can take advantage of this.
  2. On-Premises Exchange server environments can use Office 365 ATP in a filter-only approach. ATP provides cloud-based email protection for on-premises Exchange 2013, legacy Exchange Server versions, and any other on-premises SMTP email solution.
  3. For hybrid deployments, ATP can be configured to protect your messaging environment and control mail routing when you have a mix of both on-premises and cloud mailboxes with Exchange Online Protection for inbound mail filtering.

How do you get Office 365 Advanced Threat Protection (ATP)?

Currently ATP is included in Office 365 Enterprise E5, Office 365 Education A5, and Microsoft 365 Business. You can add ATP to the following Exchange and Office 365 subscription plans:

  • Exchange Online Plan 1
  • Exchange Online Plan 2
  • Exchange Online Kiosk
  • Exchange Online Protection
  • Office 365 Business Essentials
  • Office 365 Business Premium
  • Office 365 Enterprise E1
  • Office 365 Enterprise E3
  • Office 365 Enterprise F1
  • Office 365 A1
  • Office 365 A3

Microsoft offers many ways to protect your environment. See our complete guide to Microsoft Security Solutions to see how!

ATP Capabilities:

  • Safe Links – These are proactive protection for users from malicious hyperlinks in a message.
  • Safe Attachments – They protect against unknown malware and viruses and provide zero-day protection to safeguard your messaging system. ATP uses machine learning to work on unknown virus and malware signatures.
  • Spoof Intelligence – it detects when a spoofer appears to send mail on behalf of an account within your organization’s domains.
  • Quarantine – messages identified by O365 as spam, bulk mail, phishing, containing malware or because they match a mail flow rule are quarantined.
  • Anti-Phishing capabilities – ATP uses machine learning models to detect phishing messages.

For the most recent updates to Microsoft Advanced Threat Protection features, see the Microsoft table here.

If you’d like to learn more, I’d suggesting giving us a call at 303-786-7474.  PEI has been a Microsoft partner for over two decades, and we’d love to help.

Tim Krueger, PEI

Leave a Reply