Skip to main content

Microsoft Exchange Online Advanced Threat Protection

 About

Microsoft Exchange Online Advanced Threat Protection (ATP) is an email filtering application to help mitigate malware and virus infiltration within an organization and blocks threats when detected. At this time, ATP only protects against emails from addresses outside of Vanderbilt, but a plan is in place to eventually extend this service to internal addresses. This application acts as an additional layer of protection; however, it is still crucial that users exercise caution whenever clicking on links or attachments. ATP does not protect Vanderbilt Gmail addresses.

 

ATP Features

Safe Links:

  • Protects users from malicious URLs in emails
  • Checks a Microsoft reputation database upon every click of a link
  • Redirects malicious links to a warning screen and prevents access
  • Mitigates phishing campaigns while allowing users to access known good links

With ATP, users are redirected to a warning page if the database determines a link to be malicious. The following screenshots illustrate 1) how a link filtered through ATP will appear and 2) the warning page users will see if the database determines a link to be malicious. If a user sees the warning page after clicking on a link that is not malicious, call the VUIT Help Desk at (615) 343-9999.

ATP screenshot

 

ATP screenshot

 

Safe Attachments:

  • Protects against malware, viruses, and zero-day exploits (e.g., WannaCry ransomware).
  • Interrogates every email attachment and removes known malicious attachments and attachments exhibiting malicious behavior
  • Protects against a good attachment getting removed by routing the original email with the attachment to an IT-managed quarantined mailbox.

If a user is sent an email that contains a malicious attachment, ATP will deliver the email with a message noting that the malicious attachment has been removed.