exchange 2013 EOP

GrizNation23 used Ask the Experts™
do I have to use or is it highly recommend using EOP for my exchange on-premises email filter? I am having way too many issues with EOP and my firewall connection socket issues. delayed deliveries to unable to connect to eop. thnking using Baracuddaspam filter. suggestions?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Your question is more to use an online service vs. offline tools / functionality.....

The EOP uses a cloud based gateway, that means there should not be any change in your local environment...
The flow is, that a mail is first routed to the cloud gateway and from there to your on Premise Exchange server.
The management happens directly on the cloud server...

The advantage: You do not need to install any software nor to take care of the updates and mechanism of this service. Also there is no additional traffic, mails are just rerouted.

The disadvantage is, that an external service provider is between the sender and recipient, and this may result in some delays, as the mail goes first to the EOP provider, is scanned there and then routed to you....
Also a question of confidence...

Beside Microsoft, you find a lot of other service provider working in a similar way.

The second option is to use the built in functionality of exchange. And Exchange Edge in a DMZ can do the job before your internal exchange is touched. Additionally you need a virus protection solution beside Edge. Configuration needs some knowledge about PowerShell, for most of the functionality there is no user interface.

There are also other on premise E-Mail protection solutions out. Either as a software on a server inside the DMZ, which acts as SMTP gateway with virus scan and spam protection and a more friendly user interface, or you can use an appliance what is doing the same.

Microsoft EOP is also working like an appliance, this "appliance" is just located on MS servers.
Jian An LimSolutions Architect
Top Expert 2016
the reason why you don't want to do a on-premises appliance is blocking spam.

i have used to have a client that have a on-premises appliance and their internet is over 500GB per months because they attract 10 millions spam every month (really crazy numbers).

I put them to a cloud filter (symantec cloud, or etc), their internet bill goes down, and they pay a fees and they don't need to maintain the on-premises appliance.

For your issue, i will work with your firewall team and microsoft for a better result. Usually, is your firewall causing the issues (i.e. you could have the same issue when receving from internet email, the issue are not visible since it is from Internet, you won't have visilibilty until you receive such email)
Hi again.

yes, limjianan put an additional aspect into the decision path.
Filtered traffic never reaches your systems, so you save bandwidth.

Also we have to add, that malware protection is implemented into exchange, but virus protection is a separate topic and connected to additional cost.

The hosted solution is easy to calculate. You have monthly costs for the service and you can save some bandwidth.
An on premise solution has cost for the additional virus protection (as appliance or software gateway)and the maintenance of the system.

Nevertheless the more important question for me is always, how you value the fact, that mail traffic passes an external third party system (in case of EOP). Just a question of confidence.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial