What’s new in Forefront Online Protection for Exchange

Earlier this year, I wrote about the value of Office 365 when combined with Forefront Online Protection for Exchange (FOPE) in “Delving into Office 365’s email security.” But FOPE is not used solely for Office 365. In fact, there are a variety of email scenarios where you might consider FOPE to stand watch between your online or on-premise mail flow. Let me review what FOPE is all about and what new features are available in version 11.1.

FOPE is, on the surface, a hosted Microsoft product for protecting organizations (and individuals) from spam, viruses, phishing scams, and email policy violations. You can use FOPE to protect your online and/or on-premise messaging product. But to be a competitive product in a market with many hosted filtering options and to be flexible for the various client bases and message scenarios that exist, FOPE has to continue to evolve. With version 11.1, it brings some new features that you may appreciate. Many of the enhancements relate to mail flow scenarios that you may have in your environment.

The main new features in FOPE 11.1 are:

• Additional control over email routing for cross-premise (or hybrid) message scenarios, including the outbound smart host scenario where FOPE acts as a smart host that redirects mail traffic to an on-premise server. Essentially, your online mailboxes redirect traffic through FOPE to on-premise mailbox servers that then send the mail to the Internet.
• False-positive reduction through the new FOPE configuration ability to skip IP address filtering with inbound mail sent from IP addresses that are specified in a safe list (aka skiplisting).
• The ability to force Transport Layer Security (TLS) with trusted partners. There are several options for configuring forced TLS, including bidirectional mail flow on both inbound and outbound connections, as well as unidirectional flow on either connection.
• The ability to outsource your FOPE administration to third parties. You can provide credentials to people outside your company through the Advanced tab of the FOPE Administration Center and provide them with permissions to manage those companies that you define.

It’s hard to imagine how many different types of messaging scenarios you might have to work with where you would need to configure FOPE, but Microsoft has put together a list with both TechNet articles and TechNet Edge videos (see below).

According to Microsoft, the cost per user per year starts at $20, although volume discounts will apply. With Office 365, FOPE protection is included with your subscription. Of course, you should consider what other companies are offering and at what price. You might also consider, when putting all the numbers together, a traditional on-site appliance or server product.

Just because the current fad is to host everything you possibly can in the cloud doesn’t mean you should rule out the use of on-premise products. Your antispam and antivirus protection could just as easily sit in the perimeter of your organization and do the same job as a cloud-hosted product — and possibly cost less.

Where FOPE may have an advantage is in its support for all those email flow scenarios, especially if you plan on going with a hybrid approach to your email and have some mailboxes in the cloud and some on-premise.

This article, “What’s new in Forefront Online Protection for Exchange,” was originally published at InfoWorld.com. Read more of J. Peter Bruzzese’s Enterprise Windows blog and follow the latest developments in Windows at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.