Exchange Online Protection 概觀Exchange Online Protection overview

重要

改良的 Microsoft 365 安全性中心現在可供公開預覽。The improved Microsoft 365 security center is now available in public preview. 這個新的體驗將適用於端點的 Defender、適用於 Office 365 的 Defender、Microsoft 365 Defender 和更多功能帶到 Microsoft 365 安全性中心裡面。This new experience brings Defender for Endpoint, Defender for Office, 365 Microsoft 365 Defender, and more into the Microsoft 365 security center. 了解新功能Learn what's new. 本主題僅適合適用於 Office 365 的 Microsoft Defender 和 Microsoft 365 Defender。This topic might apply to both Microsoft Defender for Office 365 and Microsoft 365 Defender. 請參閱 [適用於] 區段,並且尋找此文章中可能有所不同的特定圖說文字。Refer to the Applies To section and look for specific call outs in this article where there might be differences.

適用於Applies to

Exchange Online Protection (EOP) 是雲端架構篩選服務,可協助您的組織抵禦垃圾郵件和惡意程式碼。Exchange Online Protection (EOP) is the cloud-based filtering service that helps protect your organization against spam and malware. EOP 包含 Exchange Online 信箱的所有 Microsoft 365 組織。EOP is included in all Microsoft 365 organizations with Exchange Online mailboxes. 不過,下列內部部署案例也提供 EOP:However, EOP is also available in the following on-premises scenarios:

  • 在獨立案例中:EOP 會為您的內部部署、Exchange 組織,或任何其他內部部署 SMTP 電子郵件解決方案,提供雲端式電子郵件保護。In a standalone scenario: EOP provides cloud-based email protection for your on-premises Exchange organization or for any other on-premises SMTP email solution.

  • 在混合式部署中:當您混合使用內部部署和雲端信箱時,可以設定 EOP 來保護您的電子郵件環境,並控制郵件路由傳送。In a hybrid deployment: EOP can be configured to protect your email environment and control mail routing when you have a mix of on-premises and cloud mailboxes.

在這些案例中,EOP 可以簡化電子郵件環境的管理,並減輕維護內部部署硬體和軟體帶來的許多負擔。In these scenarios, EOP can simplify the management of your email environment and alleviate many of the burdens that come with maintaining on-premises hardware and software.

本主題的其餘部分將說明 EOP 在獨立和混合環境中的運作方式。The rest of this topic explains how EOP works in standalone and hybrid environments.

EOP 的運作方式How EOP works

若要了解 EOP 的運作方式,查看它如何處理傳入電子郵件很有幫助:To understand how EOP works, it helps to see how it processes incoming email:

從網際網路或客戶意見傳送至 EOP 的電子郵件圖形,以及透過連線、反惡意程式碼、郵件流程規則-反惡意程式碼、規則-反惡意程式碼,以及內容篩選的電子郵件,在垃圾郵件或隔離區或使用者郵件傳遞的最後一個之前。

  • 當傳入郵件進入 EOP 時,它最初會透過連線篩選來檢查寄件者的信譽。When an incoming message enters EOP, it initially passes through connection filtering, which checks the sender's reputation. 大部分的垃圾郵件會在此點停止,並由 EOP 拒絕。The majority of spam is stopped at this point and rejected by EOP. 如需詳細資訊,請參閱設定連線篩選For more information, see Configure connection filtering.

  • 然後檢查郵件是否有惡意程式碼的跡象。Then the message is inspected for signs of malware. 如果在郵件中找到惡意程式碼或附件 (s) 郵件會路由傳送至僅限系統管理員的隔離存放區。If malware is found in the message or the attachment(s) the message is routed to an admin only quarantine store. 您可以在 這裡深入瞭解如何設定反惡意程式碼。You can learn more about configuring anti-malware here.

  • 郵件會繼續透過原則篩選,其評估來源為自訂郵件流程規則 (也稱為從範本建立或強制執行的傳輸規則) 。Messages continue through policy filtering, where they are evaluated against custom mail flow rules (also known as transport rules) that you create or enforce from a template. 例如,您可能有一個規則,會在特定寄件者的郵件送達時,傳送通知給管理員。For example, you can have a rule that sends a notification to a manager when mail arrives from a specific sender. 資料遺失防護 (DLP) 檢查也會在此 (Exchange Enterprise CAL with Services) 時發生。Data loss prevention (DLP) checks also happen at this point (Exchange Enterprise CAL with Services).

  • 接下來,郵件會透過內容篩選 (也稱為反垃圾郵件) 。Next, the message passes through content filtering (also known as Anti-spam). 此篩選器決定是垃圾郵件 或網路釣魚網路 的訊息,可以傳送至隔離區,或是傳送至使用者的垃圾郵件資料夾,以及其他選項。A message that this filter determines to be spam or phish can be sent to quarantine, or a user's Junk Email folder, among other options. 如需詳細資訊,請參閱 設定反垃圾郵件原則設定反網路釣魚原則For more information see Configure anti-spam policies and Configure anti-phishing policies.

所有傳遞這些保護層的郵件都會順利傳送給收件者。Any message that passes all of these protection layers successfully is delivered to the recipient.

如需詳細資訊,請參閱 電子郵件保護的順序和優先順序For more information, see Order and precedence of email protection.

EOP 內部部署電子郵件組織的計畫及功能EOP plans and features for on-premises email organizations

以下是可用的 EOP 訂閱方案:The available EOP subscription plans are:

  • 獨立 EOP:您可以註冊 EOP 以保護內部部署的電子郵件組織。EOP standalone: You enroll in EOP to protect your on-premises email organization.

  • Exchange online 中的 EOP 功能:包含 exchange online (獨立的任何訂閱,或 Microsoft 365 的一部分) 使用 EOP 來保護您的 Exchange Online 信箱。EOP features in Exchange Online: Any subscription that includes Exchange Online (standalone or as part of Microsoft 365) uses EOP to protect your Exchange Online mailboxes.

  • Exchange Enterprise CAL (含服務):如果您有內部部署的 Exchange 組織,且您已購買額外的 Exchange Enterprise CAL (含服務) 授權,EOP 會包含在服務中。Exchange Enterprise CAL with Services: If you have an on-premises Exchange organization where you've purchased additional Exchange Enterprise CAL with Services licenses, EOP is part of the included services.

如需所有 EOP 訂閱方案之需求、重要限制和功能可用性的相關資訊,請參閱 Exchange Online Protection 服務描述For information about requirements, important limits, and feature availability across all EOP subscription plans, see the Exchange Online Protection service description.

設定內部部署電子郵件組織的 EOPSetting up EOP for on-premises email organizations

設定 EOP 可以很簡單,對於具有一些符合性規則的小型組織來說,更是如此。不過,如果您的組織是具有多個網域、自訂符合性規則或混合郵件流程的大型組織,則在進行設定時可能需要更加詳盡的規劃及更多的時間。Setting up EOP can be simple, especially in the case of a small organization with a handful of compliance rules. However, if you have a large organization with multiple domains, custom compliance rules, or hybrid mail flow, set up can take more planning and time.

如果已購買 EOP,請參閱設定 EOP 服務,以確保完成所有必要的 EOP 設定步驟,來保護郵件環境。If you've already purchased EOP, see Set up your EOP service to ensure that you complete all the steps necessary to configure EOP to protect your messaging environment.

EOP 資料中心EOP datacenters

EOP 會在用於提供最佳可用性的全球資料中心網路上執行。EOP runs on a worldwide network of datacenters that are designed to provide the best availability. 例如,如果資料中心變成無法使用,則會將電子郵件自動路由傳送至其他資料中心,而不會中斷服務。For example, if a datacenter becomes unavailable, email messages are automatically routed to another datacenter without any interruption in service. 每個資料中心的伺服器都會以您的名義接收郵件,提供組織和網際網路之間的分隔區,從而減少伺服器的負載。Servers in each datacenter accept messages on your behalf, providing a layer of separation between your organization and the internet, thereby reducing load on your servers. 透過這個高可用性的網路,Microsoft 可以確保電子郵件及時送達您的組織。Through this highly available network, Microsoft can ensure that email reaches your organization in a timely manner.

EOP 會在資料中心之間執行負載平衡,但只在一個區域內。如果您佈建在一個區域中,則會以該區域的郵件路由來處理您的所有郵件。下列清單顯示 EOP 資料中心的地區郵件路由運作方式:EOP performs load balancing between datacenters but only within a region. If you're provisioned in one region all your messages will be processed using the mail routing for that region. The following list shows the how regional mail routing works for the EOP datacenters:

  • 在歐洲、中東和非洲 (EMEA),所有 Exchange Online 信箱都位於 EMEA 資料中心,且所有郵件都透過 EMEA 資料中心傳送供 EOP 篩選。In Europe, the Middle East, and Africa (EMEA), all Exchange Online mailboxes are located in EMEA datacenters, and all messages are routed through EMEA datacenters for EOP filtering.

  • 在亞太地區 (APAC),所有 Exchange Online 信箱都位於 APAC 資料中心,且郵件目前透過 APAC 資料中心傳送供 EOP 篩選。In Asia-Pacific (APAC), all Exchange Online mailboxes are located in APAC datacenters, and messages are currently routed through APAC datacenters for EOP filtering.

  • 在美洲,服務會發佈于下列位置:In the Americas, services are distributed in the following locations:

    • 南美洲: Exchange Online 信箱位於巴西和智利的資料中心。South America: Exchange Online mailboxes are located in datacenters in Brazil and Chile. 所有郵件都會透過本機資料中心進行路由傳送,以供 EOP 篩選。All messages are routed through local datacenters for EOP filtering. 隔離的郵件會儲存在租使用者所在的資料中心。Quarantined messages are stored in the datacenter where the tenant is located.

    • 加拿大: Exchange Online 信箱位於加拿大的資料中心內。Canada: Exchange Online mailboxes are located in datacenters in Canada. 所有郵件都會透過本機資料中心進行路由傳送,以供 EOP 篩選。All messages are routed through local datacenters for EOP filtering. 隔離的郵件會儲存在租使用者所在的資料中心。Quarantined messages are stored in the datacenter where the tenant is located.

    • 美國: Exchange Online 信箱位於美國資料中心。United States: Exchange Online mailboxes are located in U.S. datacenters. 所有郵件都會透過本機資料中心進行路由傳送,以供 EOP 篩選。All messages are routed through local datacenters for EOP filtering. 隔離的郵件會儲存在租使用者所在的資料中心。Quarantined messages are stored in the datacenter where the tenant is located.

  • 至於政府社群雲端 (GCC),所有 Exchange Online 信箱都位於美國資料中心,且所有郵件都透過美國資料中心傳送供 EOP 篩選。For the Government Community Cloud (GCC), all Exchange Online mailboxes are located in U.S. datacenters and all messages are routed through U.S. datacenters for EOP filtering.

EOP 系統管理員的協助EOP Help for admins

適用於 EOP 系統管理員的幫助內容由下列頂層類別組成:The Help content for EOP administrators consists of the following top-level categories: