Demonstrate Advanced Threat Protection in your Office 365 dev/test environment

Now that you have built your Office 365 Dev/Test Environment, it’s time to put Office 365 through some additional paces.

An interesting feature of Office 365 Enterprise E5 is Advanced Threat Protection (ATP), which allows you to create policies that specify email scanning for Exchange Online.

Two of the most prevalent ways that users get malware is through email attachments or by clicking on a link to a web site that contains malicious code in an email message. To prevent users from getting infected, it would be better if Exchange Online scanned the attachments for known malicious code and blocked access to known malware web sites.

To show how Office 365 Enterprise E5 addresses this need, the Advanced Threat Protection for your Office 365 dev/test environment Test Lab Guide steps you through:

  1. Demonstrating that by default Exchange Online delivers messages with a possible infected attachment and a link to a possible malicious web site.
  2. Configuring a new safe attachment policy to scan email attachments and a new safe links policy to block known malicious web locations.
  3. Demonstrating that for new messages sent, the email with the attachment was scanned by ATP and the link to the possible malicious web page is blocked.

With ATP now enabled in your Office 365 Dev/Test Environment, you can create additional policies and experiment further.

For more information, see Advanced threat protection for safe attachments and safe links or view the 13-minute video here.

Stay tuned for additional Test Lab Guides for your Office 365 Dev/Test Environment.

Comments (2)

  1. Brian Shipman says:


    We’re trying to show off that ATP is working, however it seems that even with ATP turned on the test attachment comes through. Any ideas?


    1. Joe Davies says:

      Hi Brian, I stepped through this article to make sure it reflected the latest steps and updated it accordingly. The test attachment comes through because it was determined to be safe by ATP. The purpose of the safe attachments policy was to begin scanning attachments for malicious code. Step 11 in the procedure shows that ATP did perform a scan of the attachment. I added a note explaining that. Hope this helps. Joe Davies

Skip to main content