Yesterday we released details on two very exciting items, the Office 365 for business public roadmap and the First Release Program. On a personal side, I am very excited about both of these items because first, I’m a big advocate of transparency and second, updates always excite me and I love being on the cutting edge.
In the past the Office 365 for business road map was not public facing and required an NDA for customers to see. Yesterday we launched the Office 365 for business public roadmap which will give everyone a 30 to 90 day glimpse into the future of what’s coming for Office 365 for business. This page contains information on Office 365 for business features in the following self-explanatory categories.
First Release will allow customers to opt-in to receive certain enhancements first at a minimum of two weeks before customers who are not in the program. These enhancements are not beta or a preview, but final code and you will get them first being in this program! Since software updates always excite me this program is right up my alley. You can find more information about our Standard Release and First Release programs on this Office 365 release programs page.
For complete details on these please see Jake Zborowski’s (group product manager for Office 365) blog post Improving visibility to service updates.
Office Blogs
Last month I attended TechEd North America 2014 in Houston Texas. In addition to attending some incredible sessions, I also presented one on Exchange Online Protection. This article contains a summary of the sessions I found to be interesting and valuable to those who work with Exchange Online and Exchange Server. As an added bonus, I have also included sessions that any good geek like myself would enjoy.
Exchange / Email related
Protecting Your Organization with Microsoft Exchange Online Protection (EOP)This is the session that I presented this year at TechEd. It contains both 200 and 300 level content and applicable for both those of have worked with EOP and those who have not.
Building a Hybrid Microsoft Exchange Server 2013 Deployment in Less than 75 MinutesVery valuable session for those that need to learn about hybrid deployment and don’t have much time to learn.
Data Loss Prevention (DLP) in Microsoft Office 365Great information on how DLP works and how it integrates with Exchange Online Protection.
Encryption in Microsoft Office 365Office 365 Encryption is a policy based encryption for Exchange Online Protection.
Future Look at Microsoft Exchange ServerVery interesting session that touches on both Exchange Server and Office 365.
Microsoft Outlook Connectivity: Current and FutureThis session takes a close look at how Outlook connects to Exchange Server and what is planned for the future.
Power Shell
Windows PowerShell Unplugged with Jeffrey SnoverGreat speakers that do an exceptional session on PowerShell. They cover 100, 200, and 300 levels. Something for everyone!
Windows PowerShell Best Practices and Patterns: Time to Get SeriousGreat PowerShell session that gets quite technical.
Geeky sessions that Andrew liked
Pass-the-Hash: How Attackers Spread and How to Stop ThemEye opening session, extremely interesting and quite scary.
2014 Edition: How Many Coffees Can You Drink While Your PC Starts?Very interesting session if you are interested in troubleshooting slow Windows boot times.
Case of the Unexplained: Troubleshooting with Mark RussinovichMark has about 6 “Case of the Unexplained” sessions that he’s done over the years. They are extremely technical and incredibly fascinating. They usually revolve around troubleshooting strange Windows issues with Sysinternals tools.
What’s New in Windows Server 2012 R2 Hyper-VFascinating session if you use and are interested in Hyper-V. Server 2012 R2 brings some awesome features to Hyper-V.
Windows 8 Security InternalsExtremely fascinating talk about Windows 8 security. The session opens with examining user tokens and comparing regular tokens to elevated tokens.
Mark Russinovich and Mark Minasi on Cloud ComputingThis session is essentially an interview with Mark Russinovich on Microsoft Azure. Very interesting if you are interested in Azure.
TWC: Malware Hunting with Mark Russinovich and the Sysinternals ToolsAs I’m sure you can tell from this article, I find Mark Russinovich talks to be extremely interesting and this is no exception. It focusses on the Sysinternals tool suit and their use for examining Malware on an infected machine.
TWC: Live Demonstration: Hacker Tools You Should Know and Worry about in 2014Some very interesting tools that make malicious attacks quite easy. One of the demos shows how easy arp and dns poisoning attacks can be to implement.
For those that aren’t aware, all TechEd content is available on Channel 9 and free for anyone to watch. You can check out all of the content from TechEd events here.
On TechNet we publish the range of IP addresses that are used when sending mail out of a custom EOP connector. If you have created an EOP on-premises connector to deliver inbound mail to your on-premises mail environment, or an EOP partner connector to deliver mail to a partner, the IPs used in these situations are the ones we publish. These published ranges DO NOT include the IPs that are used to deliver mail that does not leave through a custom EOP connector.
Effective as of January 1, 2015, additional IP ranges have been added to support the growth of the service. For organizations that lock down their on-premises mail environment to only accept mail from EOP, you will need to allow these additional IP ranges. This also applies for organizations that accept mail from you through a custom EOP outbound connector, if they lockdown their inbound mail from you to the published EOP IP ranges.
As we have noted on the TechNet page, organizations that started using EOP prior to January 1, 2015, do not need to take immediate action, but we recommend that you add these new IP ranges to your environment as soon as you can.
As of today, January 6, 2015, the range of IPs used by custom EOP connectors are as follows.
23.103.132.0/22 23.103.144.0/2223.103.191.0/2423.103.198.0/23 23.103.200.0/21 23.130.136.0/21 64.4.22.64/26 65.55.83.128/2765.55.88.0/2465.55.169.0/24 94.245.120.64/26104.47.0.0/17134.170.132.0/24 134.170.140.0/24 134.170.171.0/24 157.55.133.160/27 157.55.158.0/23 157.55.206.0/23 157.55.234.0/24 157.56.73.0/24 157.56.87.192/26 157.56.108.0/24 157.56.110.0/24 157.56.111.0/24 157.56.112.0/24 157.56.206.0/24 157.56.208.0/22 207.46.51.64/26207.46.100.0/24 207.46.101.128/26207.46.163.0/24213.199.154.0/24213.199.180.128/26216.32.180.0/24216.32.181.0/24 2a01:111:f400:7c00::/542a01:111:f400:fc00::/54
Current EOP IP ranges for custom connectors can be found at the links below.
Exchange Online Protection IP addressesChange notification for EOP IP addresses
This is typically a slow week for people, so what better time than to post something fun about Exchange Online Protection!
Back in May I presented a session on EOP at TechEd North America 2014 which took place in Houston. To be a little different, I wrote a poem about EOP which I read to kick the presentation off. I have always enjoyed poetry and thought I'd try something different by beginning my EOP session with some rhymes. Here's that poem.
Hello to you my TechEd friends,Thank you for joining me here.Today we will learn of a wondrous service,And you'll see, there's nothing to fear. Email can sometimes come with spam,And if you're not careful, a computer infection.Lucky for you, we can prevent those two,With Exchange Online Protection. EOP is a breeze to deploy,There's really nothing to it.Listen closely and don't leave early,You'll soon learn how to do it. Add one domain or up to nine hundred,Then create a connector or two.Now point your MX over to us, And like that, we're protecting you. Now let's begin this break out session,Silence those phones in your pocket.And next time you log in to O365,You'll really be able to rock it.
If you are interested in watching the session, which covers configuration and some interesting tidbits about EOP, it can be viewed on Channel 9.
See you in the new year!
The ability to send a notification to the recipient when a transport rule triggers. This is a request that we have received from a lot of customers, and I’m happy to let you know that it is now rolling out in the form of an action in EOP transport rules. Sweet!
Let’s say you have a transport rule that quarantines all inbound messages with an executable attachment. In the past there was no way to automatically notify your users that a message destined to them had been redirected to the quarantine because of your transport rule. Now, with Recipient Notifications, your transport rules can send a notification to the recipient when they trigger.
When creating a transport rule, you will notice a new action called “Notify the recipient with a message…”
As an example, if we want to quarantine messages destined to our users that contain executable content, and want to notify them when this happens, our transport rule could look like this.
In this rule contoso.com is our own domain. Here’s what the notification text looks like in the above rule.
A company policy blocked an inbound message to you - Executable content not permitted.<br><br>
Date: %%MessageDate%% UTC<br>From: %%From%%<br>To: %%To%%<br>CC: %%Cc%%<br>Subject: %%Subject%%
And here is what the notification looks like that the recipient will receive when this rule triggers.
You’ll notice that I was able to insert information from the original message into the notification using variables. Let’s look next at what customization is possible.
Variables can be added into the notification text to include information from the original message. The following variables are supported for recipient notifications.
Type of Information
If you don’t see the recipient notification action yet in your transport rules don’t panic. This feature only just lit up in my test tenant this past week and will still be rolling out. Enjoy this new capability!
TechNet documentation has not been updated yet, but once it has I will post links here.