At a Glance: Symantec Email Security.cloud vs Microsoft O365 E3 Microsoft O365 E3 Security as a Feature Symantec Email Security.cloud Why This Is Important Spam Protection Third-party blacklists subscribed to by Microsoft. Enterprise-grade anti-spam capabilities, including multiple layers of heuristics and intelligence. Keeping mailboxes free of spam is difficult this requires multiple levels of real-time intelligence and technologies to be effective. Malware Protection Third-party signature based malware scanners and heuristic scanners updated hourly. Multiple layers of detection including advanced Skeptic heuristics, constantly updated with Symantec intelligence. Simply relying on third parties to provide dated protection is not enough to protect against today s threats. URL Protection URL Protection requires an add-on or upgrade to Office 365 E5. Follows all links at time of delivery to detect threats embedded in malicious URLs, including obfuscated attacks. Many threats use weaponized links to dupe users into downloading malware. A solution is only half effective if it ignores URLs. DLP and Encryption Rudimentary pattern matching. Email only with little enterprise-level integration across other channels. No pull encryption. Powerful data protection for email. Symantec DLP integration enables a single set of DLP policies across all channels. Strong push and pull policy-based encryption. Visibility and control of data contained in emails is crucial. An solution needs to apply flexible policies. Service Level Agreements 100% Known Viruses only. No SLA for Anti-Virus FP. English only. 100% Known and Unknown Viruses. < 0.0001% Anti-Virus FP Rate. All Languages. Strong, punitive SLAs show confidence in a email security solution and provide transparency to customers. Fit for Enterprise 7 day message search across 4 fields. No Malware Quarantine. 30 Day Track and Trace across 10 email fields. Email storage on customer email outage. 30 Day Malware Quarantine. 1800 expert support. Email gateway operations are critical to business continuity enterprise 1 functions are essential to a functional capability.
At a Glance: Symantec ATP vs Microsoft O365 E5 Microsoft O365 E5 Symantec ATP Why This Is Important Integrated Defense Little enterprise-level integration with email and no response capabilities. Correlation, prioritization and response to threats integrated across Endpoint, Email, Network, and Web from a single portal. Advanced threat protection relies on a multivector approach that extends beyond protection to detection and response. URL Protection Safe Links limited to checking re-written URLs against third party block lists. Follows all links at time of delivery and time of click, including obfuscated attacks such as shortened URLs, redirects, and time delays. New malicious URLs are constantly being created, simply relying on third party notification is not enough. URLs must be inspected to determine their nature. Attachment Protection Detonation limited to Office and Executable Files with no activity information. Cynic cloud-based sandboxing inspects Office Files, Executables, and Script files in an environment that evades VM detection. Script files (.js,.hta,.bat and.wsf) are increasingly being used by attackers. Sandboxing is extremely effective in detecting obfuscated script files. SIEM Integration No SIEM integration. API integration with popular SIEM platforms provide 25 data points on every malicious email detected. Importing email intelligence into SOCs or SIEM environments are important parts of leveraging investments in both. Threat Intelligence Rudimentary logging of blocked emails with no ad-hoc or customizable reporting. Detailed, customizable reporting on each email blocked, including prioritization, source, classification and file information. Intelligence on incoming and outgoing threats to your organization can exponentially help security defenses. Fit for Enterprise No behavioral information on convicted files. Full sandbox behavioral results and classification. 30 day Malware Quarantine. Email gateway operations are critical to business continuity enterprise 2 functions are essential to a functioning capability.
Symantec Leads In Protection: Performance Testing Mar-Aug 2016 Source: Symantec TASER Testing Threat Detection Effectiveness Date (Year and Month)
Supporting Documentation Microsoft s E5 sandboxing capability no support for scripts https://technet.microsoft.com/en-us/library/mt148491(v=exchg.150).aspx Microsoft third-party malware filtering: Microsoft s E5 link protection technology limited to known links: https://technet.microsoft.com/enus/library/mt148491(v=exchg.150).aspx https://technet.microsoft.com/enus/library/jj200664(v=exchg.150).aspx
Supporting Documentation Microsoft hourly malware updates: Microsoft message searching limited: https://technet.microsoft.com/enus/library/jj200712(v=exchg.150).aspx https://technet.microsoft.com/enus/library/jj200664(v=exchg.150).aspx Microsoft IP-reliant spam filtering: https://technet.microsoft.com/library/jj937231(v=exchg.150).a spx