ORCA: Office 365 ATP recommended configuration
Office 365 Advanced Threat Protection (ATP) is always growing and evolving. You have multiple IT Admins that occasionally require or perform changes to the current ATP configuration.
Of course, you want to keep this as understandable as possible and activate logging or write away the weekly or monthly status.
Through ORCA, you are able to automatically export the current Office 365 ATP settings automatically exported in a single HTML file to view scores and recommendations.
Open Exchange Online Powershell
Launch the Exchange Online Powershell Module.
Exchange Control Panel: https://outlook.office.com/ECP
Click on the (configure' button below or: http://aka.ms/exopsmodule
Installation of ORCA
Install-Module ORCA
Launch the ORCA report
Get-ORCAReport
Results
Your results are automatically exported in your user profile. or the path you define.
There are more possibilities in terms of options. These are described in the ORCA script.
What is in scope?
- Configuring EOP (Exchange Online Protection) which can impact ATP (Advanced Threat Protection)
- Safe-Links configuration (safe links)
- Safe-Attachments configuration (secure attachments).
- Antiphish and antispoof policies.... (fraud & spoofing mails)
Coming Soon!
- Microsoft announced at Ignite that this report below will be coming to Office 365 admin panel. One step shorter to a clear overview. 79719
Summary
- It is now possible to compare multiple customer scenarios. Useful for suppliers.
- Modern security mechanisms such as Office 365 ATP are getting better and better and need constant attention and recurring checks. (Every month!) This report makes this easier.
- It is possible to replicate or provide insight into customers' successes with most malware & problems thanks to ORCA.
- Let's start!