Inline Protection

Important:

This is a "Pre-release" feature and is not considered an official release. Please review the Pre-release Disclaimer before using the feature.

In addition to the existing protection mechanism, Cloud App Security launches a new protection mode, inline protection, that detects and remediates threats before they can reach your protected services. In this mode, traffic needs to pass through Cloud App Security on the way to its destination, allowing Cloud App Security to provide protection in real time.

Cloud App Security supports inline protection for Exchange Online. It scans both inbound and outbound email messages.

Inbound protection: Scan messages sent from outside your organization before they reach the protected mailboxes in your organization.
Outbound protection: Scan messages sent from protected mailboxes in your organization before they are delivered to their destinations outside your organization.

The following describes how to use inline protection for Exchange Online.

Note:

The functions not available currently in the following table will be supported in a future release.

Action	Inbound Protection	Outbound Protection
Provision	See Provisioning an Exchange Online (Inline Mode) Authorized Account.	See Configuring Outbound Protection.
Configure policies	ATP policy: The policy target can be either domains or users. The supported filters are the same as those for protecting Exchange Online in none-inline mode. The following features in the filters are not available currently: Quarantine action in all ATP filters Retro Scan & Auto Remediate in the Advanced Spam Protection filter Retro Scan & Auto Remediate and Time-of-Click Protection in the Web Reputation filter DLP policy: not available currently	ATP policy: not available currently DLP policy: The supported filter and features are the same as those for protecting Exchange Online in non-inline mode.
Manage quarantine	Not available currently	To view and manage the items quarantined by Outbound Protection, select the service type Exchange Online and select Inline under the Protection Mode facet.
Query logs	On the log screen: Select the log type Security Risk Scan to view security risks detected in email messages. Select the log type Email Tracking to track email messages passing through Cloud App Security.	On the log screen, select the log type Outbound Message.
Configure global settings	To configure sender address match, see Configuring Sender Address Match. To turn off inbound protection, see Turning Off Inbound Protection.	To turn off outbound protection, see Turning Off Outbound Protection.
Deprovision	See Deprovisioning Office 365 Services.	See Deprovisioning an Exchange Mail Flow Service Account.