The Future of Antivirus and Malware Scanning in Exchange

As announced on Microsoft’s Server & Cloud Blog, all of the Forefront products end of life as of December 31, 2015.  Customers have asked me, will there be a replacement for Forefront Online Protection for Exchange (FOPE) and Forefront Protection 2010 for Exchange (FPE)?



Use Exchange Online Protection (previously known as FOPE) for message transport scanning.  EOP provides inbound and outbound spam and malware filtering, reporting, message trace, and mail-flow configuration features.



Exchange 2013 has built-in anti-malware capabilities (although they’re quite limited).  Microsoft removed the AVAPI from Exchange 2013, so if you want to do store-level scanning to remove malware already present in your mailbox databases you’ll need a third party product that scans the store using EWS.  There are currently no third party products that do this yet.



For file-level malware scanning use System Center 2012 Endpoint Protection which is a component of System Center 2012 Configuration Manager.  Be sure to follow the following Microsoft guidelines: