Connecting Microsoft 365

This page includes:

About connecting Microsoft 365 email services

You can integrate Perception Point X‑Ray with Microsoft 365. This enables Perception Point X‑Ray to protect incoming mail into a Microsoft 365 installation. [This refers to Microsoft Exchange Online]

When you integrate Perception Point X‑Ray with Microsoft 365, you can select either of the following integration methods:

Inline

Emails are scanned [and can be blocked if they are found to be malicious] before they are delivered to the end-user inbox. Requires adding a TXT record to the DNS and then running an automated onboarding script. Includes a more complex onboarding process. For details, see Step 1 - Onboarding Microsoft 365 [Inline]

Microsoft API

Emails are scanned in parallel with the delivery of the email. The email first arrives in the end-user inbox, and only after scanning, is the email removed if it is found to be malicious. End users may therefore see malicious emails in their inboxes for a few seconds before the email is deleted. Doesn't require a TXT record. Includes a simple onboarding process. For details, see Onboarding Microsoft 365 [API]

Note: 

  • The Microsoft 365 integrations monitor incoming emails only - not outgoing emails.

    [Outbound monitoring can be added to inbound Microsoft 365 [Inline and API] integrations - see Onboarding Microsoft 365 - Outbound]

  • By default, internal email is not monitored. To add monitoring for internal email, contact Perception Point Support [support@perception-point.io]. There may be additional licensing requirements for adding internal email scanning.

  • For information about switching between Inline integration and API integration, see Switching integrations.

Comparing the Inline and API connection methods

The table below should help you to choose the better connection method for your scenario - Inline or API...

 

Inline

API scanning

 

Operates in prevention mode: Scans and blocks malicious emails pre-delivery

Operates in detection and remediation mode: Scans emails in parallel with the delivery of the emails

 

More complex onboarding procedure - typically requiring addition of a domain, verifying a TXT record, and running an automation script

Simpler and quicker onboarding procedure - typically requiring just 3 mouse-clicks

 

Requires adding a TXT record to the DNS

Adding a TXT record is not required

 

Adds an extra hop to the email

Scans in parallel and therefore doesn't add a hop

 

End users won’t see any emails with malicious scan verdicts in their Inboxes

End users may see malicious emails in their Inboxes for a few seconds - before the scan is completed and the email is deleted

 

Supports hybrid environments

Supports only Microsoft 365 environments

 

Allows remediation

Allows remediation

 

Supports scanning of inbound, internal, and outbound email

Supports scanning of inbound and outbound email

 

For details, see Step 1 - Onboarding Microsoft 365 [Inline]

For details, see Onboarding Microsoft 365 [API]

[Inline vs API]

Maximum email sizes for scanning

Microsoft 365 Inline integrations

Perception Point X‑Ray scans email messages up to a maximum size of 40 MB [including attachments]. Larger email messages are not scanned by Perception Point X‑Ray, and will be delivered to the specified recipients.

Note:

  • Due to external technical limitations, the 40 MB limitation can't be increased.

  • We recommend that you limit receiving email attachments up to 30 MB in size. Files that are larger than 30 MB should be shared using a different file sharing service, such as Microsoft OneDrive or Google Drive.

Microsoft 365 API integrations

Perception Point X‑Ray scans email messages up to a maximum size of 500 MB [including attachments].

Other Microsoft 365 connection options

  • If you have integrated Perception Point X‑Ray with Microsoft 365, you can enable the additional Perception Point-Microsoft 365 ATO [account take over] functionality. This functionality monitors your Microsoft 365 accounts to detect if any of them have possibly been taken over. For details, see Configuring Microsoft 365 - ATO detection.