Exchange Online Advanced Threat Protection Service Description

Office 365

Applies to: Office 365

Topic Last Modified: 2017-04-21

Microsoft Exchange Online Advanced Threat Protection (ATP) is a cloud-based email filtering service that helps protect your organization against unknown malware and viruses by providing robust zero-day protection, and includes features to safeguard your organization from harmful links in real-time. ATP has rich reporting and URL trace capabilities that give admins insight into the kind of attacks happening in your organization.

The following are the primary ways you can use ATP for messaging protection:

  • In an Exchange Online Protection filtering-only scenario ATP provides cloud-based email protection for your on-premises Exchange Server 2013 environment, legacy Exchange Server versions, or any other on-premises SMTP email solution.

  • As a part of Microsoft Exchange Online ATP can be enabled to protect Exchange Online cloud-hosted mailboxes. To learn more about Exchange Online, see the Exchange Online Service Description.

  • In a hybrid deployment ATP can be configured to protect your messaging environment and control mail routing when you have a mix of on-premises and cloud mailboxes with Exchange Online Protection for inbound email filtering.

You can export, save, and print pages in the Office 365 Service Descriptions. Learn how to export multiple pages.

ATP is included in Office 365 Enterprise E5. You can add ATP to the following Exchange and Office 365 subscription plans:

  • Exchange Online Plan 1

  • Exchange Online Plan 2

  • Exchange Online Kiosk

  • Exchange Online Protection

  • Office 365 Business Essentials

  • Office 365 Business Premium

  • Office 365 Enterprise E1

  • Office 365 Enterprise E3

  • Office 365 Enterprise K1

  • Office 365 Education

To buy Exchange Online Advanced Threat Protection, see Exchange Online Advanced Threat Protection.

To compare features across plans, see Compare Office 365 for Business plans.

ATP can be used with any SMTP mail transfer agent, such as Microsoft Exchange Server 2013. For information about the operating systems, web browsers, and languages that are supported by ATP, see the “Supported browsers” and “Supported languages” sections in Exchange Admin Center in Exchange Online Protection.

Each feature is listed below. When Exchange Online is mentioned, it typically refers to the Office 365 Enterprise service family.


FeatureATP standaloneATP features in Exchange Online

Safe Links



Safe Attachments



ATP’s Safe Links feature proactively protects your users from malicious hyperlinks in a message. The protection remains every time they click the link, as malicious links are dynamically blocked while good links can be accessed.

Safe Attachments protects against unknown malware and viruses, and provides zero-day protection to safeguard your messaging system. All messages and attachments that don’t have a known virus/malware signature are routed to a special environment where ATP uses a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the message is released for delivery to the mailbox.

Comments or questions about this topic? Send your feedback to Office 365 Service Description Feedback. Need help with Office 365? Visit the Microsoft support center. Want to chat with a customer service representative? Go to the Select a plan page and click Chat now in the red banner at the top.