Forefront Online Protection for Exchange (FOPE) Concerns

Concerns regarding Forefront Online Protection for Exchange (FOPE)

Important changes for Forefront Online Protection for Exchange

The next version of Forefront Online Protection for Exchange (FOPE) will be called “Exchange Online Protection” (EOP).  This new version will be released in the first quarter of 2013.  As part of this change, FOPE will be taken off the published SPLA price list on 1st April 2013.  EOP will not be made available directly via the SPLA program; however SPLA Service Providers will be able to resell EOP through the Microsoft Office 365 Advisor Program.
Microsoft has published the below FAQs to address the FOPE changes specifically for SPLA Service Providers.
Q: What are the changes to the Forefront Online Protection for Exchange (FOPE) product?
The next version of Forefront Online Protection for Exchange (FOPE) will be called Exchange Online Protection (EOP). This new version will be released in Q1 of CY2013. As part of this change, FOPE will be taken off the SPLA price list on April 1, 2013. EOP will not be made available via the SPLA program.

1. What is Exchange Online Protection (EOP)?

EOP is the new version of FOPE, Microsoft’s hosted email gateway. It provides comprehensive email protection through multi-engine antivirus and continuously evolving anti-spam protection, enterprise class reliability, flexible policy rules and a streamlined administration console with detailed reporting.

Q: Why is Microsoft not making EOP available through SPLA?

This change has been made in an effort to better align product availability with program goals, as the SPLA program is intended primarily to enable partner-hosted services. EOP will be available for customers to purchase from Microsoft, and partners can resell EOP through the Microsoft Office 365 Advisor Program.

Q: What happens to Service Providers who currently use FOPE? Service Providers will be able to continue to use FOPE through SPLA and offer the service to their customers, through the term of their existing SPLA agreement with Microsoft.

For Service Providers whose existing SPLA agreement expires before April 1, 2013:These Service Providers will be able to add FOPE to their SPLA agreement when they renew their contract, if they so choose. Microsoft has put together a migration plan to ensure continuity of service for these Service Providers (and their customers) through the term of the existing SPLA agreement between the Service Provider and Microsoft. Starting July 1, 2013, Microsoft will begin to migrate FOPE tenants to the new EOP environment. Service Providers should continue to report usage via the SPLA program through the term of their existing SPLA agreement with Microsoft, and will be billed accordingly. The guidance for these Service Providers will be the same as guidance for Service Providers whose SPLA agreement expires on or after July 1, 2013 (see below for more details).

For Service Providers whose existing SPLA agreement expires between April 1, 2013 and June 30, 2013:

These Service Providers should continue to report the usage of FOPE SKUs through the end of their existing SPLA agreement term. Once their existing SPLA agreement term expires, they can choose to continue to utilize the service without reporting usage* through June 30, 2013, in order to provide partners and their customers with the opportunity to plan next steps. Starting July 1, 2013, FOPE access for the tenants served by these Service Providers will be deactivated. Service Providers can choose to continue offering protection services to their customers by reselling EOP through the Advisor program (Microsoft bills customer for service), or offer alternative solutions to their customers by migrating off FOPE.* The terms and conditions of the existing SPLA agreement will continue to apply to the use of the Forefront Online Protection for Exchange (FOPE) service by the Service Provider and its customers after the expiration of the SPLA agreement but prior to July 1, 2013. For Service Providers whose existing SPLA agreement expires on or after July 1, 2013:    Microsoft has put together a migration plan to ensure continuity of service for Service Providers (and their customers) through the term of the existing SPLA agreement between the Service Provider and Microsoft. Starting July 1, 2013, Microsoft will begin to migrate FOPE tenants to the new EOP environment. Service Providers should continue to report usage via the SPLA program through the term of their existing SPLA agreement with Microsoft, and will be billed accordingly. However, Service Providers will be required to sign up as a partner-of-record through the Microsoft Office 365 Advisor Program in order to enable them to manage-on-behalf-of their customers (note that Service Providers will still be able to bill their own customers and report FOPE usage via the SPLA program through the term of their existing SPLA agreement).Upon expiration of their existing SPLA agreement term, Service Providers can choose to continue offering the EOP service to their customers by reselling EOP through the Advisor program (Microsoft bills customer for service), or offer alternative solutions to their customers by migrating off EOP. If no action is taken when the SPLA agreement term expires, EOP access for the tenants served by the Service Provider will be deactivated.Additional details on migration and any required Service Provider actions will be made available closer to the migration period.
Q. What about those Service Providers who get access to FOPE through the Exchange Server 2010 Enterprise SAL and Exchange Server 2010 Enterprise Plus SA?

All Service Providers with active SPLA agreements who were reporting Exchange Server 2010 Enterprise SALs and/or Exchange Server 2010 Enterprise Plus SALs can continue using FOPE with their Exchange Server 2010 Enterprise/Enterprise Plus SALs until the expiration of their existing SPLA agreement term. These Service Providers should refer to the guidance listed in the previous question for details on the FOPE migration plan, based on when their existing SPLA agreement expires. Note that if these Service Providers deploy Exchange Server 2013 Enterprise SALs during the term of their existing SPLA agreement, they will no longer get access to FOPE/EOP since the Exchange Server 2013 use rights do not include EOP. Those Service Providers who started licensing Exchange Server 2013 Enterprise SALs and/or Exchange Server 2013 Enterprise Plus SALs on or after October 1, 2012 do not get FOPE as part of their Exchange Server 2013 product use rights.

2. When will FOPE come off the SPLA price list?

Service Providers can acquire licenses for FOPE through March 31st, 2013. As of April 1, 2013, FOPE will be removed from the published price list.
Q. Can Service Providers continue to report FOPE usage for existing FOPE customers on a monthly basis under SPLA?

Any Service Provider that was licensing FOPE under SPLA prior to its removal from the SPUR and the SPLA price list must continue to report the usage of FOPE through the end of their existing SPLA agreement term.
Q. Can Service Providers add incremental licenses to an existing FOPE tenant/customer under SPLA?

Yes, Service Providers can add incremental FOPE licenses for existing FOPE tenants/customers under SPLA, through the end of their existing SPLA agreement term.

Some Useful Links to Understand the new service in a better way.

 http://technet.microsoft.com/en-us/library/jj723146(v=exchg.150).aspx

http://technet.microsoft.com/en-us/library/dn305006(v=exchg.150).aspx

http://technet.microsoft.com/en-us/library/dn308239(v=exchg.150).aspx

Feature Comparison between FOPE and EOP.

http://technet.microsoft.com/en-us/library/dn305011(v=exchg.150).aspx

http://technet.microsoft.com/en-us/library/jj723115(v=exchg.150).aspx
Q. What are the differences between FOPE and EOP?

In general, EOP offers the same feature set as FOPE, with improvements such as a streamlined management console, detailed reporting, a new policy rules engine that is based on transport rules, E.U. routing capabilities, and enhanced anti-spam capabilities.  There are some changes to existing capabilities. The following table provides an overview of the changes:

FOPE EOP
Administration Console Specific FOPE Console with different look/feel Console with similar look/feel to Exchange Server 2013 and Office 365
Policy Rules FOPE specific policy rules Flexible rules based on Exchange Transport Rules engine with attachment scanning
RegEx Basic RegEx .Net RegEx Engine
Regional Routing U.S. Only E.U.* and U.S. routing
Intelligent Routing Virtual Domains Criteria Based Routing
Reporting Online reports only Detailed online reports and downloadable excel workbook
Spam management Granular spam management Granular spam management including bulk mail and international spam blocking
Malware Multi-engine anti-malware scanning Multi-engine anti-malware scanning with attachment blocking
Quarantine End-User and Admin Access Admin Access Only (at General Availability)

\**** Information as per Microsoft Website *****