Choosing the right deployment method is crucial for ensuring both efficiency and protection for your email security and management. Both MX and inline deployment options each offer distinct features and benefits. Below, we explore the key characteristics of each method to help you make an informed decision.
MX Deployment Method:
Industry standard for over 20 years
Provides spooling and email continuity capabilities
Supported by Microsoft (Enhanced Filtering)
Provides perimeter defenses, blocking threats before reaching the mail server
Best for volumetric style threats, such as spam, phishing, and malware
Filters mail for an entire domain
Can be used with any mail provider
Conceals the mail provider being used
3rd party service disruption would require DNS updates to fail-over
Simplistic mail flow: Internet > Barracuda > Microsoft
Inline Deployment Method:
A new approach promoted by Checkpoint
Leverages mail flow rules to route mail
Not natively supported by Microsoft
Requires Microsoft EOP to be disabled
No spooling or continuity. Relies on MSFT uptime/availability
Only available for Microsoft 365
Exposes mail provider to reconnaissance
Can be configured to filter specific users
Visibility of mail in the Message Log may vary based on Microsoft 365 configurations
Not equivalent to an API deployment
Creates duplicates with mail archiving using native MS journaling capability
Mail flow rules can be easily disabled in the event of a third-party outage
Complex mail flow: Internet > Microsoft > Internet [Barracuda] > Microsoft