AnsweredAssumed Answered

Exchange Online Protection

Question asked by John Sulik on Mar 9, 2016
Latest reply on Sep 16, 2016 by John Sulik

We are using Exchange Online Protection (EOP) from Microsoft.  When performing a PCI Scan, it automatically scans the external MS servers and fails due to "UDP Source Port Pass Firewall".

 

I opened a ticket with MS.  They have not yet provided an official response but indicated preliminary findings indicate that the "failure" is by design and does not represent any major vulnerability.

 

If MS won't make changes on their end then I'm not sure where to go from here.  Is this really an issue that should cause compliance to fail?

Outcomes