Messageware Exchange Protocol Guard (EPG) is a security solution for on-premises Microsoft Exchange Server that monitors and controls logon activity across nine Exchange messaging protocols. EPG addresses attack vectors that standard multi-factor authentication solutions leave exposed, including services such as EWS, ActiveSync, and Autodiscover. It collects logon data in real time, analyzes it for threats, and applies automated security controls to stop unauthorized access attempts. Key protection capabilities include: - High-Volume Attack (HVA) detection: identifies and stops brute force attacks that can trigger mass Active Directory lockouts - Low-Volume Attack (LVA) detection: identifies persistent password guessing attacks that operate below AD lockout thresholds, evading traditional detection - Geographic access restrictions: allows administrators to block connections by country or geo-location - Real-time threat data feeds: flags connections from known malicious sources and probing activity - Dynamic CAPTCHA for OWA and ECP: challenges users and bots on Outlook Web and ECP logon pages - Independent lockout system: maintains its own lockout mechanism separate from Active Directory to reduce help desk load from password resets EPG also provides automated alerting for password failures and blocked connections, SQL-integrated reporting with built-in and custom reports, and configurable security policy enforcement. It is compatible with Microsoft Exchange Server 2013, 2016, and 2019.