Merge branch 'main' into v-mathavale-5916892

2025-06-24 06:43:38 +00:00 · 2022-04-20 11:49:03 -06:00
parent 28ec7f0381 a694b95c68
commit 0480b81c52
22 changed files with 84 additions and 91 deletions
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security.md
@ -78,17 +78,3 @@ If you don't want users to see the recommendation to update TPM firmware, you ca

 5. [Deploy the updated GPO as you normally do](/windows/win32/srvnodes/group-policy). 

-## Disable Memory integrity switch
-If you don't want users to be able to change the Hypervisor Control Integrity (HVCI), or memory integrity, setting on their computers, you can disable the **Memory integrity** switch.
-> [!IMPORTANT]
-> You must have Windows 10, version 1803 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
-
-1.  On your Group Policy management computer, open the [Group Policy Management Console](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2.  In the **Group Policy Management Editor** go to **Computer configuration** and then select **Administrative templates**.
-
-3.  Expand the tree to **Windows components** > **Windows Security** > **Device security**.
-
-4.  Open the **Disable Memory integrity switch** setting and set it to **Enabled**. Select **OK**.
-
-5. [Deploy the updated GPO as you normally do](/windows/win32/srvnodes/group-policy).
--- a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
+++ b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
@ -27,10 +27,9 @@ ms.technology: windows-sec
 >[!IMPORTANT]
 >This information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

-To get started, open Device Configuration in Intune, then create a new profile. 
-Choose Windows 10 or Windows 11 as the platform, and Endpoint Protection as the profile type. 
+To get started, Open the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), and then go to **Devices** > **Windows** > **Configuration profiles** > **Create profile** > Choose **Windows 10 and later** as the platform, Choose **Templates**, then **Endpoint protection** as the profile type. 
 Select Windows Defender Firewall.
-![Windows Defender Firewall in Intune.](images/windows-firewall-intune.png)
+:::image type="content" source="images/windows-firewall-intune.png" alt-text="Example of a Windows Defender Firewall policy in Microsoft Endpoint Manager.":::

 >[!IMPORTANT]
 >A single Endpoint Protection profile may contain up to a maximum of 150 firewall rules. If a client device requires more than 150 rules, then multiple profiles must be assigned to it.
@ -115,4 +114,4 @@ Specifies the list of authorized local users for this rule. A list of authorized

 ## Configuring firewall rules programmatically

-Coming soon.
+Coming soon.
--- a/windows/security/threat-protection/windows-firewall/images/windows-firewall-intune.png
+++ b/windows/security/threat-protection/windows-firewall/images/windows-firewall-intune.png