Merge pull request #4302 from MicrosoftDocs/mde-updates

General updates to deployment

windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md

@@ -27,25 +27,50 @@ ms.topic: article
 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
-There are three phases in deploying Defender for Endpoint:
 
-|Phase | Description | 
+Microsoft Defender for Endpoint has the capabilities to effectively protect your enterprise from cyber threats.
-|:-------|:-----|
+
-| ![Phase 1: Prepare](images/prepare.png)<br>[Phase 1: Prepare](prepare-deployment.md)| Learn about what you need to consider when deploying Defender for Endpoint: <br><br>- Stakeholders and sign-off <br> - Environment considerations <br>- Access <br> - Adoption order
+Learn how to deploy Microsoft Defender for Endpoint so that your enterprise can take advantage of preventative protection, post-breach detection, automated investigation, and response. 
-|  ![Phase 2: Setup](images/setup.png) <br>[Phase 2: Setup](production-deployment.md)|  Take the initial steps to access Microsoft Defender Security Center. You'll be guided on:<br><br>- Validating the licensing <br>  - Completing the setup wizard within the portal<br>- Network configuration|
-|  ![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them. 
 
 
+This solution provides guidance on the three phases of deployment. Each section corresponds to a separate article in this solution.
 
-The deployment guide will guide you through the recommended path in deploying Defender for Endpoint. 
+![Image of deployment phases](images/deployment-phases.png)
 
-If you're unfamiliar with the general deployment planning steps, check out the [Plan deployment](deployment-strategy.md) topic to get a  high-level overview of the general deployment steps and methods.
+Regardless of the environment architecture and method of deployment you choose outlined in the [Plan deployment](deployment-strategy.md) guidance, this guide is going to support you in onboarding endpoints. 
 
 
+## Prepare
+Learn about what you need to consider when deploying Defender for Endpoint such as stakeholder approvals, environment considerations, access permissions, and adoption order of capabilities. 
 
-## In Scope
+## Setup
+Get guidance on the initial steps you need to take so that you can access the portal such as validating licensing, completing the setup wizard, and network configuration. 
 
-The following is in scope for this deployment guide:
+## Onboard
+Learn how to make use of deployment rings, supported onboarding tools based on the type of endpoint, and configuring available capabilities.
+
+
+## Key capabilities
+
+This solution provides the following key capabilities:
+
+Capability | Description 
+:---|:---
+Eliminate risks and reduce your attack surface| Use attack surface reduction to minimize the areas where your organization could be vulnerable to threats.
+Block sophisticated threats and malware | Defend against never-before-seen polymorphic and metamorphic malware and fileless and file-based threats with next-generation protection.
+Remediation at scale with automation | Automatically investigate alerts and remediate complex threats in minutes. Apply best practices and intelligent decision-making algorithms to determine whether a threat is active and what action to take.
+Discover vulnerabilities and misconfigurations in real time | Bring security and IT together with Microsoft Threat & Vulnerability Management to quickly discover, prioritize, and remediate vulnerabilities and misconfigurations.
+Get expert-level threat monitoring and analysis | Empower your security operations centers with Microsoft Threat Experts. Get deep knowledge, advanced threat monitoring, analysis, and support to identify critical threats in your unique environment.
+Detect and respond to advanced attacks with behavioral monitoring | Spot attacks and zero-day exploits using advanced behavioral analytics and machine learning.
+Cross-platform support | Microsoft Defender for Endpoint provides security for non-Windows platforms including Mac, Linux servers, and Android.
+Evaluate capabilities | Fully evaluate our capabilities with a few simple clicks in the Microsoft Defender for Endpoint evaluation lab.
+Streamline and integrate via APIs | Integrate Microsoft Defender for Endpoint with your security solutions and streamline and automate security workflows with rich APIs.
+Simplify endpoint security management | Use a single pane of glass for all endpoint security actions, such as endpoint configuration, deployment, and management with Microsoft Endpoint Manager.
+
+
+## Scope
+
+### In scope
 
 -   Use of Microsoft Endpoint Configuration Manager and Microsoft Endpoint Manager to onboard endpoints into the service and configure capabilities
 
@@ -59,10 +84,19 @@ The following is in scope for this deployment guide:
     -   Attack surface reduction
 
 
-## Out of scope
+### Out of scope
 
 The following are out of scope of this deployment guide:
 
 -   Configuration of third-party solutions that might integrate with Defender for Endpoint
 
 -   Penetration testing in production environment
+
+
+
+
+## See also
+- [Phase 1: Prepare](prepare-deployment.md)
+- [Phase 2: Set up](production-deployment.md)
+- [Phase 3: Onboard](onboarding.md)
+- [Plan deployment](deployment-strategy.md)

windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md

@@ -25,15 +25,14 @@ ms.topic: article
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-secopsdashboard-abovefoldlink) 
 
-Depending on the requirements of your environment, we've put together material to help guide you through the various options you can adopt to deploy Defender for Endpoint. 
 
-These are the general steps you need to take to deploy Defender for Endpoint:
+Plan your Microsoft Defender for Endpoint deployment so that you can maximize the security capabilities within the suite and better protect your enterprise from cyber threats.
 
-![Image of deployment flow](images/onboarding-flow-diagram.png)
 
-- Identify architecture
+This solution provides guidance on how to identify your environment architecture, select the type of deployment tool that best fits your needs, and guidance on how to configure capabilities.
-- Select deployment method
+
-- Configure capabilities
+
+![Image of deployment flow](images/plan-deployment.png)
 
 
 ## Step 1: Identify architecture
@@ -43,7 +42,7 @@ Depending on your environment, some tools are better suited for certain architec
 
 Use the following material to select the appropriate Defender for Endpoint architecture that best suites your organization.
 
-|**Item**|**Description**|
+| Item | Description |
 |:-----|:-----|
 |[![Thumb image for Defender for Endpoint deployment strategy](images/mdatp-deployment-strategy.png)](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)<br/> [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)  \| [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx) | The architectural material helps you plan your deployment for the following architectures: <ul><li> Cloud-native </li><li> Co-management </li><li> On-premise</li><li>Evaluation and local onboarding</li>