mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 13:27:23 +00:00
Merge https://github.com/microsoftdocs/windows-itpro-docs into pub-2-pri
This commit is contained in:
greg-lindsay
commit
0bd0c6cd92
@ -81,6 +81,9 @@ This table shows the correct sequence for applying the various tasks to the file
|
||||
|Add .NET and .NET cumulative updates | | | 24 |
|
||||
|Export image | 8 | 17 | 25 |
|
||||
|
||||
> [!NOTE]
|
||||
> Starting in February 2021, the latest cumulative update and servicing stack update will be combined and distributed in the Microsoft Update Catalog as a new combined cumulative update. For Steps 1, 9, and 18 that require the servicing stack update for updating the installation media, you should use the combined cumulative update. For more information on the combined cumulative update, see [Servicing stack updates](https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates).
|
||||
|
||||
### Multiple Windows editions
|
||||
|
||||
The main operating system file (install.wim) contains multiple editions of Windows 10. It’s possible that only an update for a given edition is required to deploy it, based on the index. Or, it might be that all editions need an update. Further, ensure that languages are installed before Features on Demand, and the latest cumulative update is always applied last.
|
||||
|
||||
@ -29,8 +29,6 @@ Servicing stack updates provide fixes to the servicing stack, the component that
|
||||
|
||||
Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don't install the latest servicing stack update, there's a risk that your device can't be updated with the latest Microsoft security fixes.
|
||||
|
||||
For information about some changes to servicing stack updates, see [Simplifing Deployment of Servicing Stack Updates](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/simplifying-on-premises-deployment-of-servicing-stack-updates/ba-p/1646039) on the Windows IT Pro blog.
|
||||
|
||||
## When are they released?
|
||||
|
||||
Servicing stack update are released depending on new issues or vulnerabilities. In rare occasions a servicing stack update may need to be released on demand to address an issue impacting systems installing the monthly security update. Starting in November 2018 new servicing stack updates will be classified as "Security" with a severity rating of "Critical."
|
||||
@ -44,7 +42,6 @@ Both Windows 10 and Windows Server use the cumulative update mechanism, in which
|
||||
|
||||
Servicing stack updates must ship separately from the cumulative updates because they modify the component that installs Windows updates. The servicing stack is released separately because the servicing stack itself requires an update. For example, the cumulative update [KB4284880](https://support.microsoft.com/help/4284880/windows-10-update-kb4284880) requires the [May 17, 2018 servicing stack update](https://support.microsoft.com/help/4132216), which includes updates to Windows Update.
|
||||
|
||||
|
||||
## Is there any special guidance?
|
||||
|
||||
Microsoft recommends you install the latest servicing stack updates for your operating system before installing the latest cumulative update.
|
||||
@ -58,3 +55,7 @@ Typically, the improvements are reliability and performance improvements that do
|
||||
* Servicing stack update releases are specific to the operating system version (build number), much like quality updates.
|
||||
* Search to install latest available [Servicing stack update for Windows 10](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001).
|
||||
* Once a servicing stack update is installed, it cannot be removed or uninstalled from the machine.
|
||||
|
||||
## Simplifying on-premises deployment of servicing stack updates
|
||||
|
||||
With the Windows Update experience, servicing stack updates and cumulative updates are deployed together to the device. The update stack automatically orchestrates the installation, so both are applied correctly. Starting in February 2021, the cumulative update will include the latest servicing stack updates, to provide a single cumulative update payload to both Windows Server Update Services (WSUS) and Microsoft Catalog. If you use an endpoint management tool backed by WSUS, such as Configuration Manager, you will only have to select and deploy the monthly cumulative update. The latest servicing stack updates will automatically be applied correctly. Release notes and file information for cumulative updates, including those related to the servicing stack, will be in a single KB article. The combined monthly cumulative update will be available on Windows 10, version 2004 and later starting with the 2021 2C release, KB4601382.
|
||||
|
||||
@ -120,7 +120,7 @@ Spreadsheet of domains list | Description
|
||||
For more information, see [Configure device proxy and Internet connectivity settings](configure-proxy-internet.md).
|
||||
|
||||
> [!NOTE]
|
||||
> The spreadsheet contains commercial URLs as well, make sure you check the "US Gov" tabs. <br> When filtering look for the records labeled as "US Gov" and your specific cloud under the geography column.
|
||||
> The spreadsheet contains commercial URLs as well, make sure you check the "US Gov" tabs. <br> When filtering, look for the records labeled as "US Gov" and your specific cloud under the geography column.
|
||||
|
||||
<br>
|
||||
|
||||
@ -155,7 +155,7 @@ Threat analytics |  |  In development |  In development |  In development
|
||||
Integrations: Azure Sentinel |  |  In development |  In development
|
||||
Integrations: Microsoft Cloud App Security |  On engineering backlog |  On engineering backlog |  On engineering backlog
|
||||
Integrations: Microsoft Compliance Center |  On engineering backlog |  On engineering backlog |  On engineering backlog
|
||||
Integrations: Microsoft Compliance Manager |  On engineering backlog |  On engineering backlog |  On engineering backlog
|
||||
Integrations: Microsoft Defender for Identity |  On engineering backlog |  On engineering backlog |  On engineering backlog
|
||||
Integrations: Microsoft Defender for Office 365 |  On engineering backlog |  On engineering backlog |  On engineering backlog
|
||||
Integrations: Microsoft Endpoint DLP |  On engineering backlog |  On engineering backlog |  On engineering backlog
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Configure Microsoft Cloud App Security integration
|
||||
ms.reviewer:
|
||||
description: Learn how to turn on the settings to enable the Microsoft Defender ATP integration with Microsoft Cloud App Security.
|
||||
description: Learn how to turn on the settings to enable the Microsoft Defender for Endpoint integration with Microsoft Cloud App Security.
|
||||
keywords: cloud, app, security, settings, integration, discovery, report
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
search.appverid: met150
|
||||
@ -35,7 +35,7 @@ To benefit from Microsoft Defender for Endpoint cloud app discovery signals, tur
|
||||
>[!NOTE]
|
||||
>This feature will be available with an E5 license for [Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) on devices running Windows 10, version 1709 (OS Build 16299.1085 with [KB4493441](https://support.microsoft.com/help/4493441)), Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/help/4493464)), Windows 10, version 1809 (OS Build 17763.379 with [KB4489899](https://support.microsoft.com/help/4489899)) or later Windows 10 versions.
|
||||
|
||||
> See [Microsoft Defender for Endpoint integration with Microsoft Cloud App Security](https://docs.microsoft.com/cloud-app-security/wdatp-integration) for detailed integration of Microsoft Defender for Endpoint with Microsoft Cloud App Security.
|
||||
> See [Microsoft Defender for Endpoint integration with Microsoft Cloud App Security](https://docs.microsoft.com/cloud-app-security/mde-integration) for detailed integration of Microsoft Defender for Endpoint with Microsoft Cloud App Security.
|
||||
|
||||
## Enable Microsoft Cloud App Security in Microsoft Defender for Endpoint
|
||||
|
||||
@ -52,7 +52,7 @@ To view and access Microsoft Defender for Endpoint data in Microsoft Cloud Apps
|
||||
|
||||
For more information about cloud discovery, see [Working with discovered apps](https://docs.microsoft.com/cloud-app-security/discovered-apps).
|
||||
|
||||
If you are interested in trying Microsoft Cloud App Security, see [Microsoft Cloud App Security Trial](https://signup.microsoft.com/Signup?OfferId=757c4c34-d589-46e4-9579-120bba5c92ed&ali=1).
|
||||
If you're interested in trying Microsoft Cloud App Security, see [Microsoft Cloud App Security Trial](https://signup.microsoft.com/Signup?OfferId=757c4c34-d589-46e4-9579-120bba5c92ed&ali=1).
|
||||
|
||||
## Related topic
|
||||
- [Microsoft Cloud App Security integration](microsoft-cloud-app-security-integration.md)
|
||||
|
||||
@ -15,6 +15,7 @@ ms.reviewer:
|
||||
manager: dansimp
|
||||
ms.custom: asr
|
||||
ms.technology: mde
|
||||
ms.date: 03/08/2021
|
||||
---
|
||||
|
||||
# Protect your network
|
||||
@ -27,33 +28,30 @@ ms.technology: mde
|
||||
|
||||
> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
|
||||
|
||||
Network protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that might host phishing scams, exploits, and other malicious content on the Internet. Network protection expands the scope of [Microsoft Defender SmartScreen](../microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) to block all outbound HTTP(s) traffic that attempts to connect to low-reputation sources (based on the domain or hostname).
|
||||
|
||||
Network protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.
|
||||
|
||||
Network protection expands the scope of [Microsoft Defender SmartScreen](../microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) to block all outbound HTTP(s) traffic that attempts to connect to low-reputation sources (based on the domain or hostname).
|
||||
|
||||
Network protection is supported beginning with Windows 10, version 1709.
|
||||
Network protection is supported on Windows, beginning with Windows 10, version 1709.
|
||||
|
||||
For more information about how to enable network protection, see [Enable network protection](enable-network-protection.md). Use Group Policy, PowerShell, or MDM CSPs to enable and manage network protection in your network.
|
||||
|
||||
> [!TIP]
|
||||
> You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
|
||||
> See the Microsoft Defender ATP testground site at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to see how network protection works.
|
||||
|
||||
Network protection works best with [Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into Windows Defender EG events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md).
|
||||
Network protection works best with [Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into exploit protection events and blocks as part of [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md).
|
||||
|
||||
When network protection blocks a connection, a notification will be displayed from the Action Center. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors.
|
||||
When network protection blocks a connection, a notification is displayed from the Action Center. Your security operations team can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your organization's details and contact information. In addition, individual attack surface reduction rules can be enabled and customized to suit certain techniques to monitor.
|
||||
|
||||
You can also use [audit mode](audit-windows-defender.md) to evaluate how Network protection would impact your organization if it were enabled.
|
||||
You can also use [audit mode](audit-windows-defender.md) to evaluate how network protection would impact your organization if it were enabled.
|
||||
|
||||
## Requirements
|
||||
|
||||
Network protection requires Windows 10 Pro or Enterprise, and Microsoft Defender Antivirus real-time protection.
|
||||
|
||||
| Windows 10 version | Microsoft Defender Antivirus |
|
||||
| Windows version | Microsoft Defender Antivirus |
|
||||
|:---|:---|
|
||||
| Windows 10 version 1709 or later | [Microsoft Defender AV real-time protection](../microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md) and [cloud-delivered protection](../microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md) must be enabled |
|
||||
| Windows 10 version 1709 or later <p>Windows Server 1803 or later | [Microsoft Defender Antivirus real-time protection](../microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md) and [cloud-delivered protection](../microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md) must be enabled |
|
||||
|
||||
After you have enabled the services, you might need to configure your network or firewall to allow the connections between the services and your endpoints.
|
||||
After you have enabled the services, you might need to configure your network or firewall to allow the connections between the services and your devices (also referred to as endpoints).
|
||||
|
||||
- .smartscreen.microsoft.com
|
||||
- .smartscreen-prod.microsoft.com
|
||||
@ -79,13 +77,13 @@ You can review the Windows event log to see events that are created when network
|
||||
|
||||
2. Select **OK**.
|
||||
|
||||
3. This will create a custom view that filters to only show the following events related to network protection:
|
||||
This procedure creates a custom view that filters to only show the following events related to network protection:
|
||||
|
||||
| Event ID | Description |
|
||||
|:---|:---|
|
||||
| 5007 | Event when settings are changed |
|
||||
| 1125 | Event when network protection fires in audit mode |
|
||||
| 1126 | Event when network protection fires in block mode |
|
||||
| Event ID | Description |
|
||||
|:---|:---|
|
||||
| 5007 | Event when settings are changed |
|
||||
| 1125 | Event when network protection fires in audit mode |
|
||||
| 1126 | Event when network protection fires in block mode |
|
||||
|
||||
## Related articles
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user