diff --git a/mdop/mbam-v25/mbam-25-supported-configurations.md b/mdop/mbam-v25/mbam-25-supported-configurations.md index 195791d851..4eb36ebf32 100644 --- a/mdop/mbam-v25/mbam-25-supported-configurations.md +++ b/mdop/mbam-v25/mbam-25-supported-configurations.md @@ -284,7 +284,7 @@ MBAM supports the following versions of Configuration Manager. -

Microsoft System Center Configuration Manager (Current Branch), version 1610

+

Microsoft System Center Configuration Manager (Current Branch), versions up to 1806

64-bit

diff --git a/windows/client-management/mdm/firewall-csp.md b/windows/client-management/mdm/firewall-csp.md index 1a552c057a..57a80b55f0 100644 --- a/windows/client-management/mdm/firewall-csp.md +++ b/windows/client-management/mdm/firewall-csp.md @@ -14,7 +14,7 @@ ms.date: 01/26/2018 The Firewall configuration service provider (CSP) allows the mobile device management (MDM) server to configure the Windows Defender Firewall global settings, per profile settings, as well as the desired set of custom rules to be enforced on the device. Using the Firewall CSP the IT admin can now manage non-domain devices, and reduce the risk of network security threats across all systems connecting to the corporate network. This CSP was added Windows 10, version 1709. -Firewall configuration commands must be wrapped in an Atomic block in SyncML. +Each of the Firewall rules in the FirewallRules section must be wrapped in an Atomic block in SyncML. For detailed information on some of the fields below see [[MS-FASP]: Firewall and Advanced Security Protocol documentation](https://msdn.microsoft.com/en-us/library/mt620101.aspx). @@ -284,7 +284,7 @@ Sample syncxml to provision the firewall settings to evaluate **FirewallRules/_FirewallRuleName_/Enabled**

Indicates whether the rule is enabled or disabled. If the rule must be enabled, this value must be set to true. -

If not specified - a new rule is disabled by default.

+

If not specified - a new rule is enabled by default.

Boolean value. Supported operations are Get and Replace.

**FirewallRules/_FirewallRuleName_/Profiles** @@ -310,7 +310,7 @@ Sample syncxml to provision the firewall settings to evaluate

Value type is string. Supported operations are Get and Replace.

diff --git a/windows/configuration/wcd/wcd-policies.md b/windows/configuration/wcd/wcd-policies.md index a8b96f80b9..1ba48ada16 100644 --- a/windows/configuration/wcd/wcd-policies.md +++ b/windows/configuration/wcd/wcd-policies.md @@ -49,7 +49,7 @@ This section describes the **Policies** settings that you can configure in [prov | [AllowDeveloperUnlock](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowdeveloperunlock) | Whether developer unlock of device is allowed | X | X | X | X | X | | [AllowGameDVR](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowgamedvr) |Whether DVR and broadcasting is allowed | X | | | | | | [AllowSharedUserAppData](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowshareduserappdata) | Whether multiple users of the same app can share data | X | X | | | | -| [AllowStore](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowstore) | Whether app store is allowed at device (?) | | X | | | | +| [AllowStore](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowstore) | Whether app store is allowed at device | | X | | | | | [ApplicationRestrictions](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-applicationrestrictions) | An XML blob that specifies app restrictions, such as an allow list, disallow list, etc. | | x | | | | | [RestrictAppDataToSystemVolume](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-restrictappdatatosystemvolume) | Whether app data is restricted to the system drive | X | X | | | | | [RestrictAppToSystemVolume](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-restrictapptosystemvolume) | Whether the installation of apps is restricted to the system drive | X | X | | | | diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md index 11d1a66100..f986fd3e0e 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-new-install.md @@ -60,7 +60,7 @@ Sign-in using _Enterprise Admin_ equivalent credentials on Windows Server 2012 o 1. Open an elevated Windows PowerShell prompt. 2. Use the following command to install the Active Directory Certificate Services role. ```PowerShell - Add-WindowsFeature Adcs-Cert-Authority -IncludeManageTools + add-windowsfeature adcs-cert-authority -IncludeManagementTools ``` 3. Use the following command to configure the Certificate Authority using a basic certificate authority configuration. diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md index a7574b02af..aa73196ed9 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md @@ -53,10 +53,9 @@ You can also [enable audit mode](audit-windows-defender-exploit-guard.md) for th >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how each of them work. Windows Defender EG can be managed and reported on in the Windows Defender Security Center as part of the Windows Defender Advanced Threat Protection suite of threat mitigation, preventing, protection, and analysis technologies, which also includes: -- [The Windows Defender ATP console](../windows-defender-atp/windows-defender-advanced-threat-protection.md) +- [Windows Defender Security Center](../windows-defender-atp/windows-defender-security-center-atp) - [Windows Defender Antivirus in Windows 10](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) -- [Windows Defender SmartScreen](../windows-defender-smartscreen/windows-defender-smartscreen-overview.md) -- Windows Defender Device Guard +- [Windows Defender Application Control](../windows-defender-application-control/windows-defender-application-control) - [Windows Defender Application Guard](../windows-defender-application-guard/wd-app-guard-overview.md) You can use the Windows Defender ATP console to obtain detailed reporting into events and blocks as part of the usual [alert investigation scenarios](../windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md). You can [sign up for a free trial of Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-docs-msa4053440) to see how it works. @@ -76,7 +75,7 @@ This section covers requirements for each feature in Windows Defender EG. | Feature | Windows 10 Home | Windows 10 Professional | Windows 10 E3 | Windows 10 E5 | | ----------------- | :------------------------------------: | :---------------------------: | :-------------------------: | :--------------------------------------: | | Exploit protection | ![supported](./images/ball_50.png) | ![supported](./images/ball_50.png) | ![supported, enhanced](./images/ball_75.png) | ![supported, full reporting](./images/ball_full.png) | -| Attack surface reduction | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, full reporting](./images/ball_full.png) | +| Attack surface reduction | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) | | Network protection | ![not supported](./images/ball_empty.png) | ![not supported](./images/ball_empty.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) | | Controlled folder access | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, limited reporting](./images/ball_50.png) | ![supported, full reporting](./images/ball_full.png) |