Merge pull request #4873 from MicrosoftDocs/master

Publish 3/10/2021 10:30 AM PT
2025-05-13 05:47:23 +00:00 · 2021-03-10 10:36:13 -08:00 · 2021-03-10 10:36:13 -08:00 · 2ea45427fb
commit 2ea45427fb
parent cfd58143c8 9ded4922cd
4 changed files with 86 additions and 34 deletions
--- a/windows/security/threat-protection/microsoft-defender-atp/gov.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/gov.md
@ -23,7 +23,7 @@ ms.technology: mde
 **Applies to:**
 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
-Microsoft Defender for Endpoint for US Government customers, built in the US Azure Government environment, uses the same underlying technologies as Defender for Endpoint in Azure Commercial.
+Microsoft Defender for Endpoint for US Government customers, built in the Azure US Government environment, uses the same underlying technologies as Defender for Endpoint in Azure Commercial.
 This offering is available to GCC, GCC High, and DoD customers and is based on the same prevention, detection, investigation, and remediation as the commercial version. However, there are some differences in the availability of capabilities for this offering.
@ -37,8 +37,8 @@ Microsoft Defender for Endpoint for US Government customers requires one of the
 GCC | GCC High | DoD
 :---|:---|:---
 Windows 10 Enterprise E5 GCC | Windows 10 Enterprise E5 for GCC High | Windows 10 Enterprise E5 for DOD
-| | Microsoft 365 E5 for GCC High | 
+| | Microsoft 365 E5 for GCC High | Microsoft 365 G5 for DOD
-| | Microsoft 365 G5 Security for GCC High | 
+| | Microsoft 365 G5 Security for GCC High | Microsoft 365 G5 Security for DOD
 Microsoft Defender for Endpoint - GCC | Microsoft Defender for Endpoint for GCC High | Microsoft Defender for Endpoint for DOD
 ### Server licensing
@ -86,8 +86,8 @@ Windows 8.1 Enterprise | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/
 Windows 8 Pro | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Windows 7 SP1 Enterprise | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Windows 7 SP1 Pro | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
-Linux | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
+Linux | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out
-macOS | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
+macOS | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out
 Android | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
 iOS | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
@ -124,6 +124,20 @@ For more information, see [Configure device proxy and Internet connectivity sett
 >
 > When filtering, look for the records labeled as "US Gov" and your specific cloud under the geography column.
 ### Service backend IP ranges
 If your network devices don't support DNS-based rules, use IP ranges instead.
 Defender for Endpoint for US Government customers is built in the Azure US Government environment, deployed in the following regions:
 - AzureCloud.usgovtexas
 - AzureCloud.usgovvirginia
 You can find the Azure IP ranges in [Azure IP Ranges and Service Tags – US Government Cloud](https://www.microsoft.com/download/details.aspx?id=57063).
 > [!NOTE]
 > As a cloud-based solution, the IP address ranges can change. It's recommended you move to DNS-based rules.
 <br>
 ## API
@ -138,18 +152,18 @@ SIEM | `https://wdatp-alertexporter-us.gcc.securitycenter.windows.us` | `https:/
 <br>
 ## Feature parity with commercial
-Defender for Endpoint doesn't have complete parity with the commercial offering. While our goal is to deliver all commercial features and functionality to our US Government customers, there are some capabilities not yet available we want to highlight.
+Defender for Endpoint for US Government customers doesn't have complete parity with the commercial offering. While our goal is to deliver all commercial features and functionality to our US Government customers, there are some capabilities not yet available we want to highlight.
-These are the known gaps as of February 2021:
+These are the known gaps as of March 2021:
 Feature name | GCC | GCC High | DoD (PREVIEW)
 :---|:---|:---|:---
 Automated investigation and remediation: Live response | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Automated investigation and remediation: Response to Office 365 alerts | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
-Email notifications | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out
+Email notifications | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Evaluation lab | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Management and APIs: Device health and compliance report | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
-Management and APIs: Integration with third-party products | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
+Management and APIs: Integration with third-party products | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out
 Management and APIs: Streaming API | ![Yes](../images/svg/check-yes.svg) | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
 Management and APIs: Threat protection report | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Threat & vulnerability management | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
--- a/windows/security/threat-protection/microsoft-defender-atp/ios-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-whatsnew.md
@ -0,0 +1,36 @@
 ---
 title: What's new in Microsoft Defender for Endpoint for iOS
 description: Learn about the major changes for previous versions of Microsoft Defender for Endpoint for iOS.
 keywords: microsoft, defender, atp, mac, installation, macos, whatsnew
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
 ms.mktglfcycl: security
 ms.sitesec: library
 ms.pagetype: security
 ms.author: sunasing
 author: sunasing
 ms.localizationpriority: medium
 manager: sunasing
 audience: ITPro
 ms.collection: 
  - m365-security-compliance
  - m365initiative-defender-endpoint
 ms.topic: conceptual
 ms.technology: mde
 ---
 # What's new in Microsoft Defender for Endpoint for iOS
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 **Applies to:**
 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 ## 1.1.15010101
 - With this version, we are announcing support for iPadOS/iPad devices.
 - Bug fixes.
--- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md
@ -43,6 +43,9 @@ When network protection blocks a connection, a notification is displayed from th
 You can also use [audit mode](audit-windows-defender.md) to evaluate how network protection would impact your organization if it were enabled.
 > [!NOTE]
 > If network protection is enabled and platform updates are managed, it could cause some systems to lose network connectivity if their systems aren't updated. As a result, some devices might lose network connectivity. In a managed environment, make sure that Configuration Manager auto deployment rule is updating the platform. Make sure this is fully deployed to all clients before turning on network protection.
 ## Requirements
 Network protection requires Windows 10 Pro or Enterprise, and Microsoft Defender Antivirus real-time protection.
--- a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
@ -1,6 +1,6 @@
 ---
-title: Set up Microsoft Defender ATP deployment
+title: Set up Microsoft Defender for Endpoint deployment
-description: Learn how to setup the deployment for Microsoft Defender ATP
+description: Learn how to set up the deployment for Microsoft Defender for Endpoint
 keywords: deploy, setup, licensing validation, tenant configuration, network configuration
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@ -47,7 +47,7 @@ In this deployment scenario, you'll be guided through the steps on:
 >[!NOTE]
->For the purpose of guiding you through a typical deployment, this scenario will only cover the use of Microsoft Endpoint Configuration Manager. Defender for Endpoint supports the use of other onboarding tools but will not cover those scenarios in the deployment guide. For more information, see [Onboard devices to Microsoft Defender for Endpoint](onboard-configure.md).
+>For the purpose of guiding you through a typical deployment, this scenario will only cover the use of Microsoft Endpoint Configuration Manager. Defender for Endpoint supports the use of other onboarding tools but won't cover those scenarios in the deployment guide. For more information, see [Onboard devices to Microsoft Defender for Endpoint](onboard-configure.md).
 ## Check license state
@ -59,7 +59,7 @@ Checking for the license state and whether it got properly provisioned, can be d
 1. Alternately, in the admin center, navigate to **Billing** > **Subscriptions**.
-    On the screen, you will see all the provisioned licenses and their current **Status**.
+    On the screen, you'll see all the provisioned licenses and their current **Status**.
    ![Image of billing licenses](images/atp-billing-subscriptions.png)
@ -93,7 +93,7 @@ When accessing Microsoft Defender Security Center for the first time, a wizard t
 4. Set up preferences.
-   **Data storage location** - It's important to set this up correctly. Determine where the customer wants to be primarily hosted: US, EU, or UK. You cannot change the location after this set up and Microsoft will not transfer the data from the specified geolocation. 
+   **Data storage location** - It's important to set this up correctly. Determine where the customer wants to be primarily hosted: US, EU, or UK. You can't change the location after this set up and Microsoft won't transfer the data from the specified geolocation. 
    **Data retention** - The default is six months.
@ -109,7 +109,7 @@ When accessing Microsoft Defender Security Center for the first time, a wizard t
 ## Network configuration
-If the organization does not require the endpoints to use a Proxy to access the
+If the organization doesn't require the endpoints to use a Proxy to access the
 Internet, skip this section.
 The Microsoft Defender for Endpoint sensor requires Microsoft Windows HTTP (WinHTTP) to
@ -127,15 +127,11 @@ the following discovery methods:
 -   Web Proxy Autodiscovery Protocol (WPAD)
-If a Transparent proxy or WPAD has been implemented in the network topology,
+If a Transparent proxy or WPAD has been implemented in the network topology, 
 there is no need for special configuration settings. For more information on
 Microsoft Defender for Endpoint URL exclusions in the proxy, see the
-Appendix section in this document for the URLs allow list or on
+[Proxy Service URLs](production-deployment.md#proxy-service-urls) section in this document for the URLs allow list or on
-[Microsoft
+[Configure device proxy and Internet connectivity settings](configure-proxy-internet.md#enable-access-to-microsoft-defender-for-endpoint-service-urls-in-the-proxy-server).
 Docs](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection#enable-access-to-windows-defender-atp-service-urls-in-the-proxy-server).
 > [!NOTE]
 > For a detailed list of URLs that need to be allowed, please see [this article](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus).
 **Manual static proxy configuration:**
@ -229,24 +225,27 @@ The following downloadable spreadsheet lists the services and their associated U
 |![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/>  | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx) 
-###  Microsoft Defender for Endpoint service backend IP range
+###  Microsoft Defender for Endpoint service backend IP ranges
-If you network devices don't support the URLs listed in the prior section, you can use the following information.
+If your network devices don't support DNS-based rules, use IP ranges instead.
-Defender for Endpoint is built on Azure cloud, deployed in the following regions:
+Defender for Endpoint is built in Azure cloud, deployed in the following regions:
- \+\<Region Name="uswestcentral">
+- AzureCloud.eastus
- \+\<Region Name="useast2">
+- AzureCloud.eastus2
- \+\<Region Name="useast">
+- AzureCloud.westcentralus
- \+\<Region Name="europenorth">
+- AzureCloud.northeurope
- \+\<Region Name="europewest">
+- AzureCloud.westeurope
- \+\<Region Name="uksouth">
+- AzureCloud.uksouth
- \+\<Region Name="ukwest">
+- AzureCloud.ukwest
-You can find the Azure IP range on [Microsoft Azure Datacenter IP Ranges](https://www.microsoft.com/en-us/download/details.aspx?id=41653).
+You can find the Azure IP ranges in [Azure IP Ranges and Service Tags – Public Cloud](https://www.microsoft.com/download/details.aspx?id=56519).
 > [!NOTE]
-> As a cloud-based solution, the IP address range can change. It's recommended you move to DNS resolving setting.
+> As a cloud-based solution, the IP address ranges can change. It's recommended you move to DNS-based rules.
 > [!NOTE]
 > If you are a US Government customer, please see the corresponding section in the [Defender for Endpoint for US Government](gov.md#service-backend-ip-ranges) page.
 ## Next step