deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #4937 from MicrosoftDocs/master

Browse Source 
Publish 3/19/2021 10:30 AM PT
This commit is contained in:
Tina Burden 2021-03-19 10:33:13 -07:00 committed by GitHub
commit 3808b4dbdb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 103 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/deployment/windows-10-subscription-activation.md
View File

@ -23,7 +23,7 @@ Starting with Windows 10, version 1703 Windows 10 Pro supports the Subscription
With Windows 10, version 1903 the Subscription Activation feature also supports the ability to step-up from Windows 10 Pro Education to the Enterprise grade edition for educational institutions—**Windows 10 Education**. With Windows 10, version 1903 the Subscription Activation feature also supports the ability to step-up from Windows 10 Pro Education to the Enterprise grade edition for educational institutions—**Windows 10 Education**.
The Subscription Activation feature eliminates the need to manually deploy Windows 10 Enterprise or Education images on each target device, then later standing up on-prem key management services such as KMS or MAK based activation, entering GVLKs, and subsequently rebooting client devices. The Subscription Activation feature eliminates the need to manually deploy Windows 10 Enterprise or Education images on each target device, then later standing up on-prem key management services such as KMS or MAK based activation, entering Generic Volume License Keys (GVLKs), and subsequently rebooting client devices.
## Subscription Activation for Windows 10 Enterprise ## Subscription Activation for Windows 10 Enterprise

10
windows/security/identity-protection/vpn/vpn-connection-type.md
View File

@ -43,6 +43,9 @@ There are many options for VPN clients. In Windows 10, the built-in plug-in and
SSTP is supported for Windows desktop editions only. SSTP cannot be configured using mobile device management (MDM), but it is one of the protocols attempted in the **Automatic** option. SSTP is supported for Windows desktop editions only. SSTP cannot be configured using mobile device management (MDM), but it is one of the protocols attempted in the **Automatic** option.
> [!NOTE]
> When a VPN plug-in is used, the adapter will be listed as an SSTP adapter, even though the VPN protocol used is the plug-in's protocol.
- Automatic - Automatic
The **Automatic** option means that the device will try each of the built-in tunneling protocols until one succeeds. It will attempt from most secure to least secure. The **Automatic** option means that the device will try each of the built-in tunneling protocols until one succeeds. It will attempt from most secure to least secure.
@ -63,11 +66,13 @@ See [VPN profile options](vpn-profile-options.md) and [VPNv2 CSP](https://msdn.m
The following image shows connection options in a VPN Profile configuration policy using Microsoft Intune: The following image shows connection options in a VPN Profile configuration policy using Microsoft Intune:
![Available connection types](images/vpn-connection-intune.png) > [!div class="mx-imgBorder"]
> ![Available connection types](images/vpn-connection-intune.png)
In Intune, you can also include custom XML for third-party plug-in profiles: In Intune, you can also include custom XML for third-party plug-in profiles:
![Custom XML](images/vpn-custom-xml-intune.png) > [!div class="mx-imgBorder"]
> ![Custom XML](images/vpn-custom-xml-intune.png)
## Related topics ## Related topics
@ -85,4 +90,3 @@ In Intune, you can also include custom XML for third-party plug-in profiles:

98
windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md
View File

@ -43,7 +43,7 @@ The following steps can be used to troubleshoot and mitigate these issues:
1. Disable real-time protection using one of the following methods and observe whether the performance improves. This approach helps narrow down whether Microsoft Defender for Endpoint for Mac is contributing to the performance issues. 1. Disable real-time protection using one of the following methods and observe whether the performance improves. This approach helps narrow down whether Microsoft Defender for Endpoint for Mac is contributing to the performance issues.
If your device is not managed by your organization, real-time protection can be disabled using one of the following options: If your device is not managed by your organization, real-time protection can be disabled using one of the following options:
- From the user interface. Open Microsoft Defender for Endpoint for Mac and navigate to **Manage settings**. - From the user interface. Open Microsoft Defender for Endpoint for Mac and navigate to **Manage settings**.
@ -55,10 +55,102 @@ The following steps can be used to troubleshoot and mitigate these issues:
mdatp config real-time-protection --value disabled mdatp config real-time-protection --value disabled
``` ```
If your device is managed by your organization, real-time protection can be disabled by your administrator using the instructions in [Set preferences for Microsoft Defender for Endpoint for Mac](mac-preferences.md). If your device is managed by your organization, real-time protection can be disabled by your administrator using the instructions in [Set preferences for Microsoft Defender for Endpoint for Mac](mac-preferences.md).
If the performance problem persists while real-time protection is off, the origin of the problem could be the endpoint detection and response component. In this case, please contact customer support for further instructions and mitigation.
2. Open Finder and navigate to **Applications** > **Utilities**. Open **Activity Monitor** and analyze which applications are using the resources on your system. Typical examples include software updaters and compilers. 2. Open Finder and navigate to **Applications** > **Utilities**. Open **Activity Monitor** and analyze which applications are using the resources on your system. Typical examples include software updaters and compilers.
3. Configure Microsoft Defender for Endpoint for Mac with exclusions for the processes or disk locations that contribute to the performance issues and re-enable real-time protection. 1. To find the applications that are triggering the most scans, you can use real-time statistics gathered by Defender for Endpoint for Mac.
> [!NOTE]
> This feature is available in version 100.90.70 or newer.
This feature is enabled by default on the **Dogfood** and **InsiderFast** channels. If you're using a different update channel, this feature can be enabled from the command line:
```bash
mdatp config real-time-protection-statistics --value enabled
```
This feature requires real-time protection to be enabled. To check the status of real-time protection, run the following command:
```bash
mdatp health --field real_time_protection_enabled
```
Verify that the **real_time_protection_enabled** entry is true. Otherwise, run the following command to enable it:
```bash
mdatp config real-time-protection --value enabled
```
```output
Configuration property updated
```
To collect current statistics, run:
```bash
mdatp config real-time-protection --value enabled
```
> [!NOTE]
> Using **--output json** (note the double dash) ensures that the output format is ready for parsing.
The output of this command will show all processes and their associated scan activity.
1. On your Mac system, download the sample Python parser high_cpu_parser.py using the command:
```bash
wget -c https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/linux/diagnostic/high_cpu_parser.py
```
The output of this command should be similar to the following:
```Output
--2020-11-14 11:27:27-- https://raw.githubusercontent.com/microsoft.
mdatp-xplat/master/linus/diagnostic/high_cpu_parser.py
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.xxx.xxx
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)| 151.101.xxx.xxx| :443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1020 [text/plain]
Saving to: 'high_cpu_parser.py'
100%[===========================================>] 1,020 --.-K/s in
0s
```
1. Next, type the following commands:
```bash
chmod +x high_cpu_parser.py
```
```bash
cat real_time_protection.json | python high_cpu_parser.py > real_time_protection.log
```
The output of the above is a list of the top contributors to performance issues. The first column is the process identifier (PID), the second column is te process name, and the last column is the number of scanned files, sorted by impact.
For example, the output of the command will be something like the below:
```output
... > python ~/repo/mdatp-xplat/linux/diagnostic/high_cpu_parser.py <~Downloads/output.json | head -n 10
27432 None 76703
73467 actool 1249
73914 xcodebuild 1081
73873 bash 1050
27475 None 836
1 launchd 407
73468 ibtool 344
549 telemetryd_v1 325
4764 None 228
125 CrashPlanService 164
```
To improve the performance of Defender for Endpoint for Mac, locate the one with the highest number under the Total files scanned row and add an exclusion for it. For more information, see [Configure and validate exclusions for Defender for Endpoint for Linux](linux-exclusions.md).
> [!NOTE]
> The application stores statistics in memory and only keeps track of file activity since it was started and real-time protection was enabled. Processes that were launched before or during periods when real time protection was off are not counted. Additionally, only events which triggered scans are counted.
1. Configure Microsoft Defender for Endpoint for Mac with exclusions for the processes or disk locations that contribute to the performance issues and re-enable real-time protection.
See [Configure and validate exclusions for Microsoft Defender for Endpoint for Mac](mac-exclusions.md) for details. See [Configure and validate exclusions for Microsoft Defender for Endpoint for Mac](mac-exclusions.md) for details.