From 0419ba351027e963bdf2c5d180e2f55c2e750f58 Mon Sep 17 00:00:00 2001 From: Kelly Baker Date: Mon, 27 Jan 2020 16:22:48 -0800 Subject: [PATCH 01/39] Edit pass: AppLocker rules @erhopf @Dansimp The edit is complete on this article per work item 3851148. Please review to ensure my edits didn't change technical accuracy and then sign off. Let me know if you have any questions! Thanks, Kelly --- .../applocker/document-your-applocker-rules.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md index acfdd8e57d..47e8f33091 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md @@ -1,6 +1,6 @@ --- title: Document your AppLocker rules (Windows 10) -description: Learn how to document your Applocker rules with this planning guide. Associate rule conditions with files, permissions, rule source, and implementation. +description: Learn how to document your AppLocker rules and associate rule conditions with files, permissions, rule source, and implementation. ms.assetid: 91a198ce-104a-45ff-b49b-487fb40cd2dd ms.reviewer: ms.author: dansimp @@ -23,7 +23,7 @@ ms.date: 09/21/2017 - Windows 10 - Windows Server -This topic describes what rule conditions to associate with each file, how to associate the rule conditions with each file, the source of the rule, and whether the file should be included or excluded. +This topic describes what AppLocker rule conditions to associate with each file, how to associate these rule conditions, the source of the rule, and whether the file should be included or excluded. ## Record your findings @@ -121,7 +121,7 @@ The following table details sample data for documenting rule type and rule condi ## Next steps -For each rule, determine whether to use the allow or deny option. Then, three tasks remain: +For each rule, determine whether to use the allow or deny option, and then complete the following tasks: - [Determine Group Policy structure and rule enforcement](determine-group-policy-structure-and-rule-enforcement.md) - [Plan for AppLocker policy management](plan-for-applocker-policy-management.md) From bbc69a2a89bf6f5a44282b58133046acfc42a801 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Fri, 7 Feb 2020 16:27:12 -0800 Subject: [PATCH 02/39] update icons --- windows/security/threat-protection/index.md | 11 +++++------ .../microsoft-defender-atp/images/AIR.png | Bin 0 -> 2290 bytes .../microsoft-defender-atp/images/ASR.png | Bin 0 -> 1544 bytes .../microsoft-defender-atp/images/EDR.png | Bin 0 -> 1589 bytes .../microsoft-defender-atp/images/MTE.png | Bin 0 -> 2120 bytes .../microsoft-defender-atp/images/NGP.png | 0 .../images/TVM_icon.png | Bin 1060 -> 1060 bytes 7 files changed, 5 insertions(+), 6 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/AIR.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/ASR.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/EDR.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/MTE.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/NGP.png diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index 014429c82a..6e17affb80 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -23,12 +23,11 @@ ms.topic: conceptual - - - - - - + + + + +

Threat & Vulnerability Management

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Secure score

Microsoft Threat Experts

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/AIR.png b/windows/security/threat-protection/microsoft-defender-atp/images/AIR.png new file mode 100644 index 0000000000000000000000000000000000000000..985e3e44296b98bf3d0853334e2fdc847a1b9bf0 GIT binary patch literal 2290 zcmXw)3pms58^?dj%dDS6qQ=l@Ayob`?IOylw&V~Z)#T9FG8;2YIlNYA%W?kr&q9br zMHKQX^3EX^tGp`7p?5{S(wxuo|LK4IpX<7x`?@~&_j#`8zMlKJAGVvz2}QUj8~^}C zJkG%#@^+gB+XBrLi@X-dDTLvCA^>39j!lyR@^2v^D9^w#;+4F;Yg$5J3B|G)K-^gtpozj1Bi|1x`8Xeg1&02W^6Ze}XCDf1*VC`91yk2eO; zx@UL?TTfEr1W^FqaC<48VkNH2-%PHak3JA))9tAHJB&Ckp)FUk=CTV24y5i7G*)BU2E zz>MJJ+>^1ih{zw-peS=H=(-^Z9{@^13>VD*JImgEYHpy<~evr=YwXp2QlU99OwM9^;d1Wo0EU zIy&;|mERLf3HeSRnTy`Fb7z>=VcseJWUa{~6DJi1S65e4ggL)Q&IrTpn0QyckCR_i zlt<*DZV-rQe1Ol}FZ3k4;y!^Zvg`vwlZ86v>MHK-ePbSK!S_cTIH(M$$hJzR9rU(W zzq>aAY$d%Ei(Oq@#%5z!C^xk;BUutGB6&SN0jm{dS#X8&$}x~kW}~}2jfjVMreL2b ztJdFSrxT4PZHyQX(|Q-gKCX#GA~SX$jbHe#0UX;1Qg_UfJn87@2*Z9~T*aiiVHEM) zfSUK&2Ckg;lD|)3NJHu@6ad89Ttusqsnn`UTBNyqg&LkaK#Ag;VN^^+C5DBu3Wv^|0J#3oRnY4nn34jhgO>^D46Q=Y4cX8J2N2MV*q0>gtBGCNLHNkn(%K(7!P(3tVUv zis77*(hbQIG#>bUCLo7=cOwE6Vzttno0~lZE|YVATJU=&qvW?F2Gk%jIs;?8J;GoxD~hJiCycdNt)nkq z;2f3sVNFA&rKQ^1+Mw`jLo1*O3g_nLKqV!w!R?*XSy@ma32X1WAm`qU#x$3e5lJN6 z`RME}#_|mDX1gAzM8}Nr+U?eSnNwaRoYGKSUvHtxo;p(9sY)=%rd!3YG0#kk-!m81 zr@z;CR8>_$m&fs~1LqD@9z)&sT?$SRtxtdYAh`H|u->O9-)tRqT5W!H{ffSWmEvhN zZKV?-A@@!$U;G(3?|tzz3JGsjIY?F3j3tXeL;MLLitqBexM1d|22c&_l1+n(i=fx}1FBX(BWqRwgkQ>DFeTI8Yu z3Mm%+poFpz+IMiTz8RRa+#7B&EuP;!a_)MVY(U#9g~5UvFL21Z76r4LEqSA!O6kkL z@Tq07Db>*SQPEO*V;GF}BY|*5+LvH!2!^}g?wM(q*D-D$&)DHuQ;CZ=ek_&)h33w* z_$~P6pFRuo@D|@K(w|ZO*RscIzbnVL0B8->I}7@Mi!z>8sta)%kAzb+I!hv0B$L)(>ylwN+eOv6!7c(Uxx(h^fY`*nZ}3k1RcoYJ?(Pj{RDbv*=|ZU#oIE=-=t&>=5X zQyZG@-3zI9YBUk4Yj~9>`XfZO>Ro<_WE2d~ZJ-X77#bCcz16E078j+Onw*lm=x^Q8 z-Z^Wj$4hI@rjA2>%hQVsV})53K&5oKP7mg8l;h>)^^v+bH8tg{Ef5HHA7T2{{Tyrz z&9#A^6wfTUyD6});%lspEBDeNo`Z@*+O<5Q27uy}9I}DV4QD{3+FTzP9qZvI*~th^ z%jgq}t9!C=P@0aB{pxbuF0|umkx114wo`5DNW$kASx_UEM*113ve|3}SzD;tAH48n zbavS@{X!&94lp${+mUwMsm#4jAqvJK*lD!4z)De3aeaOL%({M>iw`X!@Kq2$lu(5a5SNvgW(!U}-Z?+%8 zVwsa4FncXkWs6fyJHrh*A10#;Vg?_W{`}^omv!6FC{HxW=mvno@tnguLqkL5jE3@3 za4eKV>1!U3*JFV0zPU@#rvXpuW}feP-x=(mWM>=msuVi_<>h90>3-2ro6Q@y%#&rR z?6!eN!9&!=pX7mP%?)j>=Cva@?49t;Fq{PS3E831`ti(#eK(=69l$%fI8@pBvHlBl CBq+TA literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/ASR.png b/windows/security/threat-protection/microsoft-defender-atp/images/ASR.png new file mode 100644 index 0000000000000000000000000000000000000000..bf649e87ec76d53d39bfc5e9e7b17b4362600569 GIT binary patch literal 1544 zcmY+E2{7AP9LN98#GTb+|Egm|Evh!6m)1Ip#F@G)jv^6JR}+m;T}+(OII8PxQ)DSC zvY|y=rHh0*YC~34Y^b)XdMssHC97My|8!?}X5Y;3{boMj?|W~4@4fl4e7sz>)c2?Z z0HEdWhVg^4lRV&x(426zst-zPiEhD30HCo$9tr@v8iXK>?tT&rd!Yyib}MQwoIddd zVT0(7$@Ca14QOr^xj{&i4j~LViA0M{q{mVzzz#L!K8UN!xidBK0xkAT3?1O>h-@IL z{e{xVM7hf%VThOaI!Osb|lUDRf{%R4K1iRc;H2r6-U9?#e?` z08pNE$2bPWWW8mJJrB8p!qzcy{D z&&R{E=lj=f;k=9W`P_+sPYQJx4NpyEOMVNAJ*+>rGX4SGy?WFt-jA`|TWV>X5X~go zuZa$c%dTRJtWrPc)ffmCxViHt73jwey3A`IoY2ZmFaSV1IB?vI%^Hh~i)(6Xy0lVK zQrK)Zdi=XLtv6k44IFH2Y;0|D#=2d%Ct~O{8jVO4{shAZIhPu{mzp(pt@X6EeZ|6< zo0~_rfkSsYJF5_-vpEO&S%~L4<$m!OEOu+;542m5iu6cTRaKh@PvC=cNQSw5aCUZ9 zLqo%$1V-ZX;tUa>o?h4F&SxR<%PTA6V`Hp(H@NSq+r7O{mc$TqrEm7*9-2UR>K88XoQmry_ff zvmB{bxTnv~IZxi=@pzror@Kc0?MNThXaw3y#Hlw!Sz78dv%Wp3Ij|~&DP}!>Qr)3? zqLO;WD7U(%W^myhpU}kP4KJM2QzgBuk1TrAJwA}likc%{s3U@#kLMm>$&sl&;T*B4 zyY9VRK$M+QX6w>sN_ajRflhs;Z)ayWH#aBnwBT46do)}8dVb^83$OK%-Uq68VGa$} z!~8n`jYTn|vhd0i+|f?)TWfM@CS&i`U61`{k8JX?%yJ^`Y-gpL-cVJ_OP6itKa0~u zT|@5S<4peS({C$2{R7wG^f#K;&HwvH1)eVSQ2~MQqAzC%P&tDr;XX(IqKoo}kATli zb}i}%C^Xxe-oLzM)lS&3RZdg!fntSj6@rKzrX%Zfjj;Z;u3 z&q=re@ZW1QG6K9ZXO5&ANr@m+p>lyTa=d?}!bM?kqE={;R4Oei+u>g7a|sZnOAfbm zbab?}z3UoE&tFDEcPti*H?y#mmS8R~E-7iPtf-YBCBE*ieGtXhV0k-qmITLu%(1b7 zwGr)opr%A3dGBe6qGa{-*o956u9v-fWCwQTEiElgPfuU+W>i8o1_lQ9&!dsKX?N1X z_a88#V6IP0O`XE}BAl+`hE`>q+S)jF^x5nFs(V!43YW$Rct!K{O7+2@(9lARQ8lu{ zBN-ZWIu3`6I`VVC$Tgh?SJv}_{L9(X9*!V%lBcJqiE~<7+WGU=eR`uI_y|Ve=2TPf za6x9fPmHUKlt7`NP^i&%k>1SA%*T%(flNR4ypocz)ku$zKd@JO?YoTt^C?Jw z`cxc0mbjuSZRw3VsK>&M9BUd7T3K! literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/EDR.png b/windows/security/threat-protection/microsoft-defender-atp/images/EDR.png new file mode 100644 index 0000000000000000000000000000000000000000..8c750dee42d30ddfec3de18c93b744645f462904 GIT binary patch literal 1589 zcmXxkdpy%?90%}cuG`8bQ=H|Vh|pGXTDc|HqOvA;C02g54Kq1(I=Pigi6+IGmxEE$ zP`Q`u- zRTue!E68?|-BqrvAYwcN;{aHJk}nuwFm+|9O7rq@Qyo`;1D(xVj6(u$5;Hi9Eyt|h0CH;(9~L=D`U8v{llpgh;j_H zt`%j-O!dF>@ze++SdgZP|Bvm8CXRGVpTUNr+03 zFb;VK`{{LX-@kK`koh8BYI*pD-wf7VKxomSS8j<|t$Z6a-P*D1ktQk!i{)R)%G!7S z1yrVi9!s;25-GM3j9!y6`F4hl*;Wd4=hiu(kcOWmmo5o#j+YBk$tj|c4Xl#uR0@v! z=^l46q1)kldfdey8bUEFvy|oQeR*qk7Tq1|+q1z;J@Xv1p#XbwcJQD1`T2)eEYmf4 zg%G32I=f8U&b9kq#~4H+*(ZLC?9L2SeLFC4YH234X}||=VRQ>({Ke(6*%m^r9QR$N zn#m8h*IS*(zwPOv^G)~ImA#mJ{yb0czWg$!nLS``kei#6Qz7*>)w+Onxii#YujxYY z^V230i4|P#8CCTBA55$ne{+QQ%lfIQDShR=j~mISl9ILyT`a1rtA&sgu;Md{ieN^3 zs>!7%3yoIj^gP0p&r1%QjZjihPS-hGBPNr{Y&|@q&WP;GUi=O{y2FvQNSt*-Qr<}u zdhg(RlsiQ>1&*=r*4t&*p^Mig4PW!Rp=1P{f$;0+mNQNerrQbrECuwm6HEgo7J~Z% zz10T%wpsUJY0nS}5v2u(83R~*uL$X98L85hdjO5dKTV4;IPNapxL6neATIYRZdJEM z&ZaYmn2ey%{$ah%%hMIejEA@~tYMSmG8x9GAJlFNMr)L?`;CAF){QY$O3Z&eF?o#Kp`|A zsMYbGb~5wtJ8m=P`T8njV~ySH%?}!_1I2ZhGGRrnq5z_Q7;c8Cs24Qy6W8!HVjHqn zDZg#>Q0N?Y;nga0g^F0$G3q4DTRj;J9kQPf`eAHd7HJYT_BG&pe<{)Pk@d^P{+nTr z5|qKH6y7)7`mGelx#Mw>?Zk~8CFOXKr1vyA^N)+4{FtM2`v!zbqfayZPUvW|+i=@D zD&le!H-*=(iKnNP_NS`@f?rO@m_#B$p-|Uss!v#L+N7Gc zvmJwUTox)5{2ItRbXTftXdG*-g-r9G9>(0QuV+==Z(d^w0t$-Zx%`1f_+E-F%O!ekR> lH~O)wS9#$ENE;=E6|e3e{8?~4Q8pccm)l;~8kfVV{{kkr({KO) literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/MTE.png b/windows/security/threat-protection/microsoft-defender-atp/images/MTE.png new file mode 100644 index 0000000000000000000000000000000000000000..1d5693a399b2a145e5c2d0bc3818dbd3c6dbaa41 GIT binary patch literal 2120 zcmV-O2)Fl%P)p2ml%(0x@Df00007bVXQnL3MO!Z*l;suFOaP000bh zMObu1WpiV4X>fFDZ*Bk+2_Yi@000VfMObu0Z*X~XX=iA30IUzpIsgCw4s=CWbVG7w zVRUJ4ZXk4NZDjy8_YVmG000SeMObuGZ)S9NVRB^vU2y+80000BbVXQnL}_zlY+-3_ zWpV(wz_gD5000PdMObuKVRCM1Zf5|%8|H@q000McMObuGZ*_8GWdQa6gX;hQ00?wN zSad^gZEa<4bO83umcIZ100wkLSaeirbZlh+sP57y000LQNkl?x|6_+fY5B%JzvyEDI; z&+g1`X1=oo5#j$|!ftnZR8wdettfcN)-wPpU+1r-L?!O>bj1IM~@yoapHs^Jguqd z5Myp`?$V`8oO6%I)3h)mRw|W5B60fk>3YB}<>d7&EiEOJNknXg0RRXgfk0qpX6DM3 zD-N1#MYb^v!$_r4rfJ&EMT(-_x^*j)$=GeN71_qPdGqGd(vsKfwOf%8;`Mr`rlwR? zwOhBT>|yA-e*5-q2Mm@(Q7jgVckbMAR=t7jVdQeTVzDTS&Q}{rlCs&X{N)oLz-JRy61 zYS+QN?FN8746oPAId|KnAjq=pGRTuLZIup(!!9wb{Yz(Or<)*KWe=mTug_(BjInSy zyvrD|SgfO?gE8i~J;N~K@wm00Z=>vC_Pv2#>Sq;w0>N!Ff2WK^yuEbd-L=2>+9>5 zfj}ws`~8tfWN>gW9*^&UXVnIbO=+5@swyH%k|fLW)AK>Ls+}0SsP>qj>+9>KQmI@n zYnsM6mn2D1l#Y&$P$;xBE~qPv<>h6|_AC~Qnx;Lzk_dtziefMrj7FpJc>KVD1C4pg z8W#xoJr2jA!$FnH<9XUT=dH0})kKwR{~#QM$Xk zj~zR}T%a<>&tgJL% z@+<~H5Qc|`qtR$@Pfxfj4Dea`4UK>N@3mh{u4eN!kSWkDajMMgr{5n7{ov)$aMagk zjJdhFWHQMZYsK?qjLEWm?%cUe+PM`yov;1b|&Er}+K*_b*<&NC;`sx3#3Isw~SFK3)Ce_2RvfVN@6(f=2+QnITOH zC?e;0?QZ#6W&>n;Fe1IUU;foMqmk|Ewv-uGS67qCBmmeo+N>|}$=!11zg2@F_$eqN zNG+!$fq;)fKm-A17q!3qYpqz@ep}ra|HpVB%( znqy2)Pv>$upRc89jKjM6~ipyLLMW$m_&vf|1E&*4EY>ToDmMOw%+B z698n1v;~C{Qg2!{!eETe%*@zIO`9Tw7=}@)Q~+Rqr_=@v4k4e=?ce@|Ho{n5UM>_0 z&aMG049jvJdA=QoK9k40Jpu3b9d3k?&*x3kbaQ%MTwDZzS7UxLK%w5aZc!$_G3c-N zuo1??hY#HxeMC`w@ZbR=#=_Do1Afq4xTYLIrtf^Iqu%qny+lN3lY3Lvjg0j{e)v+z z)z{GY>v3hM{${c6xHnDHI$OK(o@=#QI-Ndq=FGQ_1PA-&xdjdC4DKdE_~~n14W8G< zK*U%q=JH;~vKMq+_jo+#$9vxXUCs$cm3<`o!ut@)E!-j zuwj1pwXToeZS`_%*X*_{vz7P$G`~_ZpF9bg2paofyywC}ZYkq_UB{^XTLtHf6AviZpoKm5n)g~^r0WgSHFMj~+jRPRgsZC^L<2@khW yVZWJLJ=p7ccf{ch?ViAJug}Tv#LqDHlKux>r6IrAf$NI^00001^`jg2pIqX From a1433fe3e57745af86702128cd18c8b116d50606 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:30:14 -0800 Subject: [PATCH 03/39] test --- devices/hololens/hololens-commercial-infrastructure.md | 1 + 1 file changed, 1 insertion(+) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index ad23e185ee..f44740003c 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -17,6 +17,7 @@ appliesto: --- # Configure Your Network +test This portion of the document will require the following people: 1. Network Admin with permissions to make changes to the proxy/firewall From 83b20f9ef31c3d7d29b97d599e28fc66e1b4df90 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:31:57 -0800 Subject: [PATCH 04/39] condensed --- .../hololens-commercial-infrastructure.md | 164 +++++++++++++----- 1 file changed, 118 insertions(+), 46 deletions(-) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index f44740003c..d37b307909 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -16,99 +16,171 @@ appliesto: - HoloLens 2 --- -# Configure Your Network -test +# Configure Your Network for HoloLens This portion of the document will require the following people: -1. Network Admin with permissions to make changes to the proxy/firewall -2. Azure Active Directory Admin -3. Mobile Device Manager Admin -4. Teams admin for Remote Assist only + +1. Network Admin with permissions to make changes to the proxy/firewall +2. Azure Active Directory Admin +3. Mobile Device Manager Admin ## Infrastructure Requirements +HoloLens is, at its core, a Windows mobile device integrated with Azure. It works best in commercial environments with wireless network availability (wi-fi) and access to Microsoft services. + +Critical cloud services include: + +- Azure active directory (AAD) +- Windows Update (WU) + +Commercial customers will need enterprise mobility management (EMM) or mobile device management (MDM) infrastructure to manage HoloLens devices at scale. This guide uses [Microsoft Intune](https://www.microsoft.com/enterprise-mobility-security/microsoft-intune) as an example, though any provider with full support for Microsoft Policy can support HoloLens. Ask your mobile device management provider if they support HoloLens 2. + +HoloLens does support a limited set of cloud disconnected experiences. + +### Wireless network EAP support + +- PEAP-MS-CHAPv2 +- PEAP-TLS +- TLS +- TTLS-CHAP +- TTLS-CHAPv2 +- TTLS-MS-CHAPv2 +- TTLS-PAP +- TTLS-TLS + ### HoloLens Specific Network Requirements + Make sure that these ports and URLs are allowed on your network firewall. This will enable HoloLens to function properly. The latest list can be found [here](hololens-offline.md). ### Remote Assist Specific Network Requirements -1. The recommended bandwidth for optimal performance of Remote Assist is 1.5Mbps. Detailed network requirements and additional information can be found [here](https://docs.microsoft.com/MicrosoftTeams/prepare-network). +1. The recommended bandwidth for optimal performance of Remote Assist is 1.5Mbps. Detailed network requirements and additional information can be found [here](https://docs.microsoft.com/MicrosoftTeams/prepare-network). **Please note, if you don’t network have network speeds of at least 1.5Mbps, Remote Assist will still work. However, quality may suffer.** 1. Make sure that these ports and URLs are allowed on your network firewall. This will enable Microsoft Teams to function. The latest list can be found [here](https://docs.microsoft.com/office365/enterprise/urls-and-ip-address-ranges#skype-for-business-online-and-microsoft-teams). ### Guides Specific Network Requirements + Guides only require network access to download and use the app. ## Azure Active Directory Guidance -This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. -### 1. Ensure that you have an Azure AD License. +>[!NOTE] +>This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. + +1. Ensure that you have an Azure AD License. Please [HoloLens Licenses Requirements](hololens-licenses-requirements.md)for additional information. -### 2. Ensure that your company’s users are in Azure Active Directory (Azure AD). +1. If you plan on using Auto Enrollment, you will have to [Configure Azure AD enrollment.](https://docs.microsoft.com/intune/deploy-use/.set-up-windows-device-management-with-microsoft-intune#azure-active-directory-enrollment) + +1. Ensure that your company’s users are in Azure Active Directory (Azure AD). Instructions for adding users can be found [here](https://docs.microsoft.com/azure/active-directory/fundamentals/add-users-azure-active-directory). -### 3. We suggest that users who will be need similar licenses are added to a group. -1. [Create a Group](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal) +1. We suggest that users who will be need similar licenses are added to a group. + 1. [Create a Group](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal) + 1. [Add users to groups](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-members-azure-portal) -2. [Add users to groups](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-members-azure-portal) - -### 4. Ensure that your company’s users (or group of users) are assigned the necessary licenses. +1. Ensure that your company’s users (or group of users) are assigned the necessary licenses. Directions for assigning licenses can be found [here](https://docs.microsoft.com/azure/active-directory/fundamentals/license-users-groups). -### 5. **IMPORTANT:** Only do this step if users are expected to enroll their HoloLens/Mobile device onto the network. +1. Only do this step if users are expected to enroll their HoloLens/Mobile device into you (There are three options) These steps ensure that your company’s users (or a group of users) can add devices. -1. Option 1: Give all users permission to join devices to Azure AD. + 1. **Option 1:** Give all users permission to join devices to Azure AD. **Sign in to the Azure portal as an administrator** > **Azure Active Directory** > **Devices** > **Device Settings** > **Set Users may join devices to Azure AD to *All*** -1. Option 2: Give selected users/groups permission to join devices to Azure AD + 1. **Option 2:** Give selected users/groups permission to join devices to Azure AD **Sign in to the Azure portal as an administrator** > **Azure Active Directory** > **Devices** > **Device Settings** > **Set Users may join devices to Azure AD to *Selected*** ![Image that shows Configuration of Azure AD Joined Devices](images/azure-ad-image.png) -1. Option 3: You can block all users from joining their devices to the domain. This means that all devices will need to be manually enrolled by your IT department. + 1. **Option 3:** You can block all users from joining their devices to the domain. This means that all devices will need to be manually enrolled. -## Mobile Device Manager Admin Steps +## Mobile Device Manager Guidance -### Scenario 1: Kiosk Mode -As a note, auto-launching an app does not currently work for HoloLens. +### Ongoing device management -How to Set Up Kiosk Mode Using Microsoft Intune. -#### 1. Sync Microsoft Store to Intune ([Here](https://docs.microsoft.com/intune/apps/windows-store-for-business)) +>[!NOTE] +>This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. +Ongoing device management will depend on your mobile device management infrastructure. Most have the same general functionality but the user interface may vary widely. -#### 2. Check your app settings +1. [CSPs (Configuration Service Providers)](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices) allows you to create and deploy management settings for the devices on your network. Some CSPs are supported by HoloLens devices. (See the list of CSPs for HoloLens [here](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices)). -1. Log into your Microsoft Store Business account -1. **Manage** > **Products and Services** > **Apps and Software** > **Select the app you want to sync** > **Private Store Availability** > **Select “Everyone” or “Specific Groups”** -1. If you do not see your apps in **Intune** > **Client Apps** > **Apps** , you may have to [sync your apps](https://docs.microsoft.com/intune/apps/windows-store-for-business#synchronize-apps) again. +1. [Compliance policies](https://docs.microsoft.com/intune/device-compliance-get-started) are rules and settings that devices must meet to be compliant in your corporate infrastructure. Use these policies with Conditional Access to block access to company resources for devices that are non-compliant. For example, you can create a policy that requires Bitlocker be enabled. -#### 3. Configuring Kiosk Mode using MDM +1. [Create Compliance Policy](https://docs.microsoft.com/intune/protect/compliance-policy-create-windows). -Information on configuring Kiosk Mode in Intune can be found [here](https://docs.microsoft.com/hololens/hololens-kiosk#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803) +1. Conditional Access allows/denies mobile devices and mobile applications from accessing company resources. Two documents you may find helpful are [Plan your CA Deployment](https://docs.microsoft.com/azure/active-directory/conditional-access/plan-conditional-access) and [Best Practices](https://docs.microsoft.com/azure/active-directory/conditional-access/best-practices). + +1. [This article](https://docs.microsoft.com/intune/fundamentals/windows-holographic-for-business) talks about Intune's management tools for HoloLens. + +1. [Create a device profile](https://docs.microsoft.com/intune/configuration/device-profile-create) + +### Manage updates + +Intune includes a feature called Update rings for Windows 10 devices, including HoloLens 2 and HoloLens v1 (with Holographic for Business). Update rings include a group of settings that determine how and when updates are installed. + +For example, you can create a maintenance window to install updates, or choose to restart after updates are installed. You can also choose to pause updates indefinitely until you're ready to update. + +Read more about [configuring update rings with Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure). + +### Application management + +Manage HoloLens applications through: + +1. Microsoft Store + The Microsoft Store is the best way to distribute and consume applications on HoloLens. There is a great set of core HoloLens applications already available in the store or you can [publish your own](https://docs.microsoft.com/windows/uwp/publish/). + All applications in the store are available publicly to everyone, but if it isn't acceptable, checkout the Microsoft Store for Business. + +1. [Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/) + Microsoft Store for Business and Education is a custom store for your corporate environment. It lets you use the Microsoft Store built into Windows 10 and HoloLens to find, acquire, distribute, and manage apps for your organization. It also lets you deploy apps that are specific to your commercial environment but not to the world. + +1. Application deployment and management via Intune or another mobile device management solution + Most mobile device management solutions, including Intune, provide a way to deploy line of business applications directly to a set of enrolled devices. See this article for [Intune app install](https://docs.microsoft.com/intune/apps-deploy). + +1. _not recommended_ Device Portal + Applications can also be installed on HoloLens directly using the Windows Device Portal. This isn't recommended since Developer Mode has to be enabled to use the device portal. + +Read more about [installing apps on HoloLens](https://docs.microsoft.com/hololens/hololens-install-apps). + +### Certificates + +You can distribute certifcates through your MDM provider. If your company requires certificates, Intune supports PKCS, PFX, and SCEP. It is important to understand which certificate is right for your company. Please visit [here](https://docs.microsoft.com/intune/protect/certificates-configure) to determine which cert is best for you. If you plan to use certs for HoloLens Authentication, PFX or SCEP may be right for you. + +Steps for SCEP can be found [here](https://docs.microsoft.com/intune/protect/certificates-profile-scep). + +### How to Upgrade to Holographics for Business Commercial Suite + +>[!NOTE] +>Windows Holographics for Business (commercial suite) is only intended for HoloLens 1st gen devices. The profile will not be applied to HoloLens 2 devices. + +Directions for upgrading to the commercial suite can be found [here](https://docs.microsoft.com/intune/configuration/holographic-upgrade). + +### How to Configure Kiosk Mode Using Microsoft Intune + +1. Sync Microsoft Store to Intune ([Here](https://docs.microsoft.com/intune/apps/windows-store-for-business)). + +1. Check your app settings + 1. Log into your Microsoft Store Business account + 1. **Manage** > **Products and Services** > **Apps and Software** > **Select the app you want to sync** > **Private Store Availability** > **Select “Everyone” or “Specific Groups”* + 1. If you do not see your apps in **Intune** > **Client Apps** > **Apps** , you may have to [sync your apps](https://docs.microsoft.com/intune/apps/windows-store-for-business#synchronize-apps) again. + +1. [Create a device profile for Kiosk mode](https://docs.microsoft.com/intune/configuration/kiosk-settings#create-the-profile) >[!NOTE] >You can configure different users to have different Kiosk Mode experiences by using “Azure AD” as the “User logon type”. However, this option is only available in Multi-App kiosk mode. Multi-App kiosk mode will work with only one app as well as multiple apps. ![Image that shows Configuration of Kiosk Mode in Intune](images/aad-kioskmode.png) -If you are configuring Kiosk Mode on an MDM other than Intune, please check your MDM provider's documentation. - -## Additional Intune Quick Links - -1. [Create Profiles:](https://docs.microsoft.com/intune/configuration/device-profile-create) Profiles allow you to add and configure settings that will be pushed to the devices in your organization. - -1. [CSPs (Configuration Service Providers)](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices) allows you to create and deploy management settings for the devices on your network. Some CSPs are supported by HoloLens devices. (See the list of CSPs for HoloLens [here](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices). - -1. [Create Compliance Policy](https://docs.microsoft.com/intune/protect/create-compliance-policy) - -1. Conditional Access allows/denies mobile devices and mobile applications from accessing company resources. Two documents you may find helpful are [Plan your CA Deployment](https://docs.microsoft.com/azure/active-directory/conditional-access/plan-conditional-access) and [Best Practices](https://docs.microsoft.com/azure/active-directory/conditional-access/best-practices). +For other MDM services, check your provider's documentation for instructions. If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, additional directions can be found [here](hololens-kiosk.md#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803) ## Certificates and Authentication -### MDM Certificate Distribution -If your company requires certificates, Intune supports PKCS, PFX, and SCEP. It is important to understand which certificate is right for your company. Please visit [here](https://docs.microsoft.com/intune/protect/certificates-configure) to determine which cert is best for you. If you plan to use certs for HoloLens Authentication, PFX or SCEP may be right for you. -Steps for SCEP can be found [here](https://docs.microsoft.com/intune/protect/certificates-profile-scep). +Certificates can be deployed via you MDM (see "certificates" in the [MDM Section](hololens-commercial-infrastructure.md#mobile-device-manager-guidance##)). Certificates can also be deployed to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning.md) for additional information. -### Device Certificates -Certificates can also be added to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning.md) for additional information. +### Additional Intune Quick Links + +1. [Create Profiles:](https://docs.microsoft.com/intune/configuration/device-profile-create) Profiles allow you to add and configure settings that will be pushed to the devices in your organization. + +## Next (Optional) Step: [Configure HoloLens using a provisioning package](hololens-provisioning.md) + +## Next Step: [Enroll your device](hololens-enroll-mdm.md) \ No newline at end of file From 8e2947a31e76310bbd6a9644015dda2f5f2008c1 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:35:00 -0800 Subject: [PATCH 05/39] Added new links and reorganized content --- devices/hololens/hololens-provisioning.md | 62 ++++++++++------------- 1 file changed, 27 insertions(+), 35 deletions(-) diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md index b22a4ef671..5f3e8b7bd2 100644 --- a/devices/hololens/hololens-provisioning.md +++ b/devices/hololens/hololens-provisioning.md @@ -14,46 +14,47 @@ manager: dansimp # Configure HoloLens using a provisioning package +[Windows provisioning](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-packages) makes it easy for IT administrators to configure end-user devices without imaging. Windows Configuration Designer is a tool for configuring images and runtime settings which are then built into provisioning packages. +Some of the HoloLens configurations that you can apply in a provisioning package: -[Windows provisioning](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-packages) makes it easy for IT administrators to configure end-user devices without imaging. Windows Configuration Designer is a tool for configuring images and runtime settings which are then built into provisioning packages. - -Some of the HoloLens configurations that you can apply in a provisioning package: -- Upgrade to Windows Holographic for Business +- Upgrade to Windows Holographic for Business [here](hololens1-upgrade-enterprise.md) - Set up a local account - Set up a Wi-Fi connection - Apply certificates to the device - -To create provisioning packages, you must install Windows Configuration Designer [from Microsoft Store](https://www.microsoft.com/store/apps/9nblggh4tx22) or [from the Windows Assessment and Deployment Kit (ADK) for Windows 10](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit). If you install Windows Configurations Designer from the Windows ADK, select **Configuration Designer** from the **Select the features you want to install** dialog box. - - - - -## Create a provisioning package for HoloLens using the HoloLens wizard +- Enable Developer Mode +- Configure Kiosk mode (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803). The HoloLens wizard helps you configure the following settings in a provisioning package: - Upgrade to the enterprise edition >[!NOTE] - >Settings in a provisioning package will only be applied if the provisioning package includes an edition upgrade license to Windows Holographic for Business or if [the device has already been upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md). + > This should only be used for HoloLens 1st Gen devices. Settings in a provisioning package will only be applied if the provisioning package includes an edition upgrade license to Windows Holographic for Business or if [the device has already been upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md). - Configure the HoloLens first experience (OOBE) -- Configure Wi-Fi network +- Configure Wi-Fi network - Enroll device in Azure Active Directory or create a local account - Add certificates - Enable Developer Mode +- Configure kiosk mode. (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803)). >[!WARNING] >You must run Windows Configuration Designer on Windows 10 to configure Azure Active Directory enrollment using any of the wizards. -Provisioning packages can include management instructions and policies, customization of network connections and policies, and more. +Provisioning packages can include management instructions and policies, customization of network connections and policies, and more. > [!TIP] > Use the desktop wizard to create a package with the common settings, then switch to the advanced editor to add other settings, apps, policies, etc. +## Steps for Creating Provisioning Packages -### Create the provisioning package +### 1. Install Windows Configuration Designer on your PC. (There are two ways to do this). + +1. **Option 1:** [From Microsoft Store](https://www.microsoft.com/store/apps/9nblggh4tx22) +2. **Option 2:** [From the Windows Assessment and Deployment Kit (ADK) for Windows 10](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit). If you install Windows Configurations Designer from the Windows ADK, select **Configuration Designer** from the **Select the features you want to install** dialog box. + +### 2. Create the Provisioning Package Use the Windows Configuration Designer tool to create a provisioning package. @@ -61,9 +62,9 @@ Use the Windows Configuration Designer tool to create a provisioning package. 2. Click **Provision HoloLens devices**. - ![ICD start options](images/icd-create-options-1703.png) + ![ICD start options](images/icd-create-options-1703.png) -3. Name your project and click **Finish**. +3. Name your project and click **Finish**. 4. Read the instructions on the **Getting started** page and select **Next**. The pages for desktop provisioning will walk you through the following steps. @@ -72,7 +73,6 @@ Use the Windows Configuration Designer tool to create a provisioning package. ### Configure settings - @@ -84,10 +84,7 @@ Use the Windows Configuration Designer tool to create a provisioning package. After you're done, click **Create**. It only takes a few seconds. When the package is built, the location where the package is stored is displayed as a hyperlink at the bottom of the page. - **Next step**: [How to apply a provisioning package](#apply) - - -## Create a provisioning package for HoloLens using advanced provisioning +### 3. Create a provisioning package for HoloLens using advanced provisioning >[!NOTE] >Settings in a provisioning package will only be applied if the provisioning package includes an edition upgrade license to Windows Holographic for Business or if [the device has already been upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md). @@ -106,7 +103,7 @@ After you're done, click **Create**. It only takes a few seconds. When the packa >[!IMPORTANT] >(For Windows 10, version 1607 only) If you create a local account in the provisioning package, you must change the password using the **Settings** app every 42 days. If the password is not changed during that period, the account might be locked out and unable to sign in. If the user account is locked out, you must [perform a full device recovery](https://developer.microsoft.com/windows/mixed-reality/reset_or_recover_your_hololens#perform_a_full_device_recovery). -8. On the **File** menu, click **Save**. +8. On the **File** menu, click **Save**. 4. Read the warning that project files may contain sensitive information, and click **OK**. @@ -135,7 +132,7 @@ After you're done, click **Create**. It only takes a few seconds. When the packa 9. Click **Build** to start building the package. The project information is displayed in the build page and the progress bar indicates the build status. -10. When the build completes, click **Finish**. +10. When the build completes, click **Finish**. ## Apply a provisioning package to HoloLens during setup @@ -157,17 +154,17 @@ After you're done, click **Create**. It only takes a few seconds. When the packa >[!NOTE] >If the device was purchased before August 2016, you will need to sign into the device with a Microsoft account, get the latest OS update, and then reset the OS in order to apply the provisioning package. -## Apply a provisioning package to HoloLens after setup +### 4. Apply a provisioning package to HoloLens after setup >[!NOTE] >Windows 10, version 1809 only On your PC: -1. Create a provisioning package as described at [Create a provisioning package for HoloLens using the HoloLens wizard](hololens-provisioning.md). -2. Connect the HoloLens device via USB to a PC. HoloLens will show up as a device in File Explorer on the PC. -3. Drag and drop the provisioning package to the Documents folder on the HoloLens. +1. Create a provisioning package as described at [Create a provisioning package for HoloLens using the HoloLens wizard](hololens-provisioning.md). +2. Connect the HoloLens device via USB to a PC. HoloLens will show up as a device in File Explorer on the PC. +3. Drag and drop the provisioning package to the Documents folder on the HoloLens. -On your HoloLens: +On your HoloLens: 1. Go to **Settings > Accounts > Access work or school**. 2. In **Related Settings**, select **Add or remove a provisioning package**. 3. On the next page, select **Add a package** to launch the file picker and select your provisioning package. If the folder is empty, make sure you select **This Device** and select **Documents**. @@ -192,9 +189,4 @@ In Windows Configuration Designer, when you create a provisioning package for Wi >[!NOTE] >App installation (**UniversalAppInstall**) using a provisioning package is not currently supported for HoloLens. - - - - - - +## Next Step: [Enroll your device](hololens-enroll-mdm.md) \ No newline at end of file From c9ad82809aa25d40809fe7810094d960f82eccb7 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:38:05 -0800 Subject: [PATCH 06/39] Added kiosk mode and a step approach to the doc. Added in considerations for planning deployment --- devices/hololens/hololens-requirements.md | 136 ++++++++-------------- 1 file changed, 47 insertions(+), 89 deletions(-) diff --git a/devices/hololens/hololens-requirements.md b/devices/hololens/hololens-requirements.md index eb068d6e65..fd898f7443 100644 --- a/devices/hololens/hololens-requirements.md +++ b/devices/hololens/hololens-requirements.md @@ -13,62 +13,67 @@ ms.date: 07/15/2019 # Deploy HoloLens in a commercial environment -You can deploy and configure HoloLens at scale in a commercial setting. +You can deploy and configure HoloLens at scale in a commercial setting. This article provides instructions for deploying HoloLens devices in a commercial environment. This guide assumes basic familiarity with HoloLens. Follow the [get started guide](hololens1-setup.md) to set up HoloLens for the first time. -This article includes: +## Overview of Deployment Steps -- Infrastructure requirements and recommendations for HoloLens management -- Tools for provisioning HoloLens -- Instructions for remote device management -- Options for application deployment +1. [Determine what features you need](hololens-requirements.md#step-1-determine-what-you-need) +1. [Determine what licenses you need](hololens-licenses-requirements.md) +1. [Configure your network for HoloLens](hololens-commercial-infrastructure.md). + 1. This section includes bandwidth requirements, URL and Ports that need to be whitelisted on your firewall, Azure AD guidance, Mobile Device Management Guidance, app deployment/management guidance, and certificate guidance. +1. (Optional) [Configure HoloLens using a provisioning package](hololens-provisioning.md) +1. [Enroll Device](hololens-enroll-mdm.md) +1. [Set up ring based updates for HoloLens](hololens-updates.md) +1. [Enable Bitlocker device encryption for HoloLens](hololens-encryption.md) -This guide assumes basic familiarity with HoloLens. Follow the [get started guide](hololens1-setup.md) to set up HoloLens for the first time. +## Step 1. Determine what you need -## Infrastructure for managing HoloLens +Before deploying the HoloLens in your environment, it is important to first determine what features, apps, and type of identities are needed. -HoloLens is, at its core, a Windows mobile device integrated with Azure. It works best in commercial environments with wireless network availability (wi-fi) and access to Microsoft services. +### Type of Features -Critical cloud services include: +Your feature requirements will determine which HoloLens you need. One popular feature that we see deployed in customer environments frequently is Kiosk Mode. A list of HoloLens key features, and the editions of HoloLens that support them, can be found [here](hololens-commercial-features). -- Azure active directory (AAD) -- Windows Update (WU) +**What is Kiosk Mode?** -Commercial customers will need enterprise mobility management (EMM) or mobile device management (MDM) infrastructure to manage HoloLens devices at scale. This guide uses [Microsoft Intune](https://www.microsoft.com/enterprise-mobility-security/microsoft-intune) as an example, though any provider with full support for Microsoft Policy can support HoloLens. Ask your mobile device management provider if they support HoloLens 2. +Kiosk mode is a way to restrict the apps that a user has access to. This means that users will only be allowed to access certain apps. -HoloLens does support a limited set of cloud disconnected experiences. +**What Kiosk Mode do I require?** -## Initial set up at scale +There are two types of Kiosk Modes: Single app and multi-app. Single app kiosk mode allows user to only access one app while multi-app kiosk mode allows users to access multiple specified apps. To determine which kiosk mode is right for your corporation, the following two questions need to be answered: -The HoloLens out of box experience is great for setting up one or two devices or for experiencing HoloLens for the first time. If you're provisioning many HoloLens devices, however, selecting your language and settings manually for each device gets tedious and limits scale. +1. **Do different users who are require different experiences/restrictions?** Example, User A is a field service engineer who only needs access to Remote Assist. User B is a trainee who only needs access to guides… etc. + 1. If yes, you will require the following: + 1. Azure AD Accounts as the method of signing into the devices. + 1. Multi-app kiosk mode. + 1. If no, continue to question two +1. **Do you require a multi-app experience?** + 1. If yes, Multi-app kiosk is mode is needed + 1. If your answer to question 1 and 2 are both no, Single-app kiosk mode can be used -This section: +**How to set up Kiosk Mode** -- Introduces Windows provisioning using provisioning packages -- Walks through applying a provisioning package during first setup +There are two main ways ([provisioning packages](hololens-kiosk.md#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) and [MDM](hololens-kiosk.md#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803)) to deploy kiosk mode for HoloLens. These options will be discussed later in the document; however, you can use the links above to jump to the respective sections in this doc. -### Create and apply a provisioning package +### Apps -The best way to configure many new HoloLens device is with Windows provisioning. You can use it to specify desired configuration and settings required to enroll the devices into management and then apply that configuration to target devices in minutes. +This deployment guide will cover the following types of apps: -A [provisioning package](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-packages) (.ppkg) is a collection of configuration settings. With Windows 10, you can create provisioning packages that let you quickly and efficiently configure a device. +1. Remote Assist +2. Guides +3. Customer Apps -### Upgrade to Windows Holographic for Business +Each step in this document will include instructions for each specific app. -- HoloLens Enterprise license XML file +### Type of identity -Some of the HoloLens configurations you can apply in a provisioning package: +Determine the type of identity that will be used to sign into the device. -- Apply certificates to the device -- Set up a Wi-Fi connection -- Pre-configure out of box questions like language and locale -- (HoloLens 2) bulk enroll in mobile device management -- (HoloLens v1) Apply key to enable Windows Holographic for Business +1. **Local Accounts:** This account is local to the device (like a local admin account on a windows PC). This will allow only 1 user to log into the device. +2. **MSA:** This will be a personal account (like outlook, hotmail, gmail, yahoo, etc.) This will allow only 1 user to log into the device. +3. **Azure Active Directory (Azure AD) accounts:** This is an account created in Azure AD. This grants your corporation the ability to manage the HoloLens device. This will allow multiple users to log into the HoloLens 1st Gen Commercial Suite/the HoloLens 2 device. -Follow [this guide](https://docs.microsoft.com/hololens/hololens-provisioning) to create and apply a provisioning package to HoloLens. - -### Set up user identity and enroll in device management - -The last step in setting up HoloLens for management at scale is to enroll devices with mobile device management infrastructure. There are several ways to enroll: +### Determine your enrollment method 1. Bulk enrollment with a security token in a provisioning package. Pros: this is the most automated approach @@ -80,66 +85,19 @@ The last step in setting up HoloLens for management at scale is to enroll device Pros: possible to enroll after set up Cons: most manual approach and devices aren't centrally manageable until they're manually enrolled. -Learn more about MDM enrollment [here](hololens-enroll-mdm.md). + More information can be found [here](hololens-enroll-mdm.md) -## Ongoing device management +### Determine if you need a provisioning package -Ongoing device management will depend on your mobile device management infrastructure. Most have the same general functionality but the user interface may vary widely. +There are two methods to configure a HoloLens device (Provisioning packages and MDMs). We suggest using your MDM to configure you HoloLens device, however, there are some scenarios where using a provisioning package is the better choice: -This article outlines [policies and capabilities HoloLens supports](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#hololens). +1. You want to skip the Out of Box Experience (OOBE) +1. You are having trouble deploying certificate in a complex network. The majority of the time you can deploy certificates using MDM (even in complex environments). However, some scenarios require certificates to be deployed through the provisioning package. -[This article](https://docs.microsoft.com/intune/windows-holographic-for-business) talks about Intune's management tools for HoloLens. - -### Push compliance policy via Intune - -[Compliance policies](https://docs.microsoft.com/intune/device-compliance-get-started) are rules and settings that devices must meet to be compliant in your corporate infrastructure. Use these policies with Conditional Access to block access to company resources for devices that are non-compliant. - -For example, you can create a policy that requires Bitlocker be enabled. - -[Create compliance policies with Intune](https://docs.microsoft.com/intune/compliance-policy-create-windows). - -### Manage updates - -Intune includes a feature called Update rings for Windows 10 devices, including HoloLens 2 and HoloLens v1 (with Holographic for Business). Update rings include a group of settings that determine how and when updates are installed. - -For example, you can create a maintenance window to install updates, or choose to restart after updates are installed. You can also choose to pause updates indefinitely until you're ready to update. - -Read more about [configuring update rings with Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure). - -## Application management - -Manage HoloLens applications through: - -1. Microsoft Store - The Microsoft Store is the best way to distribute and consume applications on HoloLens. There is a great set of core HoloLens applications already available in the store or you can [publish your own](https://docs.microsoft.com/windows/uwp/publish/). - All applications in the store are available publicly to everyone, but if it isn't acceptable, checkout the Microsoft Store for Business. - -1. [Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/) - Microsoft Store for Business and Education is a custom store for your corporate environment. It lets you use the Microsoft Store built into Windows 10 and HoloLens to find, acquire, distribute, and manage apps for your organization. It also lets you deploy apps that are specific to your commercial environment but not to the world. - -1. Application deployment and management via Intune or another mobile device management solution - Most mobile device management solutions, including Intune, provide a way to deploy line of business applications directly to a set of enrolled devices. See this article for [Intune app install](https://docs.microsoft.com/intune/apps-deploy). - -1. _not recommended_ Device Portal - Applications can also be installed on HoloLens directly using the Windows Device Portal. This isn't recommended since Developer Mode has to be enabled to use the device portal. - -Read more about [installing apps on HoloLens](https://docs.microsoft.com/hololens/hololens-install-apps). +## Next Step: [Determine what licenses you need](hololens-licenses-requirements.md) ## Get support Get support through the Microsoft support site. -[File a support request](https://support.microsoft.com/supportforbusiness/productselection?sapid=e9391227-fa6d-927b-0fff-f96288631b8f). - -## Technical Reference - -### Wireless network EAP support - -- PEAP-MS-CHAPv2 -- PEAP-TLS -- TLS -- TTLS-CHAP -- TTLS-CHAPv2 -- TTLS-MS-CHAPv2 -- TTLS-PAP -- TTLS-TLS +[File a support request](https://support.microsoft.com/supportforbusiness/productselection?sapid=e9391227-fa6d-927b-0fff-f96288631b8f). \ No newline at end of file From 8e7c7e383ccc66e3d619c903a36e76a0ad703cc6 Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:40:45 -0800 Subject: [PATCH 07/39] Added additional license reqs --- .../hololens-licenses-requirements.md | 51 +++++++++++++------ 1 file changed, 36 insertions(+), 15 deletions(-) diff --git a/devices/hololens/hololens-licenses-requirements.md b/devices/hololens/hololens-licenses-requirements.md index 6d33228879..2235cd5d38 100644 --- a/devices/hololens/hololens-licenses-requirements.md +++ b/devices/hololens/hololens-licenses-requirements.md @@ -16,35 +16,56 @@ appliesto: - HoloLens 2 --- -# Licenses Required for Mixed Reality Deployment - -If you plan on using a Mobile Device Management system (MDM) to manage your HoloLens, please review the MDM License Guidance section. +# Determine what licenses you need ## Mobile Device Management (MDM) Licenses Guidance +If you plan on managing your HoloLens devices, you will need Azure AD and an MDM. Active Director (AD) cannot be used to manage HoloLens devices. If you plan on using an MDM other than Intune, an [Azure Active Directory Licenses](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) is required. - -If you plan on using Intune as your MDM, you can acquire an [Enterprise Mobility + Security (EMS) suite (E3 or E5) licenses](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing). **Please note that Azure AD is included in both suites.** +If you plan on using Intune as your MDM, you can acquire an [Enterprise Mobility + Security (EMS) suite (E3 or E5) licenses](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/compare-plans-and-pricing). **Please note that Azure AD is included in both suites.** ## Identify the licenses needed for your scenario and products +### HoloLens Licenses Requirements + +You may need to upgrade your HoloLens 1st Gen Device to Windows Holographic for Business. (See [HoloLens commercial features](holoLens-commercial-features.md#feature-comparison-between-editions) to determine if you need to upgrade). + + If so, you will need to do the following: + +- Acquire a HoloLens Enterprise license XML file +- Apply the XML file to the HoloLens. You can do this through a [Provisioning package](hololens-provisioning.md) or through your [Mobile Device Manager](https://docs.microsoft.com/en-us/intune/configuration/holographic-upgrade) + +Some of the HoloLens configurations you can apply in a provisioning package: + +- Apply certificates to the device +- Set up a Wi-Fi connection +- Pre-configure out of box questions like language and locale +- (HoloLens 2) bulk enroll in mobile device management +- (HoloLens v1) Apply key to enable Windows Holographic for Business + +Follow [this guide](hololens-provisioning.md) to create and apply a provisioning package to HoloLens. + ### Remote Assist License Requirements + Make sure you have the required licensing and device. Updated licensing and product requirements can be found [here](https://docs.microsoft.com/dynamics365/mixed-reality/remote-assist/requirements). -1. [Remote Assist License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) -1. [Teams Freemium/Teams](https://products.office.com/microsoft-teams/free) -1. [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) +1. [Remote Assist License](https://docs.microsoft.com/dynamics365/mixed-reality/remote-assist/buy-and-deploy-remote-assist) +1. [Teams Freemium/Teams](https://products.office.com/microsoft-teams/free) +1. [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) ### Guides License Requirements + Updated licensing and device requirements can be found [here](https://docs.microsoft.com/dynamics365/mixed-reality/guides/requirements). -1. [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) -1. [Power BI](https://powerbi.microsoft.com/desktop/) -1. [Guides](https://docs.microsoft.com/dynamics365/mixed-reality/guides/setup) +1. [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis) +1. [Power BI](https://powerbi.microsoft.com/desktop/) +1. [Guides](https://docs.microsoft.com/dynamics365/mixed-reality/guides/setup) ### Scenario 1: Kiosk Mode -If you are not planning to use an MDM to manage your device and you are planning to use a local account or an MSA as the login identity, you will not need any additional licenses. Kiosk mode can be accomplished using a provisioning packages. -1. If you are **not** planning to use an MDM to manage your device and you are planning to use a local account or an MSA as the login identity, you will not need any additional licenses. Kiosk mode can be accomplished using a provisioning packages. -1. If you are planning to use an MDM other than Intune, your MDM provider will have steps on configuring Kiosk mode. -1. If you are planning to use **Intune** as your MDM, implementation directions can be found in [Configuring your Network for HoloLens](). +1. If you are **not** planning to manage your device and you are planning to use a local account or an MSA as the login identity, you will not need any additional licenses. Kiosk mode can be accomplished using a provisioning packages. +1. If you are planning to use an MDM to implement Kiosk mode, you will need an [Azure Active Directory (Azure AD) License](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-whatis). + +Additional information regarding kiosk mode will be covered in [Configuring your Network for HoloLens](hololens-commercial-infrastructure.md#how-to-configure-kiosk-mode-using-microsoft-intune). + +## Next Step: [Configure your network for HoloLens](hololens-commercial-infrastructure.md) \ No newline at end of file From 7dfce6130c6cb2f7b71c554cef9847be063f179e Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 10:43:08 -0800 Subject: [PATCH 08/39] Changed link structure for Intune/MDM section --- devices/hololens/hololens-kiosk.md | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md index d0dbb126b7..bc4389bb04 100644 --- a/devices/hololens/hololens-kiosk.md +++ b/devices/hololens/hololens-kiosk.md @@ -102,11 +102,11 @@ You will [create an XML file](#setup-kiosk-mode-using-a-provisioning-package-win ## Set up kiosk mode using Microsoft Intune or MDM (Windows 10, version 1803) -For HoloLens devices that are managed by Microsoft Intune, you [create a device profile](https://docs.microsoft.com/intune/device-profile-create) and configure the [Kiosk settings](https://docs.microsoft.com/intune/kiosk-settings). +For HoloLens devices that are managed by Microsoft Intune, directions can be found [here](hololens-commercial-infrastructure.md#how-to-configure-kiosk-mode-using-microsoft-intune). For other MDM services, check your provider's documentation for instructions. If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, [create an XML file that defines the kiosk configuration](#create-a-kiosk-configuration-xml-file), and make sure to include the [Start layout](#start-layout-for-a-provisioning-package) in the XML file. -## Setup kiosk mode using a provisioning package (Windows 10, version 1803) +## Set up kiosk mode using a provisioning package (Windows 10, version 1803) Process: 1. [Create an XML file that defines the kiosk configuration.](#create-a-kiosk-configuration-xml-file) @@ -155,7 +155,7 @@ Use the following snippet in your kiosk configuration XML to enable the **Guest* 13. On the **Provisioning package security** page, do not select **Enable package encryption** or provisioning will fail on HoloLens. You can choose to enable package signing. - - **Enable package signing** - If you select this option, you must select a valid certificate to use for signing the package. You can specify the certificate by clicking **Browse** and choosing the certificate you want to use to sign the package. + - **Enable package signing** - If you select this option, you must select a valid certificate to use for signing the package. You can specify the certificate by clicking **Browse** and choosing the certificate you want to use to sign the package. 14. Click **Next** to specify the output location where you want the provisioning package to go when it's built. By default, Windows Configuration Designer uses the project folder as the output location. Optionally, you can click **Browse** to change the default output location. @@ -181,7 +181,7 @@ Use the following snippet in your kiosk configuration XML to enable the **Guest* ## Set up kiosk mode using the Windows Device Portal (Windows 10, version 1607 and version 1803) -1. [Set up the HoloLens to use the Windows Device Portal](https://developer.microsoft.com/windows/mixed-reality/using_the_windows_device_portal#setting_up_hololens_to_use_windows_device_portal). The Device Portal is a web server on your HoloLens that you can connect to from a web browser on your PC. +1. [Set up the HoloLens to use the Windows Device Portal](https://developer.microsoft.com/windows/mixed-reality/using_the_windows_device_portal#setting_up_hololens_to_use_windows_device_portal). The Device Portal is a web server on your HoloLens that you can connect to from a web browser on your PC. >[!IMPORTANT] >When you set up HoloLens to use the Device Portal, you must enable **Developer Mode** on the device. **Developer Mode** on a device that has been upgraded to Windows Holographic for Business enables side-loading of apps, which risks the installation of apps that have not been certified by the Microsoft Store. Administrators can block the ability to enable **Developer Mode** using the **ApplicationManagement/AllowDeveloper Unlock** setting in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). [Learn more about Developer Mode.](https://msdn.microsoft.com/windows/uwp/get-started/enable-your-device-for-development#developer-mode) @@ -202,17 +202,14 @@ Use the following snippet in your kiosk configuration XML to enable the **Guest* 5. Select **Enable Kiosk Mode**, choose an app to run when the device starts, and click **Save**. - ## Kiosk app recommendations - You cannot select Microsoft Edge, Microsoft Store, or the Shell app as a kiosk app. - We recommend that you do **not** select the Settings app and the File Explorer app as a kiosk app. -- You can select Cortana as a kiosk app. +- You can select Cortana as a kiosk app. - To enable photo or video capture, the HoloCamera app must be enabled as a kiosk app. ## More information - - Watch how to configure a kiosk in a provisioning package. ->[!VIDEO https://www.microsoft.com/videoplayer/embed/fa125d0f-77e4-4f64-b03e-d634a4926884?autoplay=false] +>[!VIDEO https://www.microsoft.com/videoplayer/embed/fa125d0f-77e4-4f64-b03e-d634a4926884?autoplay=false] \ No newline at end of file From 06fc7ec743a4323454a970f32d1976e24f3f022f Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 11:22:04 -0800 Subject: [PATCH 09/39] Changes to fix warnings --- .../hololens/hololens-commercial-infrastructure.md | 2 +- devices/hololens/hololens-kiosk.md | 14 ++++++-------- devices/hololens/hololens-licenses-requirements.md | 2 +- devices/hololens/hololens-provisioning.md | 6 ++++-- devices/hololens/hololens-requirements.md | 2 +- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index d37b307909..a99a851024 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -175,7 +175,7 @@ For other MDM services, check your provider's documentation for instructions. If ## Certificates and Authentication -Certificates can be deployed via you MDM (see "certificates" in the [MDM Section](hololens-commercial-infrastructure.md#mobile-device-manager-guidance##)). Certificates can also be deployed to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning.md) for additional information. +Certificates can be deployed via you MDM (see "certificates" in the [MDM Section](hololens-commercial-infrastructure.md#mobile-device-manager-guidance)). Certificates can also be deployed to the HoloLens through package provisioning. Please see [HoloLens Provisioning](hololens-provisioning.md) for additional information. ### Additional Intune Quick Links diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md index bc4389bb04..ae870f5847 100644 --- a/devices/hololens/hololens-kiosk.md +++ b/devices/hololens/hololens-kiosk.md @@ -14,11 +14,9 @@ manager: dansimp # Set up HoloLens in kiosk mode - - In Windows 10, version 1803, you can configure your HoloLens devices to run as multi-app or single-app kiosks. You can also configure guest access for a HoloLens kiosk device by [designating a SpecialGroup account in your XML file.](#add-guest-access-to-the-kiosk-configuration-optional) -When HoloLens is configured as a multi-app kiosk, only the allowed apps are available to the user. The benefit of a multi-app kiosk, or fixed-purpose device, is to provide an easy-to-understand experience for individuals by putting in front of them only the things they need to use, and removing from their view the things they don’t need to access. +When HoloLens is configured as a multi-app kiosk, only the allowed apps are available to the user. The benefit of a multi-app kiosk, or fixed-purpose device, is to provide an easy-to-understand experience for individuals by putting in front of them only the things they need to use, and removing from their view the things they don’t need to access. Single-app kiosk mode starts the specified app when the user signs in, and restricts the user's ability to launch new apps or change the running app. When single-app kiosk mode is enabled for HoloLens, the [start gestures](https://docs.microsoft.com/hololens/hololens2-basic-usage#start-gesture) (including [Bloom](https://docs.microsoft.com/hololens/hololens1-basic-usage) on HoloLens (1st Gen)) and Cortana are disabled, and placed apps aren't shown in the user's surroundings. @@ -41,14 +39,14 @@ The [AssignedAccess Configuration Service Provider (CSP)](https://docs.microsoft For HoloLens devices running Windows 10, version 1803, there are three methods that you can use to configure the device as a kiosk: - You can use [Microsoft Intune or other mobile device management (MDM) service](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803) to configure single-app and multi-app kiosks. -- You can [use a provisioning package](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure single-app and multi-app kiosks. +- You can [use a provisioning package](#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure single-app and multi-app kiosks. - You can [use the Windows Device Portal](#set-up-kiosk-mode-using-the-windows-device-portal-windows-10-version-1607-and-version-1803) to configure single-app kiosks. This method is recommended only for demonstrations, as it requires that developer mode be enabled on the device. For HoloLens devices running Windows 10, version 1607, you can [use the Windows Device Portal](#set-up-kiosk-mode-using-the-windows-device-portal-windows-10-version-1607-and-version-1803) to configure single-app kiosks. ## Start layout for HoloLens -If you use [MDM, Microsoft Intune](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803), or a [provisioning package](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure a multi-app kiosk, the procedure requires a Start layout. Start layout customization isn't supported in Holographic for Business, so you'll need to use a placeholder Start layout. +If you use [MDM, Microsoft Intune](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803), or a [provisioning package](#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure a multi-app kiosk, the procedure requires a Start layout. Start layout customization isn't supported in Holographic for Business, so you'll need to use a placeholder Start layout. >[!NOTE] >Because a single-app kiosk launches the kiosk app when a user signs in, there is no Start screen displayed. @@ -58,7 +56,7 @@ If you use [MDM, Microsoft Intune](#set-up-kiosk-mode-using-microsoft-intune-or- Save the following sample as an XML file. You can use this file when you configure the multi-app kiosk in Microsoft Intune (or in another MDM service that provides a kiosk profile). >[!NOTE] ->If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, use the [Start layout instructions for a provisioning package](#start-layout-for-a-provisioning-package). +>If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, use the [Start layout instructions for a provisioning package](#start-layout-for-a-provisioning-package). ```xml - + ``` ### Start layout for a provisioning package -You will [create an XML file](#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to define the kiosk configuration to be included in a provisioning package. Use the following sample in the `StartLayout` section of your XML file. +You will [create an XML file](#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to define the kiosk configuration to be included in a provisioning package. Use the following sample in the `StartLayout` section of your XML file. ```xml diff --git a/devices/hololens/hololens-licenses-requirements.md b/devices/hololens/hololens-licenses-requirements.md index 2235cd5d38..7636395a6b 100644 --- a/devices/hololens/hololens-licenses-requirements.md +++ b/devices/hololens/hololens-licenses-requirements.md @@ -33,7 +33,7 @@ You may need to upgrade your HoloLens 1st Gen Device to Windows Holographic for If so, you will need to do the following: - Acquire a HoloLens Enterprise license XML file -- Apply the XML file to the HoloLens. You can do this through a [Provisioning package](hololens-provisioning.md) or through your [Mobile Device Manager](https://docs.microsoft.com/en-us/intune/configuration/holographic-upgrade) +- Apply the XML file to the HoloLens. You can do this through a [Provisioning package](hololens-provisioning.md) or through your [Mobile Device Manager](https://docs.microsoft.com/intune/configuration/holographic-upgrade) Some of the HoloLens configurations you can apply in a provisioning package: diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md index 5f3e8b7bd2..93a185f318 100644 --- a/devices/hololens/hololens-provisioning.md +++ b/devices/hololens/hololens-provisioning.md @@ -23,7 +23,9 @@ Some of the HoloLens configurations that you can apply in a provisioning package - Set up a Wi-Fi connection - Apply certificates to the device - Enable Developer Mode -- Configure Kiosk mode (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803). +- Configure Kiosk mode (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803). + +## Create a provisioning package for HoloLens using the HoloLens wizard The HoloLens wizard helps you configure the following settings in a provisioning package: @@ -37,7 +39,7 @@ The HoloLens wizard helps you configure the following settings in a provisioning - Enroll device in Azure Active Directory or create a local account - Add certificates - Enable Developer Mode -- Configure kiosk mode. (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#setup-kiosk-mode-using-a-provisioning-package-windows-10-version-1803)). +- Configure kiosk mode. (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803)). >[!WARNING] >You must run Windows Configuration Designer on Windows 10 to configure Azure Active Directory enrollment using any of the wizards. diff --git a/devices/hololens/hololens-requirements.md b/devices/hololens/hololens-requirements.md index fd898f7443..9487a2f331 100644 --- a/devices/hololens/hololens-requirements.md +++ b/devices/hololens/hololens-requirements.md @@ -32,7 +32,7 @@ Before deploying the HoloLens in your environment, it is important to first dete ### Type of Features -Your feature requirements will determine which HoloLens you need. One popular feature that we see deployed in customer environments frequently is Kiosk Mode. A list of HoloLens key features, and the editions of HoloLens that support them, can be found [here](hololens-commercial-features). +Your feature requirements will determine which HoloLens you need. One popular feature that we see deployed in customer environments frequently is Kiosk Mode. A list of HoloLens key features, and the editions of HoloLens that support them, can be found [here](hololens-commercial-features.md). **What is Kiosk Mode?** From bc22ab28ba037c411366f68c2f376320f80c9c1f Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 11:36:04 -0800 Subject: [PATCH 10/39] Fixing remaining reference errors (warnings) and minor format changes --- devices/hololens/hololens-provisioning.md | 2 +- devices/hololens/hololens-release-notes.md | 5 +++-- devices/hololens/hololens-whats-new.md | 14 ++++++-------- 3 files changed, 10 insertions(+), 11 deletions(-) diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md index 93a185f318..3cd9ed9707 100644 --- a/devices/hololens/hololens-provisioning.md +++ b/devices/hololens/hololens-provisioning.md @@ -25,7 +25,7 @@ Some of the HoloLens configurations that you can apply in a provisioning package - Enable Developer Mode - Configure Kiosk mode (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803). -## Create a provisioning package for HoloLens using the HoloLens wizard +## Provisioning package HoloLens wizard The HoloLens wizard helps you configure the following settings in a provisioning package: diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md index aaf200a4b0..f36e58d7cc 100644 --- a/devices/hololens/hololens-release-notes.md +++ b/devices/hololens/hololens-release-notes.md @@ -19,6 +19,7 @@ appliesto: # HoloLens Release Notes ## HoloLens 2 + > [!Note] > HoloLens Emulator Release Notes can be found [here](https://docs.microsoft.com/windows/mixed-reality/hololens-emulator-archive). @@ -85,7 +86,7 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md). - You can view the operating system build number in device properties in the File Explorer app and in the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). -- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#wizard). +- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-holoLens-wizard). ![Provisioning HoloLens devices](images/provision-hololens-devices.png) @@ -97,7 +98,7 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - Previously, after you signed in to the device with an Azure Active Directory (Azure AD) account, you then had to **Add work access** in **Settings** to get access to corporate resources. Now, you sign in with an Azure AD account and enrollment happens automatically. -- Before you sign in, you can choose the network icon below the password field to choose a different Wi-Fi network to connect to. You can also connect to a guest network, such as at a hotel, conference center, or business. +- Before you sign in, you can choose the network icon below the password field to choose a different Wi-Fi network to connect to. You can also connect to a guest network, such as at a hotel, conference center, or business. - You can now easily [share HoloLens with multiple people](hololens-multiple-users.md) using Azure AD accounts. diff --git a/devices/hololens/hololens-whats-new.md b/devices/hololens/hololens-whats-new.md index 59c777fdec..1e6c90f0a0 100644 --- a/devices/hololens/hololens-whats-new.md +++ b/devices/hololens/hololens-whats-new.md @@ -43,28 +43,26 @@ manager: dansimp | Read device hardware info through MDM so devices can be tracked by serial # | IT administrators can see and track HoloLens by device serial number in their MDM console. Refer to your MDM documentation for feature availability and instructions. | | Set HoloLens device name through MDM (rename) |  IT administrators can see and rename HoloLens devices in their MDM console. Refer to your MDM documentation for feature availability and instructions. | -### For international customers - +### For international customers Feature | Details ---- | --- +--- | --- Localized Chinese and Japanese builds | Use HoloLens with localized user interface for Simplified Chinese or Japanese, including localized Pinyin keyboard, dictation, and voice commands. Speech Synthesis (TTS) | Speech synthesis feature now supports Chinese, Japanese, and English. [Learn how to install the Chinese and Japanese versions of HoloLens.](hololens1-install-localized.md) - ## Windows 10, version 1803 for Microsoft HoloLens > **Applies to:** Hololens (1st gen) Windows 10, version 1803, is the first feature update to Windows Holographic for Business since its release in Windows 10, version 1607. This update introduces the following changes: -- Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md). +- Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md). - You can view the operating system build number in device properties in the File Explorer app and in the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). -- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#wizard). +- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-holoLens-wizard). ![Provisioning HoloLens devices](images/provision-hololens-devices.png) @@ -74,9 +72,9 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - Media Transfer Protocol (MTP) is enabled so that you can connect the HoloLens device to a PC by USB and transfer files between HoloLens and the PC. You can also use the File Explorer app to move and delete files from within HoloLens. -- Previously, after you signed in to the device with an Azure Active Directory (Azure AD) account, you then had to **Add work access** in **Settings** to get access to corporate resources. Now, you sign in with an Azure AD account and enrollment happens automatically. +- Previously, after you signed in to the device with an Azure Active Directory (Azure AD) account, you then had to **Add work access** in **Settings** to get access to corporate resources. Now, you sign in with an Azure AD account and enrollment happens automatically. -- Before you sign in, you can choose the network icon below the password field to choose a different Wi-Fi network to connect to. You can also connect to a guest network, such as at a hotel, conference center, or business. +- Before you sign in, you can choose the network icon below the password field to choose a different Wi-Fi network to connect to. You can also connect to a guest network, such as at a hotel, conference center, or business. - You can now easily [share HoloLens with multiple people](hololens-multiple-users.md) using Azure AD accounts. From 884fb018669ff237e91a0365944503624332f28d Mon Sep 17 00:00:00 2001 From: Payge Winfield Date: Mon, 10 Feb 2020 11:46:10 -0800 Subject: [PATCH 11/39] fixing warnings --- devices/hololens/hololens-release-notes.md | 2 +- devices/hololens/hololens-whats-new.md | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md index f36e58d7cc..f1bb141793 100644 --- a/devices/hololens/hololens-release-notes.md +++ b/devices/hololens/hololens-release-notes.md @@ -86,7 +86,7 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md). - You can view the operating system build number in device properties in the File Explorer app and in the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). -- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-holoLens-wizard). +- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-hololens-wizard). ![Provisioning HoloLens devices](images/provision-hololens-devices.png) diff --git a/devices/hololens/hololens-whats-new.md b/devices/hololens/hololens-whats-new.md index 1e6c90f0a0..064d470afc 100644 --- a/devices/hololens/hololens-whats-new.md +++ b/devices/hololens/hololens-whats-new.md @@ -48,9 +48,9 @@ manager: dansimp Feature | Details --- | --- Localized Chinese and Japanese builds | Use HoloLens with localized user interface for Simplified Chinese or Japanese, including localized Pinyin keyboard, dictation, and voice commands. -Speech Synthesis (TTS) | Speech synthesis feature now supports Chinese, Japanese, and English. +Speech Synthesis (TTS) | Speech synthesis feature now supports Chinese, Japanese, and English. -[Learn how to install the Chinese and Japanese versions of HoloLens.](hololens1-install-localized.md) +[Learn how to install the Chinese and Japanese versions of HoloLens.](hololens1-install-localized.md) ## Windows 10, version 1803 for Microsoft HoloLens @@ -62,7 +62,7 @@ Windows 10, version 1803, is the first feature update to Windows Holographic for - You can view the operating system build number in device properties in the File Explorer app and in the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). -- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-holoLens-wizard). +- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#provisioning-package-hololens-wizard). ![Provisioning HoloLens devices](images/provision-hololens-devices.png) From ce9f4e29512c0e8a266327cdc3de1bf0e406ab4c Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 10 Feb 2020 12:54:48 -0800 Subject: [PATCH 12/39] new icons --- .../security/threat-protection/images/AIR.png | Bin 0 -> 2290 bytes .../security/threat-protection/images/ASR.png | Bin 0 -> 1544 bytes .../security/threat-protection/images/EDR.png | Bin 0 -> 1589 bytes .../security/threat-protection/images/MTE.png | Bin 0 -> 2120 bytes .../security/threat-protection/images/NGP.png | 0 5 files changed, 0 insertions(+), 0 deletions(-) create mode 100644 windows/security/threat-protection/images/AIR.png create mode 100644 windows/security/threat-protection/images/ASR.png create mode 100644 windows/security/threat-protection/images/EDR.png create mode 100644 windows/security/threat-protection/images/MTE.png create mode 100644 windows/security/threat-protection/images/NGP.png diff --git a/windows/security/threat-protection/images/AIR.png b/windows/security/threat-protection/images/AIR.png new file mode 100644 index 0000000000000000000000000000000000000000..985e3e44296b98bf3d0853334e2fdc847a1b9bf0 GIT binary patch literal 2290 zcmXw)3pms58^?dj%dDS6qQ=l@Ayob`?IOylw&V~Z)#T9FG8;2YIlNYA%W?kr&q9br zMHKQX^3EX^tGp`7p?5{S(wxuo|LK4IpX<7x`?@~&_j#`8zMlKJAGVvz2}QUj8~^}C zJkG%#@^+gB+XBrLi@X-dDTLvCA^>39j!lyR@^2v^D9^w#;+4F;Yg$5J3B|G)K-^gtpozj1Bi|1x`8Xeg1&02W^6Ze}XCDf1*VC`91yk2eO; zx@UL?TTfEr1W^FqaC<48VkNH2-%PHak3JA))9tAHJB&Ckp)FUk=CTV24y5i7G*)BU2E zz>MJJ+>^1ih{zw-peS=H=(-^Z9{@^13>VD*JImgEYHpy<~evr=YwXp2QlU99OwM9^;d1Wo0EU zIy&;|mERLf3HeSRnTy`Fb7z>=VcseJWUa{~6DJi1S65e4ggL)Q&IrTpn0QyckCR_i zlt<*DZV-rQe1Ol}FZ3k4;y!^Zvg`vwlZ86v>MHK-ePbSK!S_cTIH(M$$hJzR9rU(W zzq>aAY$d%Ei(Oq@#%5z!C^xk;BUutGB6&SN0jm{dS#X8&$}x~kW}~}2jfjVMreL2b ztJdFSrxT4PZHyQX(|Q-gKCX#GA~SX$jbHe#0UX;1Qg_UfJn87@2*Z9~T*aiiVHEM) zfSUK&2Ckg;lD|)3NJHu@6ad89Ttusqsnn`UTBNyqg&LkaK#Ag;VN^^+C5DBu3Wv^|0J#3oRnY4nn34jhgO>^D46Q=Y4cX8J2N2MV*q0>gtBGCNLHNkn(%K(7!P(3tVUv zis77*(hbQIG#>bUCLo7=cOwE6Vzttno0~lZE|YVATJU=&qvW?F2Gk%jIs;?8J;GoxD~hJiCycdNt)nkq z;2f3sVNFA&rKQ^1+Mw`jLo1*O3g_nLKqV!w!R?*XSy@ma32X1WAm`qU#x$3e5lJN6 z`RME}#_|mDX1gAzM8}Nr+U?eSnNwaRoYGKSUvHtxo;p(9sY)=%rd!3YG0#kk-!m81 zr@z;CR8>_$m&fs~1LqD@9z)&sT?$SRtxtdYAh`H|u->O9-)tRqT5W!H{ffSWmEvhN zZKV?-A@@!$U;G(3?|tzz3JGsjIY?F3j3tXeL;MLLitqBexM1d|22c&_l1+n(i=fx}1FBX(BWqRwgkQ>DFeTI8Yu z3Mm%+poFpz+IMiTz8RRa+#7B&EuP;!a_)MVY(U#9g~5UvFL21Z76r4LEqSA!O6kkL z@Tq07Db>*SQPEO*V;GF}BY|*5+LvH!2!^}g?wM(q*D-D$&)DHuQ;CZ=ek_&)h33w* z_$~P6pFRuo@D|@K(w|ZO*RscIzbnVL0B8->I}7@Mi!z>8sta)%kAzb+I!hv0B$L)(>ylwN+eOv6!7c(Uxx(h^fY`*nZ}3k1RcoYJ?(Pj{RDbv*=|ZU#oIE=-=t&>=5X zQyZG@-3zI9YBUk4Yj~9>`XfZO>Ro<_WE2d~ZJ-X77#bCcz16E078j+Onw*lm=x^Q8 z-Z^Wj$4hI@rjA2>%hQVsV})53K&5oKP7mg8l;h>)^^v+bH8tg{Ef5HHA7T2{{Tyrz z&9#A^6wfTUyD6});%lspEBDeNo`Z@*+O<5Q27uy}9I}DV4QD{3+FTzP9qZvI*~th^ z%jgq}t9!C=P@0aB{pxbuF0|umkx114wo`5DNW$kASx_UEM*113ve|3}SzD;tAH48n zbavS@{X!&94lp${+mUwMsm#4jAqvJK*lD!4z)De3aeaOL%({M>iw`X!@Kq2$lu(5a5SNvgW(!U}-Z?+%8 zVwsa4FncXkWs6fyJHrh*A10#;Vg?_W{`}^omv!6FC{HxW=mvno@tnguLqkL5jE3@3 za4eKV>1!U3*JFV0zPU@#rvXpuW}feP-x=(mWM>=msuVi_<>h90>3-2ro6Q@y%#&rR z?6!eN!9&!=pX7mP%?)j>=Cva@?49t;Fq{PS3E831`ti(#eK(=69l$%fI8@pBvHlBl CBq+TA literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/images/ASR.png b/windows/security/threat-protection/images/ASR.png new file mode 100644 index 0000000000000000000000000000000000000000..bf649e87ec76d53d39bfc5e9e7b17b4362600569 GIT binary patch literal 1544 zcmY+E2{7AP9LN98#GTb+|Egm|Evh!6m)1Ip#F@G)jv^6JR}+m;T}+(OII8PxQ)DSC zvY|y=rHh0*YC~34Y^b)XdMssHC97My|8!?}X5Y;3{boMj?|W~4@4fl4e7sz>)c2?Z z0HEdWhVg^4lRV&x(426zst-zPiEhD30HCo$9tr@v8iXK>?tT&rd!Yyib}MQwoIddd zVT0(7$@Ca14QOr^xj{&i4j~LViA0M{q{mVzzz#L!K8UN!xidBK0xkAT3?1O>h-@IL z{e{xVM7hf%VThOaI!Osb|lUDRf{%R4K1iRc;H2r6-U9?#e?` z08pNE$2bPWWW8mJJrB8p!qzcy{D z&&R{E=lj=f;k=9W`P_+sPYQJx4NpyEOMVNAJ*+>rGX4SGy?WFt-jA`|TWV>X5X~go zuZa$c%dTRJtWrPc)ffmCxViHt73jwey3A`IoY2ZmFaSV1IB?vI%^Hh~i)(6Xy0lVK zQrK)Zdi=XLtv6k44IFH2Y;0|D#=2d%Ct~O{8jVO4{shAZIhPu{mzp(pt@X6EeZ|6< zo0~_rfkSsYJF5_-vpEO&S%~L4<$m!OEOu+;542m5iu6cTRaKh@PvC=cNQSw5aCUZ9 zLqo%$1V-ZX;tUa>o?h4F&SxR<%PTA6V`Hp(H@NSq+r7O{mc$TqrEm7*9-2UR>K88XoQmry_ff zvmB{bxTnv~IZxi=@pzror@Kc0?MNThXaw3y#Hlw!Sz78dv%Wp3Ij|~&DP}!>Qr)3? zqLO;WD7U(%W^myhpU}kP4KJM2QzgBuk1TrAJwA}likc%{s3U@#kLMm>$&sl&;T*B4 zyY9VRK$M+QX6w>sN_ajRflhs;Z)ayWH#aBnwBT46do)}8dVb^83$OK%-Uq68VGa$} z!~8n`jYTn|vhd0i+|f?)TWfM@CS&i`U61`{k8JX?%yJ^`Y-gpL-cVJ_OP6itKa0~u zT|@5S<4peS({C$2{R7wG^f#K;&HwvH1)eVSQ2~MQqAzC%P&tDr;XX(IqKoo}kATli zb}i}%C^Xxe-oLzM)lS&3RZdg!fntSj6@rKzrX%Zfjj;Z;u3 z&q=re@ZW1QG6K9ZXO5&ANr@m+p>lyTa=d?}!bM?kqE={;R4Oei+u>g7a|sZnOAfbm zbab?}z3UoE&tFDEcPti*H?y#mmS8R~E-7iPtf-YBCBE*ieGtXhV0k-qmITLu%(1b7 zwGr)opr%A3dGBe6qGa{-*o956u9v-fWCwQTEiElgPfuU+W>i8o1_lQ9&!dsKX?N1X z_a88#V6IP0O`XE}BAl+`hE`>q+S)jF^x5nFs(V!43YW$Rct!K{O7+2@(9lARQ8lu{ zBN-ZWIu3`6I`VVC$Tgh?SJv}_{L9(X9*!V%lBcJqiE~<7+WGU=eR`uI_y|Ve=2TPf za6x9fPmHUKlt7`NP^i&%k>1SA%*T%(flNR4ypocz)ku$zKd@JO?YoTt^C?Jw z`cxc0mbjuSZRw3VsK>&M9BUd7T3K! literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/images/EDR.png b/windows/security/threat-protection/images/EDR.png new file mode 100644 index 0000000000000000000000000000000000000000..8c750dee42d30ddfec3de18c93b744645f462904 GIT binary patch literal 1589 zcmXxkdpy%?90%}cuG`8bQ=H|Vh|pGXTDc|HqOvA;C02g54Kq1(I=Pigi6+IGmxEE$ zP`Q`u- zRTue!E68?|-BqrvAYwcN;{aHJk}nuwFm+|9O7rq@Qyo`;1D(xVj6(u$5;Hi9Eyt|h0CH;(9~L=D`U8v{llpgh;j_H zt`%j-O!dF>@ze++SdgZP|Bvm8CXRGVpTUNr+03 zFb;VK`{{LX-@kK`koh8BYI*pD-wf7VKxomSS8j<|t$Z6a-P*D1ktQk!i{)R)%G!7S z1yrVi9!s;25-GM3j9!y6`F4hl*;Wd4=hiu(kcOWmmo5o#j+YBk$tj|c4Xl#uR0@v! z=^l46q1)kldfdey8bUEFvy|oQeR*qk7Tq1|+q1z;J@Xv1p#XbwcJQD1`T2)eEYmf4 zg%G32I=f8U&b9kq#~4H+*(ZLC?9L2SeLFC4YH234X}||=VRQ>({Ke(6*%m^r9QR$N zn#m8h*IS*(zwPOv^G)~ImA#mJ{yb0czWg$!nLS``kei#6Qz7*>)w+Onxii#YujxYY z^V230i4|P#8CCTBA55$ne{+QQ%lfIQDShR=j~mISl9ILyT`a1rtA&sgu;Md{ieN^3 zs>!7%3yoIj^gP0p&r1%QjZjihPS-hGBPNr{Y&|@q&WP;GUi=O{y2FvQNSt*-Qr<}u zdhg(RlsiQ>1&*=r*4t&*p^Mig4PW!Rp=1P{f$;0+mNQNerrQbrECuwm6HEgo7J~Z% zz10T%wpsUJY0nS}5v2u(83R~*uL$X98L85hdjO5dKTV4;IPNapxL6neATIYRZdJEM z&ZaYmn2ey%{$ah%%hMIejEA@~tYMSmG8x9GAJlFNMr)L?`;CAF){QY$O3Z&eF?o#Kp`|A zsMYbGb~5wtJ8m=P`T8njV~ySH%?}!_1I2ZhGGRrnq5z_Q7;c8Cs24Qy6W8!HVjHqn zDZg#>Q0N?Y;nga0g^F0$G3q4DTRj;J9kQPf`eAHd7HJYT_BG&pe<{)Pk@d^P{+nTr z5|qKH6y7)7`mGelx#Mw>?Zk~8CFOXKr1vyA^N)+4{FtM2`v!zbqfayZPUvW|+i=@D zD&le!H-*=(iKnNP_NS`@f?rO@m_#B$p-|Uss!v#L+N7Gc zvmJwUTox)5{2ItRbXTftXdG*-g-r9G9>(0QuV+==Z(d^w0t$-Zx%`1f_+E-F%O!ekR> lH~O)wS9#$ENE;=E6|e3e{8?~4Q8pccm)l;~8kfVV{{kkr({KO) literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/images/MTE.png b/windows/security/threat-protection/images/MTE.png new file mode 100644 index 0000000000000000000000000000000000000000..1d5693a399b2a145e5c2d0bc3818dbd3c6dbaa41 GIT binary patch literal 2120 zcmV-O2)Fl%P)p2ml%(0x@Df00007bVXQnL3MO!Z*l;suFOaP000bh zMObu1WpiV4X>fFDZ*Bk+2_Yi@000VfMObu0Z*X~XX=iA30IUzpIsgCw4s=CWbVG7w zVRUJ4ZXk4NZDjy8_YVmG000SeMObuGZ)S9NVRB^vU2y+80000BbVXQnL}_zlY+-3_ zWpV(wz_gD5000PdMObuKVRCM1Zf5|%8|H@q000McMObuGZ*_8GWdQa6gX;hQ00?wN zSad^gZEa<4bO83umcIZ100wkLSaeirbZlh+sP57y000LQNkl?x|6_+fY5B%JzvyEDI; z&+g1`X1=oo5#j$|!ftnZR8wdettfcN)-wPpU+1r-L?!O>bj1IM~@yoapHs^Jguqd z5Myp`?$V`8oO6%I)3h)mRw|W5B60fk>3YB}<>d7&EiEOJNknXg0RRXgfk0qpX6DM3 zD-N1#MYb^v!$_r4rfJ&EMT(-_x^*j)$=GeN71_qPdGqGd(vsKfwOf%8;`Mr`rlwR? zwOhBT>|yA-e*5-q2Mm@(Q7jgVckbMAR=t7jVdQeTVzDTS&Q}{rlCs&X{N)oLz-JRy61 zYS+QN?FN8746oPAId|KnAjq=pGRTuLZIup(!!9wb{Yz(Or<)*KWe=mTug_(BjInSy zyvrD|SgfO?gE8i~J;N~K@wm00Z=>vC_Pv2#>Sq;w0>N!Ff2WK^yuEbd-L=2>+9>5 zfj}ws`~8tfWN>gW9*^&UXVnIbO=+5@swyH%k|fLW)AK>Ls+}0SsP>qj>+9>KQmI@n zYnsM6mn2D1l#Y&$P$;xBE~qPv<>h6|_AC~Qnx;Lzk_dtziefMrj7FpJc>KVD1C4pg z8W#xoJr2jA!$FnH<9XUT=dH0})kKwR{~#QM$Xk zj~zR}T%a<>&tgJL% z@+<~H5Qc|`qtR$@Pfxfj4Dea`4UK>N@3mh{u4eN!kSWkDajMMgr{5n7{ov)$aMagk zjJdhFWHQMZYsK?qjLEWm?%cUe+PM`yov;1b|&Er}+K*_b*<&NC;`sx3#3Isw~SFK3)Ce_2RvfVN@6(f=2+QnITOH zC?e;0?QZ#6W&>n;Fe1IUU;foMqmk|Ewv-uGS67qCBmmeo+N>|}$=!11zg2@F_$eqN zNG+!$fq;)fKm-A17q!3qYpqz@ep}ra|HpVB%( znqy2)Pv>$upRc89jKjM6~ipyLLMW$m_&vf|1E&*4EY>ToDmMOw%+B z698n1v;~C{Qg2!{!eETe%*@zIO`9Tw7=}@)Q~+Rqr_=@v4k4e=?ce@|Ho{n5UM>_0 z&aMG049jvJdA=QoK9k40Jpu3b9d3k?&*x3kbaQ%MTwDZzS7UxLK%w5aZc!$_G3c-N zuo1??hY#HxeMC`w@ZbR=#=_Do1Afq4xTYLIrtf^Iqu%qny+lN3lY3Lvjg0j{e)v+z z)z{GY>v3hM{${c6xHnDHI$OK(o@=#QI-Ndq=FGQ_1PA-&xdjdC4DKdE_~~n14W8G< zK*U%q=JH;~vKMq+_jo+#$9vxXUCs$cm3<`o!ut@)E!-j zuwj1pwXToeZS`_%*X*_{vz7P$G`~_ZpF9bg2paofyywC}ZYkq_UB{^XTLtHf6AviZpoKm5n)g~^r0WgSHFMj~+jRPRgsZC^L<2@khW yVZWJLJ=p7ccf{ch?ViAJug}Tv#LqDHlKux>r6IrAf$NI^0000 Date: Mon, 10 Feb 2020 13:09:15 -0800 Subject: [PATCH 13/39] ngp icon --- .../microsoft-defender-atp/images/NGP.png | Bin 0 -> 1707 bytes ...rosoft-defender-advanced-threat-protection.md | 9 ++++----- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/NGP.png b/windows/security/threat-protection/microsoft-defender-atp/images/NGP.png index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..9aca3db5177663d84279a1cc2b2d186a0a72aa8a 100644 GIT binary patch literal 1707 zcmYk+c~H|w6bJAh0Zf8~P$dFEB~j#xoFZVba)nc_1~8mrh(SVgU=pQBkQ;;wNVy?F zQ*8tTQ~?Q>6ewDt2!ud6M2jM#SnxnDq0q!mXZpwPoB6!&?##~4yi6Z27nl-K2><|? zn=1}4tq!sU0ZDhNW$`c40*!VJWC6g=-LfSIlyNnr2xhx^I)Pt;ln@Y$+nZr~zK~M@ z+x`MOlEDP3YWrQKq|BBQj?5x4DbZ{SgAVM5q7O=4N#>4>=vXG@TqGN)hWBHos`5pd zWTGsJVpC{j;OHtGD(ygJ9bZNSJBG+41EJB|viQy~ms40IDp49`0-}zFTq#3jOdvAp z6#6-!L+e$B)WH9qzrZAsf#vO#xBtZ)88jN1&IVTci)1g|A&dD@*it%1;21Alm(E4e73VUH;K;V`HoHMz_zr~@CTth6Kh$2=q=>$6=* zKsd*T5{^rO@4{IiQR#`4?nt|kD|Jr%uk>&5&ln7u^WqmD%&h^2m7k1RU;#Gl)dz0e z7Goe`Yjy)lQkK`A8nx^|s!`N-Wmzaeosem%2eKU;E>kuqF)k9rLZwTYMij$8&;2L+4}9o zA%0iquSNiHGZg^P3dfUr>|X+VtxHQEd|rEWX;7G*6!ddRt6cN2^~7yXgGoyS;nVFI z1D}q8P}GpEj*2C94c)Tr6aHKwY$Lx_vV&__A>H4o7j&IIe=UD**$D*Oi8qg55LPUf3?m4+%MrQU!kgbH z8m9GhKC(AwZ2xph6>?ky>qW+5CBhhB7h(PdCZuh!xAhn^zObRrAhN<4FF4s)VegUN zlcc8#(NWQ{ok#~PRV)F36z_K5M35+Fuw2|!zg>g0uy$xOZZ9^6oJxn81^x@cdK5wb! za_R0h0{4x~j6PhYva)W1`r%%p4cQSq@!1OBI-_}-_~Zva&-4c6LjN5oq3JFE{0D-r z`D7#yCgxgRaGs6lQNr(t&K6`tj~PyNi7TiZ49$FPVu|&5;4q`6){|ssH+EFC@2d7< zpQ`vS$*l0`(|}zoSzs@6yKRxhRNPlxb!=RZSErW#D7 ztP=OobK&0H7|-GTi=8Vy zsQc%f@Q*u~((9^wNuk%L!?)3CxQiO=Q(Qlf84J%~JsEdOm}<$F2wo zBcyj~_^m|v4)JZewN5IsTw(=d#b~~U)nmwu`IMRXY%FNxx+z!ujHg*$eeGIr`L{of zpwYhtOXSlnH3iROpxT2qx_fWD>=d0foM>KV37-Z<&HZ^s5Y1CP-_8m{m>X8_bGxIg z6ue=#TSKPWB6`Iq8@X&X} zhhh&lMYau2fth7Z_q|}MH|{T3gtW!Ju_wDq$VZY*p1!f7xz!%*NBGLqwL~12mCiuF zGEU$V@V2^dPyK52{yjak-xm!N;=B<0N4V3HJKgzk?b_Zv`D#3@T&s(pk|LBP0}9X8#?mFwB)Z3z~RQCP>zv;x-pU6y}s<5 z_fS+0ci+xx)1UXPWxbasb~nGCo&dEsgu&LsZ>!4C4y literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index 34a417fdef..f2891d5f18 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -48,11 +48,10 @@ Microsoft Defender ATP uses the following combination of technology built into W
step oneset up device

Browse to and select the enterprise license file to upgrade the HoloLens edition.

You can also toggle Yes or No to hide parts of the first experience.

To set up the device without the need to connect to a Wi-Fi network, toggle Skip Wi-Fi setup to On.

Select a region and timezone in which the device will be used. 		Select enterprise licence file and configure OOBE
step two set up network

In this section, you can enter the details of the Wi-Fi wireless network that the device should connect to automatically. To do this, select On, enter the SSID, the network type (Open or WPA2-Personal), and (if WPA2-Personal) the password for the wireless network.		Enter network SSID and type
- - - - - + + + + From dabbf0001c0c874620342e2d99c7771447f16c0f Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 10 Feb 2020 13:21:55 -0800 Subject: [PATCH 14/39] ngp --- .../security/threat-protection/images/NGP.png | Bin 0 -> 1707 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/windows/security/threat-protection/images/NGP.png b/windows/security/threat-protection/images/NGP.png index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..9aca3db5177663d84279a1cc2b2d186a0a72aa8a 100644 GIT binary patch literal 1707 zcmYk+c~H|w6bJAh0Zf8~P$dFEB~j#xoFZVba)nc_1~8mrh(SVgU=pQBkQ;;wNVy?F zQ*8tTQ~?Q>6ewDt2!ud6M2jM#SnxnDq0q!mXZpwPoB6!&?##~4yi6Z27nl-K2><|? zn=1}4tq!sU0ZDhNW$`c40*!VJWC6g=-LfSIlyNnr2xhx^I)Pt;ln@Y$+nZr~zK~M@ z+x`MOlEDP3YWrQKq|BBQj?5x4DbZ{SgAVM5q7O=4N#>4>=vXG@TqGN)hWBHos`5pd zWTGsJVpC{j;OHtGD(ygJ9bZNSJBG+41EJB|viQy~ms40IDp49`0-}zFTq#3jOdvAp z6#6-!L+e$B)WH9qzrZAsf#vO#xBtZ)88jN1&IVTci)1g|A&dD@*it%1;21Alm(E4e73VUH;K;V`HoHMz_zr~@CTth6Kh$2=q=>$6=* zKsd*T5{^rO@4{IiQR#`4?nt|kD|Jr%uk>&5&ln7u^WqmD%&h^2m7k1RU;#Gl)dz0e z7Goe`Yjy)lQkK`A8nx^|s!`N-Wmzaeosem%2eKU;E>kuqF)k9rLZwTYMij$8&;2L+4}9o zA%0iquSNiHGZg^P3dfUr>|X+VtxHQEd|rEWX;7G*6!ddRt6cN2^~7yXgGoyS;nVFI z1D}q8P}GpEj*2C94c)Tr6aHKwY$Lx_vV&__A>H4o7j&IIe=UD**$D*Oi8qg55LPUf3?m4+%MrQU!kgbH z8m9GhKC(AwZ2xph6>?ky>qW+5CBhhB7h(PdCZuh!xAhn^zObRrAhN<4FF4s)VegUN zlcc8#(NWQ{ok#~PRV)F36z_K5M35+Fuw2|!zg>g0uy$xOZZ9^6oJxn81^x@cdK5wb! za_R0h0{4x~j6PhYva)W1`r%%p4cQSq@!1OBI-_}-_~Zva&-4c6LjN5oq3JFE{0D-r z`D7#yCgxgRaGs6lQNr(t&K6`tj~PyNi7TiZ49$FPVu|&5;4q`6){|ssH+EFC@2d7< zpQ`vS$*l0`(|}zoSzs@6yKRxhRNPlxb!=RZSErW#D7 ztP=OobK&0H7|-GTi=8Vy zsQc%f@Q*u~((9^wNuk%L!?)3CxQiO=Q(Qlf84J%~JsEdOm}<$F2wo zBcyj~_^m|v4)JZewN5IsTw(=d#b~~U)nmwu`IMRXY%FNxx+z!ujHg*$eeGIr`L{of zpwYhtOXSlnH3iROpxT2qx_fWD>=d0foM>KV37-Z<&HZ^s5Y1CP-_8m{m>X8_bGxIg z6ue=#TSKPWB6`Iq8@X&X} zhhh&lMYau2fth7Z_q|}MH|{T3gtW!Ju_wDq$VZY*p1!f7xz!%*NBGLqwL~12mCiuF zGEU$V@V2^dPyK52{yjak-xm!N;=B<0N4V3HJKgzk?b_Zv`D#3@T&s(pk|LBP0}9X8#?mFwB)Z3z~RQCP>zv;x-pU6y}s<5 z_fS+0ci+xx)1UXPWxbasb~nGCo&dEsgu&LsZ>!4C4y literal 0 HcmV?d00001 From a158871f50d326d6c174e965bcd0cefc50913ac6 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 10 Feb 2020 16:41:11 -0800 Subject: [PATCH 15/39] update casing --- .../threat-protection/images/AR_icon.png | Bin 1937 -> 0 bytes .../threat-protection/images/ASR_icon.png | Bin 2483 -> 0 bytes .../threat-protection/images/EDR_icon.png | Bin 2826 -> 0 bytes .../threat-protection/images/MTE_icon.png | Bin 2609 -> 0 bytes .../threat-protection/images/NGP_icon.png | Bin 2034 -> 0 bytes .../images/{AIR.png => air-icon.png} | Bin .../images/{ASR.png => asr-icon.png} | Bin .../images/{EDR.png => edr-icon.png} | Bin .../images/{MTE.png => mte-icon.png} | Bin .../images/{NGP.png => ngp-icon.png} | Bin windows/security/threat-protection/index.md | 10 +++++----- .../microsoft-defender-atp/images/ASR_icon.png | Bin 2483 -> 0 bytes .../microsoft-defender-atp/images/EDR_icon.jpg | Bin 3278 -> 0 bytes .../microsoft-defender-atp/images/EDR_icon.png | Bin 2826 -> 0 bytes .../microsoft-defender-atp/images/MTE_icon.jpg | Bin 2209 -> 0 bytes .../microsoft-defender-atp/images/MTE_icon.png | Bin 2609 -> 0 bytes .../microsoft-defender-atp/images/NGP_icon.jpg | Bin 2897 -> 0 bytes .../microsoft-defender-atp/images/NGP_icon.png | Bin 2034 -> 0 bytes .../images/{AIR.png => air-icon.png} | Bin .../images/{ASR.png => asr-icon.png} | Bin .../images/{EDR.png => edr-icon.png} | Bin .../images/{MTE.png => mte-icon.png} | Bin .../images/{NGP.png => ngp-icon.png} | Bin ...rosoft-defender-advanced-threat-protection.md | 10 +++++----- 24 files changed, 10 insertions(+), 10 deletions(-) delete mode 100644 windows/security/threat-protection/images/AR_icon.png delete mode 100644 windows/security/threat-protection/images/ASR_icon.png delete mode 100644 windows/security/threat-protection/images/EDR_icon.png delete mode 100644 windows/security/threat-protection/images/MTE_icon.png delete mode 100644 windows/security/threat-protection/images/NGP_icon.png rename windows/security/threat-protection/images/{AIR.png => air-icon.png} (100%) rename windows/security/threat-protection/images/{ASR.png => asr-icon.png} (100%) rename windows/security/threat-protection/images/{EDR.png => edr-icon.png} (100%) rename windows/security/threat-protection/images/{MTE.png => mte-icon.png} (100%) rename windows/security/threat-protection/images/{NGP.png => ngp-icon.png} (100%) delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/ASR_icon.png delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.jpg delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.png delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/MTE_icon.jpg delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/MTE_icon.png delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/NGP_icon.jpg delete mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/NGP_icon.png rename windows/security/threat-protection/microsoft-defender-atp/images/{AIR.png => air-icon.png} (100%) rename windows/security/threat-protection/microsoft-defender-atp/images/{ASR.png => asr-icon.png} (100%) rename windows/security/threat-protection/microsoft-defender-atp/images/{EDR.png => edr-icon.png} (100%) rename windows/security/threat-protection/microsoft-defender-atp/images/{MTE.png => mte-icon.png} (100%) rename windows/security/threat-protection/microsoft-defender-atp/images/{NGP.png => ngp-icon.png} (100%) diff --git a/windows/security/threat-protection/images/AR_icon.png b/windows/security/threat-protection/images/AR_icon.png deleted file mode 100644 index fa8836ea1f49f7e9518c1e5cf4af72883b071d73..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1937 zcmZwIc{~&T9|!O`$}N6It{gQv@|EkGt8bYj<}A16%y-#xY_>Tob4!FATgQ^3NsHtd zb4^*4?~E+e<17gJChVa^)=BF6wM zI35c}q5-w_3}*pJV+G^@!$hDFC@caQ3s8{IJ|b|*J-0`qlF^7rI2Q2q0K;0KvcD7! z3*W11VG%Jf!0#IeBm^6Yy^S~WA~rD`4Fd$DcK7O1zaB?mBBH|uRWzWrr@2VL;(P2L zj*dmdMgn@&W^)B5_MiLl=m;2KZ8vlNzcqVgObjd*3s`61X#(57SMxz&qhWx@izB)M z2!c3(eUga$yROKI_lo^E-ipo}JelsIS_v^`R?b~)Cyqw9|I>XpR*GS93u&G&^dqo+ zj^t=@Pbi~0Hmpd22G5_FuP}nM@pdphX!U{*t|u*K<Y zC4J0R4KCCCKk=FJf!d-J6?50#XFxgAg#W>wJnZ4=X=QC~=PQ5nM6PgU0jr;5!dY%> ziGyY*q^2@=c2144{Z4OsjX@o3XWLFQ1;l8#QR2Fc8`Y?m=17S37OM3i2c7I@0ztmLa3&QMGGa{lnv^ zr!C*Mu7-3bfoW4T%!gFUl!x zQb||qbdnaY(1&afXh6rO_dgY4TWg?4FLlb(;~0OMY8OV7fHq%y=7~o}Mvl`6H&cL) zotHOcr#8N-qd^cmpraW$)@pI06?tsSqVLnzsh_F$UxcO28x`5&ud2c7xSu~~_4eAo zGzPhQHyVa8sRkaMN;Isms%-KIa>&DI4~Xt#zqiAiTxT|^ z`=Uij)TOTx_gCp*vyUIYWQ8zS`Re{!p_qHDuCy^sS#ND`D2_d=d3vku43YuSZe8l{ zx`xChf``sExSMOGJ?dO3P)21@aKb`m1Q8qCcJYhm>+fZ zsEQ=&ubYg_23bZ^9T|QG{!7veNlHg1i5k}F z7e!B2Z7Zj2FR{{$O_G>{9I7xurL+6igw+F-mL%@<`sR|SHyzQ#_)U319^Xf?AkFf7b4RNBl#)BoGfTB^~)*`Al<9s0P`-@`uz zkT7vl>4weu(xv=?374&CxUvS0eyLmign@e7^AT#e~bgio)L8=hm)2i>f6%=@N!GBjv1xIIMA>742{oSgO;vBaZY(%S z6Vup~HOLRC{GK|;=`ZsC$^uYYTa!0ebjF}eCexYq?S)?y*`SbPtWlJ_vuy>Idl%b* zebD&iUpd;jxw%9lv6zII*9jo|Yz}s%(uNinjXWz(h8rszj`oiXyTAhbxLg=-Dy@U; zA~nC3BE3KJj6663zB|NLf3F4?sY^dGtonar4%f>0OQ#czMtpyd4E5De7?{3`}rnZv9}TxRuBdN0HQY5 z76_g?@xn$(fVZ0ME9~(Ebj=z?0szE14&u-w9Wg~76eQcgEd}R+#{~?f(7%oH|3sEZ zvRODeAS4V>`mEQQheXIcWZ_G~hT*S~@gczgX^^Tqj|(4gSje@TVR-)lGN3}d*O*7e ze$p^s?*pp}8Bg>DK(@p|ybS0d;}qgYzTq9_3-G+Qe_%iIvpAlFC3y3!VSt9V`cxhk zI>2t;VZr!de?Xh!LOhQN{&#D!)rzvQFmsN0yg~~~l3~e5|3Nj{g8KIpLu53wir({~DTH*I$~X{c88nogN%xup zQe@BG_Y!e0!JEVJ&f4{RgSP^~$RkgYwr2X#!mfO=S3cFYy_&w!p9jsNZtr08D{<`Q zRc}9CzdYR5_;Pncf6LnKnXQ(!%jQBc_f9gQ&C&f*DRxIfaqbV)hs}>uW#^dn5?1uM z-}Jy8>3G%uPc1F-lPz4OKLa&DM^WbKk&%`Q+{@Ir_}r~B#LLiA?J?^_{bI7onS`jg zGXh;EA|g7@+;ykP8LOD$Esd-Z+7h)psV_wuyvsqJtIEU2C5eTdf1=5kXtmHHY1ZN> z$rJtvPpIy5H|EQUOy4e!?DfaiU&k5?RR?uo&oamOaeTE7evAP?s$Ej87fzF%Iss4Z zu7C&LzIL)xIR#S3w$mAXTc$b)ey*JC7XYjUVlH}fK1&3xCY;q@RbBq_!+OP)nvm4@ zw~N+h9+B17Xds3ORHqGz+|={Th|tLaz$MO*&$YB>asCjm_QIuw?!9CpwmQneifMEh z5mD4+$#OSmAu<^0w#3IJ_N3ZVFc@~s+B=KSm8g=)muTUH@Lj9X7t}4xHesfY*w1}2 zSGgZ*TrGvhtwL#DlWS)(uJ_=a&1l*K2!+qbfXxQaevpe!30_DU0jqF zrnP*4TeDNhn1VuMUVmAainVtMfi^O zYx<0KXa-B0byxJIZjINmybdo`?5VY%qRzF>oW3;5iS!+tR`lQabnJw*nLPY!FM7j- zl%GO&4{`u3fx7JEu9E?O={zm~K1yk0|}ln%V8hJ)Q{%VTo8J9cYB=`WPX zF;A^;Z>?%N*riGvNalmub*G7+N(}??b^#0*135jeIC}s0I!nLSG@6-XgCn+A4z6M& zWvio3carCq((b9uWnRKuxsTSnZZ z{`m&x%-w?Y-y!Z4#c1@fjElHRj_VKg}SCaTTD+eRwxxG?~ zTTsJXpw13@j+d16ll9a>@y+Q{ zoDUl$lUuw1GOCn z@h^9pUGyO=0vj9_XfobvQD4NDz3S|$Y<;%B3k_Bu8M*$-Nzl1{#GBvbMRn%4>@IHI zbjtwaTkh!N=7)V%1*O7t5wTxG{<>*9f4!zTP`}xv4TgQqxI`{@aPc?48O@e^r1x~f zjVx-Zw+39N} zKCoYAU&qyTGm0t&w>~(^7=IWVclwz8o1neiA~a4cp%Hb<;dm?N>=3kky(s3wpWriC zGPRMJ`m7kWGbfXRv0gB(NE>SmicTHP@R@+V8zpvr6zsZ>gq{@0@rp22ey6O7T~=Cn zvD5{Tr|dQ66tLg56?_`kb`4K_8l0Ddvbgzv7vdxHVeCrAN%armht_`=EL~ zvBZ!V-zSJoSG4^g?e&AaBh2Bo)e`9rF50~R9&Mn&MW2;R*~tO>nd1LmLg;7(MRpUH>t z4wOYrimUN`BxhnjS>&ocOii*j=|oW!XWjv{EgOn>bY)+nO8by%qnK(cyMM zOwX9}fVQ#4K!x7usGsyRgkCr?f5X<~SL2Q%x|G3wofx$IUU>#0T&4WnUn4yv449?! zI`%reg`9YmBM$T`+}l)7CKw_67j?7>R4F}nuF+_p_OHOaY!m@~vP6fgKs7W%Jn|W) zJzu^s>C-FlA*a?bQT?Q(oN2Zc>*E`tPJU>f*G1h-(7*tlvkprpoPXcenUkdI{4nW7 zv)WmIi!|QjL^aYM7`ELz+KgC$Pgh>%ygx6xyZG8~s8Rtdu!C}y_p`CgE`dY3-#u~b zdD$J3Y7ol3oVezYsHYjYuXG->bHBI6d`3}gx$|FV_rHvF=3PMK)$ek!&vx#-zX`y` L(%#~kxmWBz^|G3< diff --git a/windows/security/threat-protection/images/EDR_icon.png b/windows/security/threat-protection/images/EDR_icon.png deleted file mode 100644 index f2622cbc2bc011758fc1f687cdb004d508a6f666..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2826 zcmZ{mc{CJUAIB$4W6;PL%Dyi#mV{7*s2L0jA;v?9VQga?Mnnk>k}XtI_H9s>Vel}@ zPPUq|uQ3XPJc)>RJnwn`e9!s)?)RL}?{n|{@1C1zWpVu!rw}Iq062w!8{cFmlGzB3 zlgt&DT~W*oPypN^2mkK_n}MSFS$14ujrx=afGmts9!k5!3a zw66z1^A`_@IRPC{to`o>hq+=s0H}bYW1Z{Y!_h%*7+0o>1vF6Wo-i@TF}8EX`l0cYg@h%>(fB=)vm$w5$HUz8-$TfSrM?HYPiHtl6N0F&=O1M<*B$*3GX}@5+RiZc`f-V&KO}X0DmziHhF=#q*B5YCX(cvaF0H5 zp>#X?t@{)Di|yvwUoSWI2PsCT=gNF6ZkFrCSmu8pjw}U#i2uJ)oJaG%S7M82;ZxK} zJ51{AJual&hRfvZveT!^V3uBW#TpYr!THxhUWL%|5TNR|zvgnnup-)8gNgGHdJuRo zpRju0imCw>Dp0HhB@;iZeF^IrYl4}>&)DYFmfn4~xH&Erjla}SY=!v~`z~lP?gOCn zf7phu%NMWQcU1_6Y3`ZhlU6@>H#TWLEK?>e*|JYG3ld76xQDML-vIB>dzVFdGUQqm zl;jK_sB2%wk-5NLxh^O|?+0PNsR)y_!Mkql%WW>hreKl3t-jJevJ=;Y-DXEb9=Pqu z*w+SV#sG)dF+it;hqhJTgw41rZM!Otk=8L8{h{;zGp`Znbe@H*h?AM69ZBvW$YWdX zRrQRYpLA^0H?tSl;c%e<3XM2@a*^aZlNFReer5Y><)RvmGB+FbE^bb?iMNu3Kk{9I z13FOAXHE$9+rc>hf#T?%1x(jn1-g|2g-H0uS$aaHgB=Ex@p@#WOB&7iWS{fdA?p(& z4!Th6c`sLLtX`|HxJYvLJ$nsaETWCdIz*)ZlNwh6!d#D-xv+IvhG_EbG5wCAe*~vX zxy0Xrz-yS3*D${=&hWBmum_{=FLfHBcxmys-pHKk5~FDFc-)jSZ|&r*pF9mftVqQoUw-E-Y7$-5|1YIk0`0tx1S#_eJxf?cY+_ zH~7MHvU`&|-ZlR2F4fA@8Rasz&H%M8JLC|k!lv2fQDH0e37T=(m%2_s6<>}WX)pI)yc%;+gxWTXIbI=wqC#$Vu z2jdB%cd@Msm3&D%S|8drJ<>Mm-@>*kmW75|_RB(U?2Yn+v|u?z9Pxwh0fWZvPaMSS zSY(p8z1eeFwPR=aT|>jVK$g8f3m?*-Ea4b%fytr;$Ux;v8*8lGW?JBE4QdpW>DZL+ z)aupbxZ?>EyQ0yTBiY}-qjc8HDtug+qb^mYWx^tXa&br0fJ*a`iuAh&4S77N13CO{ zk@cq=OH8!+ngzKU508^Ilo(zpHq|a1oMw@6X@((Jr)ng7`!e*`rGb|8z4vYE+@~_a z24cCw&zO#W={4)ILOfEuP;U@ARGN4Ce7~ioIvz(h=6&OXN<#VMe>}ucoXw`{QJ+k&gqgC6F zLGc!^cL~_o;-+Q!p?RBYBO*^))d%38b7sVj6ewxgRjF!9K|=YQ- zbfY^#?M;TqF{5X{^ez#cM(sop3Waa#HO&1>--l*2F z1UEV-QE<>hK18NB+msGT&vsxHK4H*(Cw=LZt~~Iuv(tWK2a>`twOeZMCYoQwjKM)O3k9$5K3=F zcTmO)v&dR01>Lj<@?APBfUGZla6iPz*~5TT-3#8^tIsZ6{xPb?D#&FnE}J237&BNT zCrVI?7qAyBs)!Z-+-?6hR;Bh7+Eaq_^hK+$o=4h41*+im z-U%_aD|zq;#O5Op$fmM%o5brMf02QY#Q_QOs$Q!N$WSK3fX`Y&mQe!JrC}T z?oH&dTnS%hiPqQd!;Spp;ihIiG>=316p$?J$UYVdn=0KjrT1&!6ABa|Q)X7RGEYmLUZFs?tz6Q?rb)gmj!xi`Z>2dYxZ!lHY(2p3ld*H78#=dpoMUt-uF5f>%Tu+Z0BkfT57)XMQLu{$ZC{XK|U^OX3(`0*; zp=Hy)J{{=%UEFgh??!-A^`x#tc`P)RbwdE>Gbb|Cl3ui7J~D}{=d@cfeIq;V>&jpt zEzH~$X)Vt66Zps%`#Ucd>kluV{b(k}KJ1j}W44yaa4GV|fHFj~N{~?zf20^w8Khl7 zb6N|zxf;bk-zu6+LTk0)q1IwgxH1YmZf*LNv5ov{a7sI$yy5hbS~;CajcLDpm5<8k zUyQ^%=GvHV3nf?=DT=+35U|6J@HZC7ck1b#liD^+V%N4mZ`*E%heU3dL!YLyuzNx}u9_x{d( zo5P2aGs5H+6wR`nVXA=0ca6J*x1I{~&82;dqs*f+m9`2@o^^whw}xX3!LL+s&+qHU zf1v)T>QePlZ}c={ot;R#;}EC3Mk)1H{R=)vDbR`9dM7c|_Oi2Psc5=>Ed@UINoZmJ ziw4%(F0%cv{j%@EN^_zkf4+CR9>1$|2}?y1zqw1y$SwAB(M{5QVGSkY6z|_}XN^j~ z4+942B4SrAcS)=A1g^NB`1Zq)lwK35217f#W3T(CHRIDrFXwNK7?sJrMtaR|1s?AH z=D^Pgxw(w}sDYok!<#9(e!i8g(;KpyZ(M=UxS9{v*lzy|yBf+o2D*WYl^G?{O7*|W$^Od8$>dPk@ nL320#c#M^6K?OwJCu1%BC0>iQRHm|;|XFenc+i11-R z8$dJ|0I4Ir?a)r17$*;R&@CAJ9>A%txtfP(0NTkBg#ne(4=4bX?q7;VBCe%e7$-L* zNcxB#26$lC9%By&j2{Ax1ikRQx|UP_8{Em;&J_Vj(V$PQwFv-*UgPHow7ZkLBdC>a zEec?e|BUxR+aW;*SK*}p%G5mE+>q`V(BVMp7l2V-%S@awu1HYv)(9UE>s&`&)x9n2-JRb$K3f1H4!?FF&0A2l)0vFbq zA$d-ws19D@RAC2cs7I(L-iCawCiMh1-x&_<+248cutY8vyA)Sl=GcIBtvJ{5u2Ot9 zo>%()`9Y~Ob@|7&h^nNh+0f;o=+^XXXl(EQGtmKNx3Rfe6_aZGkw#P?IM_(nmB^bl z$YDCFX}d&D+>{{_iM1BO)0;8~mbV`@UE)$0`FZNC;)9g+tIXb+2*4xKF_QGL>0{P% zQ1b5w3T$j_wM4fRBQ-Bh9&O#|WjT}5XKU;0UhIyHgX|g6&>t9uvJW3dP*OXJ9&#qz z<2Aol8CD44b%jJkBqSx1eT}tv58yK!n9qR+0&$vl27d%x2}Cle)$8)J#!)s~)0a!v z)YK5_{7j7E+8Y}itr~sfGz)Mkj2&W{BKJ9T)AmXV6$?udUpkHrsVcay<|3BJUIah3=C|3 zS~1DyGBrotAqEW#EiV^7y$G>g?S|jRF^aVo+9PDjXcOKavM(un)=ol)Nnx5+ofe7!s)Q=8gNt<6E!7V5^~ zNOQAPyoC~k#|xN~Dw6y);++h=F2C0czh9LuTHJIBzTSstc1r*U>qcaX>FVs~h%y0B z*9{H~&=~b08kAvgIbH}c^D|LJ9cUr$;>3F<42**?-9=}{! zTN^=Y0IM=!m1)92qf&%%XRV?m)jrrbx_)49Pa+jbOP|mUr%`*CGUhDJ%*-6$c`Ewr zxEODQjk`NtC?0>iVRmb0Ws?h44(nj(uPz>U2F{x!`p?F^Xm$ao^7`O28Q|i$dU!0K zT^g)JVUs5U{cRmtC{KcNEy^_ujpQZv=R$aW%V1x(kDR1fUESRN+VtHxIs>bEPHwAH zd-Zsw=jIj}5f=vCZ>05(g#>>dXaomun#-0 zi08w<{@xCW*L|~)&tB3B!KuNV3=^RpiDEQSq)rqxt4O}7Sxn#$%8!$L+~oIG@7UOq z(#t4fUNd3V}i(oiUP6<{)pgbwbFOhgR$z5c4&ZOtc8Qd1~ac+~*IE3ytnjre4%4 zb-kSQJ?SF)9glvbb9tbwny(t3aWlKm(f{z4d`mz}r(-Ib>4$xzeTlctCnD0tC1!9? zuVGe1mypCfvN$)Z%HQh4UV?XW-rqNK=MZH&x2x%?m~-1Z6MRtCG!LP*2SdpMxsp70 z{2xEdst9Um71U??T=^|gIvHj{fW|Tpm6nzQZ)j1t)bOp#O1lhY(los^Ra{-sRBuS^ zCpMWc!4uw`v6}NIh&0fBA3=Y0Kf7CM<2;*`=&6QZ5ua$IYKCj+qel;Rf|GXt7Y~Z&922yl~n7y}ma>$pwpzT`= z4pK$(e}ojnvywhfpoVXf2nE@5&2tAVzm!8bd&cB4U_VtrWWJh9>9?3zcqm5xoOj~N zGklVf`Sa1v?B}|7DR+gT@xo#>Y6>}Y2o_!ugB!ZA67#MgQ`(S32hlNBCZSXbMU$b} zpW{^&hk?zD(nP61n|y>wsejpz@T5I4Qya6e_xkceX}sJ(5i}8%bEZ7OjdmrzErb~I z2$K(%xu6l^QR23?@VeFuQCi*;7@pT)N4stLiFj9O6Dva)b-#SBvh*o+Torgr-?(ts z5b7*{+#VK%e4W^xgVr}3y3^!e*J|taGiP%OiVeDs$i}1(90D}F0`T-vJ({9ua6hwSw84gv15IcmMgSZ zur4UHvRtU1fL95Xd=|s`vIKpyyR`6ihI5gsszRLGO8NQ1fv9Ofkn-g#N_k&$GLBM< zrVv8kDj!ui_?s&CDJy)@CE=HV3nRSbxV?3k+=QRq^(hl)8G z5N*mPbjtvJUf${tEA&oP zf~gi=XUF0|#OB2L7f!o1vTRK?(-&O3TomhR>@8=1-?3JZ?5a&Z*Gq*wvgyncd=YXv zA>+|h6UVT#cOo&5b;yi)pFJk=JAH~u=%8t<=zMcHoM&DxjT0N?Wxyea1K~z~gU!%J oKui|64#9@&Kb14vlH`~Uy| diff --git a/windows/security/threat-protection/images/NGP_icon.png b/windows/security/threat-protection/images/NGP_icon.png deleted file mode 100644 index 6066f305a2bb1f4be5794ebfd3e6b2b6f0d36fb5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2034 zcmajgS5(u<9tZHhN-?1tr3eua2m*pqM2ezRX(AA+(o2LuAdmzJ1Sz{56p%zps8SZB zsY?}z6hovLA?hLuNQ<<1DG@0W%E|`sxo`K}`!F--_nGg^yv&?QvAx3A`A!o7|fw^jqf1lgv6l`Ks9^l z3>P}B%#5Azk5&rZQBc>D2~_RY&gl-XOUD+4(H&=RV3HZhRd|S$H5&}Lf7ZM4Qx~hxrp0d-0Xj$a-2AGul$6-9vhWj(qYg| zA~G%unEGAGe5FyPMhnGnZ| zb|uxTuWG>Oi}I^H?sT0HZ4b^9cfDe5A3zhLbElZ48Qs>YFqd;(nK)iom12lz3Ht}pbvEr-F zu#(|1!-sw-<=z6BwBl@ISGWQ)_)V`W8Nck2UXC8ld$fgbTEyJx`_dZ7+Fsvoo0c_S z7mXWnPG2BZ6rag2h{P`j0t*1_YpCLb?K^f0F8NE7JJ3h%< z!xkV0l4(^DfwM6jMI}Loh@M&|f{C;-b@XvS0%cc2e54MyFYnNXTxz0+p;VL0pv^Y^ zND&yLKV!l}qyCjr#LX$6kvED>&gKx7p-bd$bQa|_B~-(_+eOadHyms{S1FsvHtCJJ zWES>Z?!v@?uFP$y$lG^%YV<`(b(hp3&4#?;{NkvF$yHKHd{OYjRHV8<5`aw^+n$_OWRJ0=$H?i5(|pp>(ZL>8%fCz9!a5N_zF01D}iY8b9#KM|h$iY}MKA zdcT_cD`Ub*Lti7a7oJBDMiE=${gdY>UGTSNO`dGjenei}>?Ic)XrxHz^lT5dgTGet z-8gDyAQO_)w>=kROiyA3AI_=_H-`#dQ3Om*{#LI8dxa^k0 z3^{+J@j{?aJH*xcNA0_{FAV*@dvJAhp?%6wM^i8qRCPu=NJ{VA20{oyhmn(R`DHEK zepU~88QjU|D}FT1%x^SBQB^LpI>EB+uzU*m{{JeNB~gFQcB5l_b+}&}U}b*8tk%Tm Gw|@ZWrl=AC diff --git a/windows/security/threat-protection/images/AIR.png b/windows/security/threat-protection/images/air-icon.png similarity index 100% rename from windows/security/threat-protection/images/AIR.png rename to windows/security/threat-protection/images/air-icon.png diff --git a/windows/security/threat-protection/images/ASR.png b/windows/security/threat-protection/images/asr-icon.png similarity index 100% rename from windows/security/threat-protection/images/ASR.png rename to windows/security/threat-protection/images/asr-icon.png diff --git a/windows/security/threat-protection/images/EDR.png b/windows/security/threat-protection/images/edr-icon.png similarity index 100% rename from windows/security/threat-protection/images/EDR.png rename to windows/security/threat-protection/images/edr-icon.png diff --git a/windows/security/threat-protection/images/MTE.png b/windows/security/threat-protection/images/mte-icon.png similarity index 100% rename from windows/security/threat-protection/images/MTE.png rename to windows/security/threat-protection/images/mte-icon.png diff --git a/windows/security/threat-protection/images/NGP.png b/windows/security/threat-protection/images/ngp-icon.png similarity index 100% rename from windows/security/threat-protection/images/NGP.png rename to windows/security/threat-protection/images/ngp-icon.png diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index 6e17affb80..16ddcac988 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -23,11 +23,11 @@ ms.topic: conceptual

Threat & Vulnerability Management

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Secure score

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
- - - - - + + + + +

Threat & Vulnerability Management

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/ASR_icon.png b/windows/security/threat-protection/microsoft-defender-atp/images/ASR_icon.png deleted file mode 100644 index dd521d492a3bae932f0402886468149589862363..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2483 zcmZvedpHyNAIH~no7{zvTczMtpyd4E5De7?{3`}rnZv9}TxRuBdN0HQY5 z76_g?@xn$(fVZ0ME9~(Ebj=z?0szE14&u-w9Wg~76eQcgEd}R+#{~?f(7%oH|3sEZ zvRODeAS4V>`mEQQheXIcWZ_G~hT*S~@gczgX^^Tqj|(4gSje@TVR-)lGN3}d*O*7e ze$p^s?*pp}8Bg>DK(@p|ybS0d;}qgYzTq9_3-G+Qe_%iIvpAlFC3y3!VSt9V`cxhk zI>2t;VZr!de?Xh!LOhQN{&#D!)rzvQFmsN0yg~~~l3~e5|3Nj{g8KIpLu53wir({~DTH*I$~X{c88nogN%xup zQe@BG_Y!e0!JEVJ&f4{RgSP^~$RkgYwr2X#!mfO=S3cFYy_&w!p9jsNZtr08D{<`Q zRc}9CzdYR5_;Pncf6LnKnXQ(!%jQBc_f9gQ&C&f*DRxIfaqbV)hs}>uW#^dn5?1uM z-}Jy8>3G%uPc1F-lPz4OKLa&DM^WbKk&%`Q+{@Ir_}r~B#LLiA?J?^_{bI7onS`jg zGXh;EA|g7@+;ykP8LOD$Esd-Z+7h)psV_wuyvsqJtIEU2C5eTdf1=5kXtmHHY1ZN> z$rJtvPpIy5H|EQUOy4e!?DfaiU&k5?RR?uo&oamOaeTE7evAP?s$Ej87fzF%Iss4Z zu7C&LzIL)xIR#S3w$mAXTc$b)ey*JC7XYjUVlH}fK1&3xCY;q@RbBq_!+OP)nvm4@ zw~N+h9+B17Xds3ORHqGz+|={Th|tLaz$MO*&$YB>asCjm_QIuw?!9CpwmQneifMEh z5mD4+$#OSmAu<^0w#3IJ_N3ZVFc@~s+B=KSm8g=)muTUH@Lj9X7t}4xHesfY*w1}2 zSGgZ*TrGvhtwL#DlWS)(uJ_=a&1l*K2!+qbfXxQaevpe!30_DU0jqF zrnP*4TeDNhn1VuMUVmAainVtMfi^O zYx<0KXa-B0byxJIZjINmybdo`?5VY%qRzF>oW3;5iS!+tR`lQabnJw*nLPY!FM7j- zl%GO&4{`u3fx7JEu9E?O={zm~K1yk0|}ln%V8hJ)Q{%VTo8J9cYB=`WPX zF;A^;Z>?%N*riGvNalmub*G7+N(}??b^#0*135jeIC}s0I!nLSG@6-XgCn+A4z6M& zWvio3carCq((b9uWnRKuxsTSnZZ z{`m&x%-w?Y-y!Z4#c1@fjElHRj_VKg}SCaTTD+eRwxxG?~ zTTsJXpw13@j+d16ll9a>@y+Q{ zoDUl$lUuw1GOCn z@h^9pUGyO=0vj9_XfobvQD4NDz3S|$Y<;%B3k_Bu8M*$-Nzl1{#GBvbMRn%4>@IHI zbjtwaTkh!N=7)V%1*O7t5wTxG{<>*9f4!zTP`}xv4TgQqxI`{@aPc?48O@e^r1x~f zjVx-Zw+39N} zKCoYAU&qyTGm0t&w>~(^7=IWVclwz8o1neiA~a4cp%Hb<;dm?N>=3kky(s3wpWriC zGPRMJ`m7kWGbfXRv0gB(NE>SmicTHP@R@+V8zpvr6zsZ>gq{@0@rp22ey6O7T~=Cn zvD5{Tr|dQ66tLg56?_`kb`4K_8l0Ddvbgzv7vdxHVeCrAN%armht_`=EL~ zvBZ!V-zSJoSG4^g?e&AaBh2Bo)e`9rF50~R9&Mn&MW2;R*~tO>nd1LmLg;7(MRpUH>t z4wOYrimUN`BxhnjS>&ocOii*j=|oW!XWjv{EgOn>bY)+nO8by%qnK(cyMM zOwX9}fVQ#4K!x7usGsyRgkCr?f5X<~SL2Q%x|G3wofx$IUU>#0T&4WnUn4yv449?! zI`%reg`9YmBM$T`+}l)7CKw_67j?7>R4F}nuF+_p_OHOaY!m@~vP6fgKs7W%Jn|W) zJzu^s>C-FlA*a?bQT?Q(oN2Zc>*E`tPJU>f*G1h-(7*tlvkprpoPXcenUkdI{4nW7 zv)WmIi!|QjL^aYM7`ELz+KgC$Pgh>%ygx6xyZG8~s8Rtdu!C}y_p`CgE`dY3-#u~b zdD$J3Y7ol3oVezYsHYjYuXG->bHBI6d`3}gx$|FV_rHvF=3PMK)$ek!&vx#-zX`y` L(%#~kxmWBz^|G3< diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.jpg b/windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.jpg deleted file mode 100644 index ed71564e87e16e1dd8ee48512b71868ea75ea062..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3278 zcmbW3c|6oxAIHxalfjgT#O;>L$kswqU1Ba}EnIu$GLy?M!{|q z17iaK;d~klm4gsW~ zkT49u|Im2tAL_q}y8#~z4(H>CBM|)jyk+n_4e*O1#C}lI-Lc2ws(`Gw`0@L(=}0-f zk_HLO?q#(4HJ@NXp}ms(q@?8!DJUu_pU^mY>hzDAXV2*y7#bOySXtZH+FiVK+38p3 z>n^Tt?!LGE{O{Ziz=ec92n+wm!-zOid;&S~wAD?Q{RY*w^ui$*Jj?*}0Wf#u}5gzQNuU($+?vx8n`nheSYMa-pE_oGf+$y&$@9xOv$scv zWA%E*9~2Zz+FCX}eed%ki&%e2mg`4ZmCD|#F7c#fjBn%|Yi*WV`>xEyGGa+eiLld< zq3v{TfGz3%OzH6A<-@@Z02Q5XVn@-?S!|* zRJz8|dADQMOl+c)M`cI--&b&^rb;Dymg)*GSv# zF3m~xNLTM@q=(##C=;{kM2oOQtBZ^ zkw0ju_pTL1CDq1-zBcj{C+>moPh0;Ol=d(x&GN>y@@mfk=T^qxYj)TBNOLuoi ziFjXrZm+|@Wa2Od0&QmFh8wL(*^{-guUwO+T*tmBpd{aWC6`Pd^)fo$I$nF1`O45B zWnQ^0*TAwuzUWVBvtFTY0s$day5g&xCDHTDeLghP7%r% zM1Q$_4@{7@=)pA!Nuz_W3JSQB=G>o{sWwq2baLd@8U)zt!B;6Uf!+=L1b#0dms?=DGdVHa_XkGO1Knv5zDQ$hQLRu!4L=pr1KOv9;)kBFjWSF{WI!x zu5Nq|y|EkPbp0OwTn`BX=|bBgvcv_3Lq4^6Hw5Gu?^o4zBQt(##vE3Vqx{Y7mM zSj=gf?xj9(xV5Cqy#WCa9YRrs4!ZXFWqD?=?P@D|rFHboD^(kP?jiI_eTRVW{o&$* zQ)Xf**CsyR(pM?pRKX=%2IrmbiI2ZFU}oAc-?!b;&pp^nc_?d&F;0~t56J%xt@=PhU+`<{5A(INq< z*qf(J8nz^PV$m#Ynib=WsVglxLD@S8k>w;#emZDRZBGwz$dQ`C2(OLj-VGi(=syy) zxFG69WsAlTG{&aNw8>)lY1d=PGziFFV6Em8Xp+0SYDU_4u17k7Ct?#1=05lqTCkt? zcSfCneKl1M+%KZ~a>ICBEJvyHO3Q>(|3zAQa1-9LMg^ZdfE~kOUi(eOPLF#*z&>3Q z<4%i?Cl@UBvrh(D9X5wkEcqTs*~Bl~#E%AR?Kap+C{K#BjI4H_T{pi@FzSi)jw?0$ z;D6(`p|#vBR?yI8d0da%)62Cl_;NZrS}ja{zlr9WR?2qY5UI;~ z&OyZ^)MbUDj0-GHw$)tlzdp}10$-{3FSXCJgj0Y=rp1ifwBmu!3`35{)>Iu$u_gPa zgbM^5Cpg?j2n-VFEpM-H>{xn~L7ktlIc$E`{37j`-|U0tbQN>iN6%vN#c|3q))w<+ z27xqfY4PIjiF65xz}i9259NdG(u^`(JcFZ*zvMf1{q$sT_+gDgd3w<#_Wicz9fEP{l*7Hd{S0#x zRRV+S!YQB?%+w6%RG+)pD+}_U0Zpg?*%|-m17$fGa1Y#+kIAqnt0EJNs9{ zfkdeW2;^p7S=9+#S%1^4H$V=3VnrtR;X-;Ta+UOJ`=du&we0A}7y8}8o3*qvEx1+; z?)u0ON9SsM8E!-4`ReoPfX4PM>K*6NsBA%7{@q@>JU5iyGG!XRUCb2w?Eq;sI^51t z!LO=nr)N$G>4$x8-W)YJO&b+@%h9_kY=F%nIHRO*&kopB8)gMfLZFq-A?HxWA$MldyZnRH#C)UYsDcp=nc0Wi!gq<-&L7 z{tzgXbbf^~$}tm{$+I+3d)!8}uPgHZ<;5ete>utT#~0CBxzmWpG;QVRvd;IAre(%D zw>8Y*#2Qs@*8PZeuYjjFzkjy9iG4SmNAz1;>kBy2DJ(^{Xm<489>PwYH-JD*_2vv` zxJ6?O8^Rj!6@KJQUbVp-R!Wn>?foK=rOk@T)!faTxyE?X=h%sSdYVb9z`UbbF#A}p zjO8aMlyriuY|!NqRD}+f&sz7L3#{AvkMv}O@&P~r0RT>eT|i>>Rym#N>5so=ta3!G Ue^-|3-#OA>Z}@laC<68W6M9K0hyVZp diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.png b/windows/security/threat-protection/microsoft-defender-atp/images/EDR_icon.png deleted file mode 100644 index f2622cbc2bc011758fc1f687cdb004d508a6f666..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2826 zcmZ{mc{CJUAIB$4W6;PL%Dyi#mV{7*s2L0jA;v?9VQga?Mnnk>k}XtI_H9s>Vel}@ zPPUq|uQ3XPJc)>RJnwn`e9!s)?)RL}?{n|{@1C1zWpVu!rw}Iq062w!8{cFmlGzB3 zlgt&DT~W*oPypN^2mkK_n}MSFS$14ujrx=afGmts9!k5!3a zw66z1^A`_@IRPC{to`o>hq+=s0H}bYW1Z{Y!_h%*7+0o>1vF6Wo-i@TF}8EX`l0cYg@h%>(fB=)vm$w5$HUz8-$TfSrM?HYPiHtl6N0F&=O1M<*B$*3GX}@5+RiZc`f-V&KO}X0DmziHhF=#q*B5YCX(cvaF0H5 zp>#X?t@{)Di|yvwUoSWI2PsCT=gNF6ZkFrCSmu8pjw}U#i2uJ)oJaG%S7M82;ZxK} zJ51{AJual&hRfvZveT!^V3uBW#TpYr!THxhUWL%|5TNR|zvgnnup-)8gNgGHdJuRo zpRju0imCw>Dp0HhB@;iZeF^IrYl4}>&)DYFmfn4~xH&Erjla}SY=!v~`z~lP?gOCn zf7phu%NMWQcU1_6Y3`ZhlU6@>H#TWLEK?>e*|JYG3ld76xQDML-vIB>dzVFdGUQqm zl;jK_sB2%wk-5NLxh^O|?+0PNsR)y_!Mkql%WW>hreKl3t-jJevJ=;Y-DXEb9=Pqu z*w+SV#sG)dF+it;hqhJTgw41rZM!Otk=8L8{h{;zGp`Znbe@H*h?AM69ZBvW$YWdX zRrQRYpLA^0H?tSl;c%e<3XM2@a*^aZlNFReer5Y><)RvmGB+FbE^bb?iMNu3Kk{9I z13FOAXHE$9+rc>hf#T?%1x(jn1-g|2g-H0uS$aaHgB=Ex@p@#WOB&7iWS{fdA?p(& z4!Th6c`sLLtX`|HxJYvLJ$nsaETWCdIz*)ZlNwh6!d#D-xv+IvhG_EbG5wCAe*~vX zxy0Xrz-yS3*D${=&hWBmum_{=FLfHBcxmys-pHKk5~FDFc-)jSZ|&r*pF9mftVqQoUw-E-Y7$-5|1YIk0`0tx1S#_eJxf?cY+_ zH~7MHvU`&|-ZlR2F4fA@8Rasz&H%M8JLC|k!lv2fQDH0e37T=(m%2_s6<>}WX)pI)yc%;+gxWTXIbI=wqC#$Vu z2jdB%cd@Msm3&D%S|8drJ<>Mm-@>*kmW75|_RB(U?2Yn+v|u?z9Pxwh0fWZvPaMSS zSY(p8z1eeFwPR=aT|>jVK$g8f3m?*-Ea4b%fytr;$Ux;v8*8lGW?JBE4QdpW>DZL+ z)aupbxZ?>EyQ0yTBiY}-qjc8HDtug+qb^mYWx^tXa&br0fJ*a`iuAh&4S77N13CO{ zk@cq=OH8!+ngzKU508^Ilo(zpHq|a1oMw@6X@((Jr)ng7`!e*`rGb|8z4vYE+@~_a z24cCw&zO#W={4)ILOfEuP;U@ARGN4Ce7~ioIvz(h=6&OXN<#VMe>}ucoXw`{QJ+k&gqgC6F zLGc!^cL~_o;-+Q!p?RBYBO*^))d%38b7sVj6ewxgRjF!9K|=YQ- zbfY^#?M;TqF{5X{^ez#cM(sop3Waa#HO&1>--l*2F z1UEV-QE<>hK18NB+msGT&vsxHK4H*(Cw=LZt~~Iuv(tWK2a>`twOeZMCYoQwjKM)O3k9$5K3=F zcTmO)v&dR01>Lj<@?APBfUGZla6iPz*~5TT-3#8^tIsZ6{xPb?D#&FnE}J237&BNT zCrVI?7qAyBs)!Z-+-?6hR;Bh7+Eaq_^hK+$o=4h41*+im z-U%_aD|zq;#O5Op$fmM%o5brMf02QY#Q_QOs$Q!N$WSK3fX`Y&mQe!JrC}T z?oH&dTnS%hiPqQd!;Spp;ihIiG>=316p$?J$UYVdn=0KjrT1&!6ABa|Q)X7RGEYmLUZFs?tz6Q?rb)gmj!xi`Z>2dYxZ!lHY(2p3ld*H78#=dpoMUt-uF5f>%Tu+Z0BkfT57)XMQLu{$ZC{XK|U^OX3(`0*; zp=Hy)J{{=%UEFgh??!-A^`x#tc`P)RbwdE>Gbb|Cl3ui7J~D}{=d@cfeIq;V>&jpt zEzH~$X)Vt66Zps%`#Ucd>kluV{b(k}KJ1j}W44yaa4GV|fHFj~N{~?zf20^w8Khl7 zb6N|zxf;bk-zu6+LTk0)q1IwgxH1YmZf*LNv5ov{a7sI$yy5hbS~;CajcLDpm5<8k zUyQ^%=GvHV3nf?=DT=+35U|6J@HZC7ck1b#liD^+V%N4mZ`*E%heU3dL!YLyuzNx}u9_x{d( zo5P2aGs5H+6wR`nVXA=0ca6J*x1I{~&82;dqs*f+m9`2@o^^whw}xX3!LL+s&+qHU zf1v)T>QePlZ}c={ot;R#;}EC3Mk)1H{R=)vDbR`9dM7c|_Oi2Psc5=>Ed@UINoZmJ ziw4%(F0%cv{j%@EN^_zkf4+CR9>1$|2}?y1zqw1y$SwAB(M{5QVGSkY6z|_}XN^j~ z4+942B4SrAcS)=A1g^NB`1Zq)lwK35217f#W3T(CHRIDrFXwNK7?sJrMtaR|1s?AH z=D^Pgxw(w}sDYok!<#9(e!i8g(;KpyZ(M=UxS9{v*lzy|yBf+o2D*WYl^G?{O7*|W$^Od8$>dPk@ nL3%;wIx)8aa*{W zOX60xp&HbE$7D^pWGVY@tTXeD>f^ol{p;<0&gY!-IiKg8=X{^%Jm(R13VXo@3lnn_ z0EyZ;Q3FB&ARRR}Jfd{U)y4g?x0kn@hpV5G`DK@#N_Lt%cWVOSdk_VXNF)Y{!J*MO z92SekN#aBz`5giwF&J^Q_?iJpocMPg{d$Y=1(Xi}goM5b_$H7Tj6kB$7_7Ji1mLea z(fC#S7v%;Z2Enix0!AVc2$7kqA{{^wkVIuoLzL9<^XM%;(tEC@;7)DZ zd%>5672mi?cC(y{Dp^fkLrZ(#ejVKdMn{ZIOwG(KPM)&0vv)Y{=yK8ZA8zg*o__uT zfz+TY!I4qdqhoHw#-*mEXWY!Zm6e^(DEQ^x{Ra;VOCOg#DX;kb>9e}}7cXD28ycJ5 zwzRgjcXYn%`qShQAESz z=<_~OTlQSTNFPqgD`8=`?maOjbHSG@zHyt@N0sR{>Mzj$8#C?yf?j7{M;6us0tUDP zFBlTh6CjuX3A+FehC~aP04QK(XM{LV1G!?~JE1D$iJ87K_NnHz($Jd^i}z%6ywqIT zzJd69TKH}?G1*Fof8RhUhz`wl0=O=QO1WJK#TB2Z>E1?CBK?X=5y*{C# zz8%JoRQEN6Qwc0Kb&|dij1O%_?-y-yZeh}GZkf@k47}~cp(@sxJKUP`B2K~DHbQAR zvLP4!-=AZT!UN7XjZp%1-+z*-mr9t@wb~H14Tb(r}i(bpYh#I zmT;%kLd@p|9>o#ViQ=;TU02mW5$>wP{G37~kHo)R28~RcC>tk+jR3|FN)4J@_uz{^ zkmSoUs@a7MBlU598`W zt<&ST;n(HLv!qJ)Bxy>qKKWI|uI9hT2Qv8KPez~GxOo!vsX>Rl2rVa>^JEqI58$j! z=c@G2VXUECXf>AaE~Yd8ypuyLVL!spq9U{y(=VUU<!|rUk9)^s7UqmQx>kSFNUR>iD6eXhtpL#D~~ zYd5avGU(j6kvV&_Xn;AAoc_|ybAPm?lMv{oRWu!-=cGh#`SO7bj4zi)9n+^pku&CDme+gy4Z9rP$#Jsl z%*~#w^pv6BI0|)>*V~WiZq|L9+Cgs_97g2f3&1lKB{D5ZViPqMBJ^Gh;85e&or$|#rfA6}mmQ0-jY>C{P z5$t;&d0Qaoj(6nzK>su|lSAq5U0xAAYr)aw+af%N?BOxGAQK)QS)JqKzWuV9OT&M> znXw3ujU`z}gu!AF8eiTybg;-#UcNEcyEi3bSt^5aL#bnQ(J}6cT!6g;v${Pzk;5)I zbw|8So${FMZP^`$3JAD;O+*>e!IIQ|(-C~_qs&I+!uC3oRT`5&?<{|})k5pRj)_lv zV(H3+pnq&e!zQ~pELLro-4eaqb%AcwQBU{%_W90**J-;A3Bdw47ZwnTD5gSCod`%% ziKmw-{5f|Z1W}$Gt`JNz3>1x~O=}&ZJiB}!YZ+`Geoeen0B=6%7ftGB4M|=Nvq?DB z)28uU{UECR8Tkf}ACcfq3 zQkz(|rcYnl>6+cC;6JnETmn{%@AIGN#5cq(I%e6glDliIvuSyxR; zu9x$740ZD{a5NFDCcfU^qKD@hFq<@kV&aQ6-g5Pc<1(du=Nz|Douda>+(gV=TlGvx z4fo16f9*QzU+WHJfH629*`T+<{r$O_Lm|@(b&YT}BVTpUtE{}9h7Y_!MW>#mQDXGb z?+2F(OY`CbFPU)|GnwAbm5ZVE>ePU#OICx(XS2!S+6!l=ySLUabPaMk$MW6Mf7oZj zCF!Uh4mx)5Gu<$IIlD8?!9B#W)I$G2#n3bQ4pY26f#Pbh<2BQmWZ%48R4YJMOeM(Y z5dUmIXYJG>jhWs(9N9zbHdFXSLyI`XZq4Uqg*9u?> diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/MTE_icon.png b/windows/security/threat-protection/microsoft-defender-atp/images/MTE_icon.png deleted file mode 100644 index d5b9b4808649a7213ba8e2d3f17d93d18f4b8f7a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2609 zcmZvecR1Wx7srPTGoweu3WC`v(R&R-bcv`DEn+Z?&KPwNqr_T0jNUdvj1n~xHM-Ta z`Wn4PCVKR?Kl?uK^ZxVxaqoGa&-vbS&u!20#c#M^6K?OwJCu1%BC0>iQRHm|;|XFenc+i11-R z8$dJ|0I4Ir?a)r17$*;R&@CAJ9>A%txtfP(0NTkBg#ne(4=4bX?q7;VBCe%e7$-L* zNcxB#26$lC9%By&j2{Ax1ikRQx|UP_8{Em;&J_Vj(V$PQwFv-*UgPHow7ZkLBdC>a zEec?e|BUxR+aW;*SK*}p%G5mE+>q`V(BVMp7l2V-%S@awu1HYv)(9UE>s&`&)x9n2-JRb$K3f1H4!?FF&0A2l)0vFbq zA$d-ws19D@RAC2cs7I(L-iCawCiMh1-x&_<+248cutY8vyA)Sl=GcIBtvJ{5u2Ot9 zo>%()`9Y~Ob@|7&h^nNh+0f;o=+^XXXl(EQGtmKNx3Rfe6_aZGkw#P?IM_(nmB^bl z$YDCFX}d&D+>{{_iM1BO)0;8~mbV`@UE)$0`FZNC;)9g+tIXb+2*4xKF_QGL>0{P% zQ1b5w3T$j_wM4fRBQ-Bh9&O#|WjT}5XKU;0UhIyHgX|g6&>t9uvJW3dP*OXJ9&#qz z<2Aol8CD44b%jJkBqSx1eT}tv58yK!n9qR+0&$vl27d%x2}Cle)$8)J#!)s~)0a!v z)YK5_{7j7E+8Y}itr~sfGz)Mkj2&W{BKJ9T)AmXV6$?udUpkHrsVcay<|3BJUIah3=C|3 zS~1DyGBrotAqEW#EiV^7y$G>g?S|jRF^aVo+9PDjXcOKavM(un)=ol)Nnx5+ofe7!s)Q=8gNt<6E!7V5^~ zNOQAPyoC~k#|xN~Dw6y);++h=F2C0czh9LuTHJIBzTSstc1r*U>qcaX>FVs~h%y0B z*9{H~&=~b08kAvgIbH}c^D|LJ9cUr$;>3F<42**?-9=}{! zTN^=Y0IM=!m1)92qf&%%XRV?m)jrrbx_)49Pa+jbOP|mUr%`*CGUhDJ%*-6$c`Ewr zxEODQjk`NtC?0>iVRmb0Ws?h44(nj(uPz>U2F{x!`p?F^Xm$ao^7`O28Q|i$dU!0K zT^g)JVUs5U{cRmtC{KcNEy^_ujpQZv=R$aW%V1x(kDR1fUESRN+VtHxIs>bEPHwAH zd-Zsw=jIj}5f=vCZ>05(g#>>dXaomun#-0 zi08w<{@xCW*L|~)&tB3B!KuNV3=^RpiDEQSq)rqxt4O}7Sxn#$%8!$L+~oIG@7UOq z(#t4fUNd3V}i(oiUP6<{)pgbwbFOhgR$z5c4&ZOtc8Qd1~ac+~*IE3ytnjre4%4 zb-kSQJ?SF)9glvbb9tbwny(t3aWlKm(f{z4d`mz}r(-Ib>4$xzeTlctCnD0tC1!9? zuVGe1mypCfvN$)Z%HQh4UV?XW-rqNK=MZH&x2x%?m~-1Z6MRtCG!LP*2SdpMxsp70 z{2xEdst9Um71U??T=^|gIvHj{fW|Tpm6nzQZ)j1t)bOp#O1lhY(los^Ra{-sRBuS^ zCpMWc!4uw`v6}NIh&0fBA3=Y0Kf7CM<2;*`=&6QZ5ua$IYKCj+qel;Rf|GXt7Y~Z&922yl~n7y}ma>$pwpzT`= z4pK$(e}ojnvywhfpoVXf2nE@5&2tAVzm!8bd&cB4U_VtrWWJh9>9?3zcqm5xoOj~N zGklVf`Sa1v?B}|7DR+gT@xo#>Y6>}Y2o_!ugB!ZA67#MgQ`(S32hlNBCZSXbMU$b} zpW{^&hk?zD(nP61n|y>wsejpz@T5I4Qya6e_xkceX}sJ(5i}8%bEZ7OjdmrzErb~I z2$K(%xu6l^QR23?@VeFuQCi*;7@pT)N4stLiFj9O6Dva)b-#SBvh*o+Torgr-?(ts z5b7*{+#VK%e4W^xgVr}3y3^!e*J|taGiP%OiVeDs$i}1(90D}F0`T-vJ({9ua6hwSw84gv15IcmMgSZ zur4UHvRtU1fL95Xd=|s`vIKpyyR`6ihI5gsszRLGO8NQ1fv9Ofkn-g#N_k&$GLBM< zrVv8kDj!ui_?s&CDJy)@CE=HV3nRSbxV?3k+=QRq^(hl)8G z5N*mPbjtvJUf${tEA&oP zf~gi=XUF0|#OB2L7f!o1vTRK?(-&O3TomhR>@8=1-?3JZ?5a&Z*Gq*wvgyncd=YXv zA>+|h6UVT#cOo&5b;yi)pFJk=JAH~u=%8t<=zMcHoM&DxjT0N?Wxyea1K~z~gU!%J oKui|64#9@&Kb14vlH`~Uy| diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/NGP_icon.jpg b/windows/security/threat-protection/microsoft-defender-atp/images/NGP_icon.jpg deleted file mode 100644 index d089da249321b0833f313fabab4317c62a8da63a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2897 zcmbVNcU05K7M>776Gfzns8Ina3M>)?mL@1<15ykn76d`vh?KA(AT?5?2rLg!P>O{j z(xpff5=8?7ibQ&c1q1?w7D@==_oBOR-@fzydHe31nS17ZGxvVqnYlAiFEk2vn;2t^ z0gThGa2kNN0rISo!I?wW*RS4iC%6*u&ey#TVcf4OAF@?d{y`N$10WnA5C}d5pCB)< zpddd#zu-Rxe+|PeEb4C zU;zF*#um%BVSchVl!DOYD{0Cwo**UO^G1eo{kI>&Me)jEvDgVN9&7ZESJpFI>EO?fTF7 z8_qYqZh8Co-uCkk3%?r?85MmmG3ow;@hgU>-dYvkrN?&qJ|02O5gHJt6>+#oII%l;xec)*`;r+zmxvoIEVgUr2pjn zCuQgj5at6m01Jn4*bBqp!Z4^G2*P2U30xTH1D5g~0U!^aa{af1t66my-m+d%nfi6e z!fXykSjR1>u34Jh!al?8X5MJP2AdLaWz6(dmoM*%Z+65=q`hK`FHB%-mTXh-`$Y!r zWK@Uc9>Fm++|hTn5O0{|3e;(j`Xm){ z^&_YfcdHy{M_qq==%QWEMq0&j9u=-*(ZBfwdb00kDPDxTKPq$8UlV1lyT|_ zZ4EI7>cmCSBE|X6AktoTD{jSSSP0nqGKM%+|=zOW* z1LfhiOj5i-yH81WxU`9)=x912-Hc1&6Eew6YjXk$Yh(<0W7T4K+NVYKE zK_i)1H%^{i*dDRoJo}kF0Ed7*d94KvAA^9{O+Cq!k1y|MCM8FcZaiU6=-?~IA`U#n zy^3l$M`=o~unLl?NMsPRYU%M3LNP^QDe97_TFR^hjckMOd)$+~<@U;ZN8SKN1OonC z2ZD3#vQ*k7N)n3_%(Ta7M#UX<4#P6PcgQo z4X3e(-Ww+xlab#xqIx+?AbWX`A*q9laZq|c_H@?fo@HEdXXd)Il1fnjbbz(m@smey z#wqCe**7aWg1 zz%~0eI|#EpcIsfrV%4_sC4Clw6Q~0hnMSO!fk2f$V?v0a0D+(!2yl>@nkQFqlTEb4 zrx3vLc8*}G?((i8yeIGYj(c+r+D`JME@#f78{?FMu~}tCK5<5H!;|c&kK~jbyjM?# z_(9^`$m#@Vn7pR&4a7SYc zbx#WlZ-iN=#bAGpL-pj#=E#gIrIs`BZTsSSLT%ak*NB>ilZiEX23`9wj z5NJ95Z&eJT$mX$6#`6m(DTR6au9J01+PeeWxa2iNb{Uq+2^jP6bKhH1lZeeS!#3K4 zcMf$rC2shWJ%#cs*#QTK?OuA{{IOcmDlD}8ej4lYo~hL7g(~x@m$+6WRuovmP9e3o zoEEdthkD#n*4@Rm@9+*0Y7>z^?=>XW@%Z-)U8}C>>7?n}4C-{#^_3iQSjZh2j{7e* zT3ysuVCvo{`Kw&=)j3G|xY7Q%%U~km%t|d~?{WHD8?;QRCJ0FMP`q@`9P5L*Olo#V zrKiT)4EUJ74nSVtka%~xVbjj1n73bsJvTuNB1dZOKQgBG^zkawTwiRpW%&gOL4WI~ zOxExTF1pjeHV=0u$FVws3AxP|4#fGP^S?{oefc6KKxCjT^QUZVap4I*T>}W{c#C@OpHW$5iq>6HD~cI-;RJ41czL93Msr z&PW*_kBdBBm`@3yF0dyjC)>B0kav=K?5M9ZM`~F_Zzgk9XS@F0d)=_#&|4vax}3)n z4S_QkdRnhPS7sk6rlXwfmD zu+XFXDe05F$Z=^YwDnZY_^8*}W*d@(Ap3Kb>{?w)O7PV1q@PQctL@syYO{v=TL!-qpGqJ7qjuNC2wCMLHAVv}lJjAN(xI%9Ir z$%z+s^fId&i2}-~vYu2;ml)T?_SNLW%}nA{Cah__$zw2;HMol)P?>YDLar>Cno_b{ zweIg4D6TD^A=T9|>@n0dkM3ZmjL+8iHrA@sOP}BN|I#9nN+{iJE%cg|rbCy5otl!3 zDtxIvGd6oQ-zG6OsCc1-jB|&8w4JxWgXvM{b20bplbhY>*paG_^K~MN4I}R;1ofR& z8c(^h3N4?k8Nj{PhSA6d9xr=iZS}{Bj2HHzwGcqn2dK!d=mzex5md_WuAnit&u{t$ z6DIuY1F4K>oLBVwHTdq}He&pWK&}`_()_kC`q8<*<x3A`A!o7|fw^jqf1lgv6l`Ks9^l z3>P}B%#5Azk5&rZQBc>D2~_RY&gl-XOUD+4(H&=RV3HZhRd|S$H5&}Lf7ZM4Qx~hxrp0d-0Xj$a-2AGul$6-9vhWj(qYg| zA~G%unEGAGe5FyPMhnGnZ| zb|uxTuWG>Oi}I^H?sT0HZ4b^9cfDe5A3zhLbElZ48Qs>YFqd;(nK)iom12lz3Ht}pbvEr-F zu#(|1!-sw-<=z6BwBl@ISGWQ)_)V`W8Nck2UXC8ld$fgbTEyJx`_dZ7+Fsvoo0c_S z7mXWnPG2BZ6rag2h{P`j0t*1_YpCLb?K^f0F8NE7JJ3h%< z!xkV0l4(^DfwM6jMI}Loh@M&|f{C;-b@XvS0%cc2e54MyFYnNXTxz0+p;VL0pv^Y^ zND&yLKV!l}qyCjr#LX$6kvED>&gKx7p-bd$bQa|_B~-(_+eOadHyms{S1FsvHtCJJ zWES>Z?!v@?uFP$y$lG^%YV<`(b(hp3&4#?;{NkvF$yHKHd{OYjRHV8<5`aw^+n$_OWRJ0=$H?i5(|pp>(ZL>8%fCz9!a5N_zF01D}iY8b9#KM|h$iY}MKA zdcT_cD`Ub*Lti7a7oJBDMiE=${gdY>UGTSNO`dGjenei}>?Ic)XrxHz^lT5dgTGet z-8gDyAQO_)w>=kROiyA3AI_=_H-`#dQ3Om*{#LI8dxa^k0 z3^{+J@j{?aJH*xcNA0_{FAV*@dvJAhp?%6wM^i8qRCPu=NJ{VA20{oyhmn(R`DHEK zepU~88QjU|D}FT1%x^SBQB^LpI>EB+uzU*m{{JeNB~gFQcB5l_b+}&}U}b*8tk%Tm Gw|@ZWrl=AC diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/AIR.png b/windows/security/threat-protection/microsoft-defender-atp/images/air-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/AIR.png rename to windows/security/threat-protection/microsoft-defender-atp/images/air-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/ASR.png b/windows/security/threat-protection/microsoft-defender-atp/images/asr-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/ASR.png rename to windows/security/threat-protection/microsoft-defender-atp/images/asr-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/EDR.png b/windows/security/threat-protection/microsoft-defender-atp/images/edr-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/EDR.png rename to windows/security/threat-protection/microsoft-defender-atp/images/edr-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/MTE.png b/windows/security/threat-protection/microsoft-defender-atp/images/mte-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/MTE.png rename to windows/security/threat-protection/microsoft-defender-atp/images/mte-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/NGP.png b/windows/security/threat-protection/microsoft-defender-atp/images/ngp-icon.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/NGP.png rename to windows/security/threat-protection/microsoft-defender-atp/images/ngp-icon.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index f2891d5f18..84492e0423 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -48,11 +48,11 @@ Microsoft Defender ATP uses the following combination of technology built into W - - - - - + + + + +

Threat & Vulnerability Management

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts

Attack surface reduction

Next generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
From 0773b81949f3799fa6c10f776f7ca37ae50b18d4 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 11 Feb 2020 11:12:06 -0800 Subject: [PATCH 16/39] small update --- devices/surface/surface-dock-firmware-update.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index ec479afcb6..ca60fcfca8 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -61,10 +61,15 @@ This section describes how to install the firmware update. You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firmware Update to multiple devices across your network. When using Microsoft Endpoint Configuration Manager or other deployment tool, enter the following syntax to ensure the installation is silent: -- **Msiexec.exe /i /quiet /norestart** +- **Msiexec.exe /i \ /quiet /norestart** + + For example: + ``` + msiexec /i "\\share\folder\Surface_Dock_FwUpdate_1.42.139_Win10_17134_19.084.31680_0.msi" /quiet /norestart + ``` > [!NOTE] -> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]". For example: Msiexec.exe /i /l*v %windir%\logs\ SurfaceDockFWI.log" +> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]". For example: Msiexec.exe /i \ /l*v %windir%\logs\ SurfaceDockFWI.log" For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation. @@ -76,7 +81,7 @@ For more information, refer to [Command line options](https://docs.microsoft.com You can use Intune to distribute Surface Dock Firmware Update to your devices. First you will need to convert the MSI file to the .intunewin format, as described in the following documentation: [Intune Standalone - Win32 app management](https://docs.microsoft.com/intune/apps/apps-win32-app-management). Use the following command: - - **msiexec /i /quiet /q** + - **msiexec /i \ /quiet /q** ## How to verify completion of the firmware update From 9098051eb8bb9ef3a9d3d8a968074d2b00038676 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 11 Feb 2020 11:28:48 -0800 Subject: [PATCH 17/39] add links to videos --- .../microsoft-defender-atp/conditional-access.md | 2 ++ .../microsoft-defender-advanced-threat-protection.md | 2 ++ .../microsoft-defender-atp/onboard-configure.md | 2 ++ .../security/threat-protection/microsoft-defender-atp/rbac.md | 2 ++ .../microsoft-defender-atp/respond-file-alerts.md | 2 ++ 5 files changed, 10 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md index 9049705849..b58503a9c9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md +++ b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md @@ -28,6 +28,8 @@ ms.topic: article Conditional Access is a capability that helps you better protect your users and enterprise information by making sure that only secure devices have access to applications. +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4byD1] + With Conditional Access, you can control access to enterprise information based on the risk level of a device. This helps keep trusted users on trusted devices using trusted applications. You can define security conditions under which devices and applications can run and access information from your network by enforcing policies to stop applications from running until a device returns to a compliant state. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index 34a417fdef..980aa0a653 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -25,6 +25,8 @@ ms.topic: conceptual Microsoft Defender Advanced Threat Protection is a platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4obJq] + Microsoft Defender ATP uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service: - **Endpoint behavioral sensors**: Embedded in Windows 10, these sensors diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md index 1a48280c33..68bfb931a3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md @@ -35,6 +35,8 @@ In general, to onboard devices to the service: - Use the appropriate management tool and deployment method for your devices - Run a detection test to verify that the devices are properly onboarded and reporting to the service +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqr] + ## In this section Topic | Description :---|:--- diff --git a/windows/security/threat-protection/microsoft-defender-atp/rbac.md b/windows/security/threat-protection/microsoft-defender-atp/rbac.md index 20269f37f3..3bf1ca9d9d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/rbac.md +++ b/windows/security/threat-protection/microsoft-defender-atp/rbac.md @@ -28,6 +28,8 @@ ms.topic: article Using role-based access control (RBAC), you can create roles and groups within your security operations team to grant appropriate access to the portal. Based on the roles and groups you create, you have fine-grained control over what users with access to the portal can see and do. +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bJ2a] + Large geo-distributed security operations teams typically adopt a tier-based model to assign and authorize access to security portals. Typical tiers include the following three levels: Tier | Description diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md index 90191cad9b..8998da024b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md @@ -209,6 +209,8 @@ Results of deep analysis are matched against threat intelligence and any matches Use the deep analysis feature to investigate the details of any file, usually during an investigation of an alert or for any other reason where you suspect malicious behavior. This feature is available within the **Deep analysis** tab, on the file's profile page. +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bGqr] + **Submit for deep analysis** is enabled when the file is available in the Microsoft Defender ATP backend sample collection, or if it was observed on a Windows 10 machine that supports submitting to deep analysis. > [!NOTE] From 36b484eace19a364f249634bd7a9445aeb9c7aa9 Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 11 Feb 2020 11:33:16 -0800 Subject: [PATCH 18/39] fix note issue --- .../deployment/usmt/usmt-identify-users.md | 21 +++++++------------ 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/windows/deployment/usmt/usmt-identify-users.md b/windows/deployment/usmt/usmt-identify-users.md index 445247ab0c..ba68d36951 100644 --- a/windows/deployment/usmt/usmt-identify-users.md +++ b/windows/deployment/usmt/usmt-identify-users.md @@ -10,7 +10,6 @@ ms.mktglfcycl: deploy ms.sitesec: library audience: itpro author: greg-lindsay -ms.date: 04/19/2017 ms.topic: article --- @@ -21,9 +20,7 @@ It is important to carefully consider how you plan to migrate users. By default, ## In This Topic - [Migrating Local Accounts](#bkmk-8) - - [Migrating Domain Accounts](#bkmk-9) - - [Command-Line Options](#bkmk-7) ## Migrating Local Accounts @@ -36,8 +33,8 @@ Before migrating local accounts, note the following: - [Be careful when specifying a password for local accounts.](#bkmk-8) If you create the local account with a blank password, anyone could log on to that account on the destination computer. If you create the local account with a password, the password is available to anyone with access to the USMT command-line tools. -> [!NOTE] -> If there are multiple users on a computer, and you specify a password with the **/lac** option, all migrated users will have the same password. +>[!NOTE] +>If there are multiple users on a computer, and you specify a password with the **/lac** option, all migrated users will have the same password. ## Migrating Domain Accounts @@ -49,8 +46,8 @@ USMT provides several options to migrate multiple users on a single computer. Th - [Specifying users.](#bkmk-8) You can specify which users to migrate with the **/all**, **/ui**, **/uel**, and **/ue** options with both the ScanState and LoadState command-line tools. - > [!IMPORTANT]   - > The **/uel** option excludes users based on the **LastModified** date of the Ntuser.dat file. The **/uel** option is not valid in offline migrations. + >[!IMPORTANT]   + >The **/uel** option excludes users based on the **LastModified** date of the Ntuser.dat file. The **/uel** option is not valid in offline migrations. - [Moving users to another domain.](#bkmk-8) You can move user accounts to another domain using the **/md** option with the LoadState command-line tool. @@ -58,13 +55,11 @@ USMT provides several options to migrate multiple users on a single computer. Th - [Renaming user accounts.](#bkmk-8) You can rename user accounts using the **/mu** option. - > [!NOTE] - > By default, if a user name is not specified in any of the command-line options, the user will be migrated. + >[!NOTE] + >By default, if a user name is not specified in any of the command-line options, the user will be migrated. ## Related topics -[Determine What to Migrate](usmt-determine-what-to-migrate.md) - -[ScanState Syntax](usmt-scanstate-syntax.md) - +[Determine What to Migrate](usmt-determine-what-to-migrate.md)
+[ScanState Syntax](usmt-scanstate-syntax.md)
[LoadState Syntax](usmt-loadstate-syntax.md) From 1002dd91168b6e1437ce0dbf546178e9f7092856 Mon Sep 17 00:00:00 2001 From: Rebecca Agiewich Date: Tue, 11 Feb 2020 13:51:45 -0600 Subject: [PATCH 19/39] trying to fix header --- .../applocker/document-your-applocker-rules.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md index 47e8f33091..9f6e032b66 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules.md @@ -119,6 +119,7 @@ The following table details sample data for documenting rule type and rule condi
+ ## Next steps For each rule, determine whether to use the allow or deny option, and then complete the following tasks: From 3dc5a40388c7aaaf0443ef9286f6142631315b8d Mon Sep 17 00:00:00 2001 From: Greg Lindsay Date: Tue, 11 Feb 2020 12:30:36 -0800 Subject: [PATCH 20/39] added a link to below fold --- devices/surface/surface-dock-firmware-update.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index ca60fcfca8..ad38fb9081 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -23,7 +23,7 @@ Microsoft Surface Dock Firmware Update supersedes the earlier Microsoft Surface ## Monitor the Surface Dock Firmare Update -This section is optional and provides an overview of how to monitor installation of the firmware update. For more detailed information about monitoring the update process, see the following sections in this article: +This section is optional and provides an overview of how to monitor installation of the firmware update. When you are ready to install the update, see [Install the Surface Dock Firmware Update](#install-the-surface-dock-firmware-update) below. For more detailed information about monitoring the update process, see the following sections in this article: - [How to verify completion of firmware update](#how-to-verify-completion-of-the-firmware-update) - [Event logging](#event-logging) - [Troubleshooting tips](#troubleshooting-tips) From ba07af28aa50b0bf72c34431eee6d805c8406a74 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 11 Feb 2020 12:36:09 -0800 Subject: [PATCH 21/39] Added 20H1 ApplicationManagement policy setting --- .../policy-configuration-service-provider.md | 3 + .../mdm/policy-csp-applicationmanagement.md | 82 ++++++++++++++++++- 2 files changed, 84 insertions(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 9d72af8a49..6e8652ff9c 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -198,6 +198,9 @@ The following diagram shows the Policy configuration service provider in tree fo
ApplicationManagement/AllowSharedUserAppData
+
+ ApplicationManagement/BlockNonAdminUserInstall +
ApplicationManagement/DisableStoreOriginatedApps
diff --git a/windows/client-management/mdm/policy-csp-applicationmanagement.md b/windows/client-management/mdm/policy-csp-applicationmanagement.md index a7680a8600..4af540d934 100644 --- a/windows/client-management/mdm/policy-csp-applicationmanagement.md +++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md @@ -7,7 +7,7 @@ ms.prod: w10 ms.technology: windows author: manikadhiman ms.localizationpriority: medium -ms.date: 09/27/2019 +ms.date: 02/11/2020 ms.reviewer: manager: dansimp --- @@ -39,6 +39,9 @@ manager: dansimp
ApplicationManagement/AllowSharedUserAppData
+
+ ApplicationManagement/BlockNonAdminUserInstall +
ApplicationManagement/DisableStoreOriginatedApps
@@ -414,6 +417,83 @@ Most restricted value: 0
+ +**ApplicationManagement/BlockNonAdminUserInstall** + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Windows EditionSupported?
Homecross mark
Procross mark
Businesscheck mark7
Enterprisecheck mark7
Educationcheck mark7
+ + +
+ + +[Scope](./policy-configuration-service-provider.md#policy-scope): + +> [!div class = "checklist"] +> * Device + +
+ + + +Added in the next major release of Windows 10. + +Manages non-administrator users' ability to install Windows app packages. + +If you enable this policy, non-administrators will be unable to initiate installation of Windows app packages. Administrators who wish to install an app will need to do so from an Administrator context (for example, an Administrator PowerShell window). All users will still be able to install Windows app packages via the Microsoft Store, if permitted by other policies. + +If you disable or do not configure this policy, all users will be able to initiate installation of Windows app packages. + + + +ADMX Info: +- GP English name: *Prevent non-admin users from installing packaged Windows apps* +- GP name: *BlockNonAdminUserInstall* +- GP path: *Windows Components/App Package Deployment* +- GP ADMX file name: *AppxPackageManager.admx* + + + +The0 following list shows the supported values: +- 0 (default) - Disable. All users will be able to initiate installation of Windows app packages. +- 1 - Enable. Non-administrator users will not be able to initiate installation of Windows app packages. + + + + + + + + + +
+ **ApplicationManagement/DisableStoreOriginatedApps** From aec404ce7cdd1b94c15732bf02824359177f1991 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 11 Feb 2020 12:49:20 -0800 Subject: [PATCH 22/39] Minor updates --- .../mdm/policy-csp-applicationmanagement.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-applicationmanagement.md b/windows/client-management/mdm/policy-csp-applicationmanagement.md index 4af540d934..798bbae111 100644 --- a/windows/client-management/mdm/policy-csp-applicationmanagement.md +++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md @@ -480,9 +480,9 @@ ADMX Info: -The0 following list shows the supported values: -- 0 (default) - Disable. All users will be able to initiate installation of Windows app packages. -- 1 - Enable. Non-administrator users will not be able to initiate installation of Windows app packages. +The following list shows the supported values: +- 0 (default) - Disabled. All users will be able to initiate installation of Windows app packages. +- 1 - Enabled. Non-administrator users will not be able to initiate installation of Windows app packages. @@ -1112,6 +1112,7 @@ Footnotes: - 4 - Added in Windows 10, version 1803. - 5 - Added in Windows 10, version 1809. - 6 - Added in Windows 10, version 1903. +- 7 - Added in the next major release of Windows 10. From 055a1b0ff23b4beb734f68a87bcfb070ab7c711f Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 13:05:41 -0800 Subject: [PATCH 23/39] Update automated-investigations.md --- .../automated-investigations.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md index 96cf4bd271..346bd331f0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md +++ b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md @@ -19,6 +19,8 @@ ms.topic: conceptual # Overview of automated investigations +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bOeh] + Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) offers a wide breadth of visibility on multiple machines. With this kind of optics, the service generates a multitude of alerts. The volume of alerts generated can be challenging for a typical security operations team to individually address. To address this challenge, Microsoft Defender ATP uses automated investigation and remediation capabilities to significantly reduce the volume of alerts that must be investigated individually. The automated investigation feature leverages various inspection algorithms, and processes used by analysts (such as playbooks) to examine alerts and take immediate remediation action to resolve breaches. This significantly reduces alert volume, allowing security operations experts to focus on more sophisticated threats and other high value initiatives. The **Automated investigations** list shows all the investigations that were initiated automatically, and includes details, such as status, detection source, and when the investigation was initiated. @@ -26,10 +28,7 @@ The automated investigation feature leverages various inspection algorithms, and > [!TIP] > Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automated-investigations-abovefoldlink) - -## Understand the automated investigation flow - -### How the automated investigation starts +## How the automated investigation starts When an alert is triggered, a security playbook goes into effect. Depending on the security playbook, an automated investigation can start. For example, suppose a malicious file resides on a machine. When that file is detected, an alert is triggered. The automated investigation process begins. Microsoft Defender ATP checks to see if the malicious file is present on any other machines in the organization. Details from the investigation, including verdicts (Malicious, Suspicious, and Clean) are available during and after the automated investigation. @@ -40,7 +39,7 @@ When an alert is triggered, a security playbook goes into effect. Depending on t >- Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/help/4493464/windows-10-update-kb4493464)) or later >- Later versions of Windows 10 -### Details of an automated investigation +## Details of an automated investigation During and after an automated investigation, you can view details about the investigation. Selecting a triggering alert brings you to the investigation details view where you can pivot from the **Investigation graph**, **Alerts**, **Machines**, **Evidence**, **Entities**, and **Log** tabs. @@ -56,13 +55,13 @@ During and after an automated investigation, you can view details about the inve > [!IMPORTANT] > Go to the **Action center** to get an aggregated view all pending actions and manage remediation actions. The **Action center** also acts as an audit trail for all automated investigation actions. -### How an automated investigation expands its scope +## How an automated investigation expands its scope While an investigation is running, any other alerts generated from the machine are added to an ongoing automated investigation until that investigation is completed. In addition, if the same threat is seen on other machines, those machines are added to the investigation. If an incriminated entity is seen in another machine, the automated investigation process will expand its scope to include that machine, and a general security playbook will start on that machine. If 10 or more machines are found during this expansion process from the same entity, then that expansion action will require an approval and will be seen in the **Pending actions** view. -### How threats are remediated +## How threats are remediated Depending on how you set up the machine groups and their level of automation, the automated investigation will either require user approval (default) or automatically remediate threats. From 2aa3ea70033097ce4d1e186f85313b9e98f64fd6 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 13:07:35 -0800 Subject: [PATCH 24/39] Update TOC.md --- windows/security/threat-protection/TOC.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index e108eeae6b..570ed37a4e 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -76,7 +76,7 @@ ##### [Take response actions on a machine]() ###### [Response actions on machines](microsoft-defender-atp/respond-machine-alerts.md) ###### [Manage tags](microsoft-defender-atp/respond-machine-alerts.md#manage-tags) -###### [Initiate Automated investigation](microsoft-defender-atp/respond-machine-alerts.md#initiate-automated-investigation) +###### [Initiate an automated investigation](microsoft-defender-atp/respond-machine-alerts.md#initiate-automated-investigation) ###### [Initiate Live Response session](microsoft-defender-atp/respond-machine-alerts.md#initiate-live-response-session) ###### [Collect investigation package](microsoft-defender-atp/respond-machine-alerts.md#collect-investigation-package-from-machines) ###### [Run antivirus scan](microsoft-defender-atp/respond-machine-alerts.md#run-windows-defender-antivirus-scan-on-machines) @@ -105,8 +105,8 @@ ### [Automated investigation and remediation]() #### [Automated investigation and remediation overview](microsoft-defender-atp/automated-investigations.md) -#### [Learn about the automated investigation and remediation dashboard](microsoft-defender-atp/manage-auto-investigation.md) -##### [Manage actions related to automated investigation and remediation](microsoft-defender-atp/auto-investigation-action-center.md) +#### [Use the automated investigation and remediation dashboard](microsoft-defender-atp/manage-auto-investigation.md) +#### [Manage actions related to automated investigation and remediation](microsoft-defender-atp/auto-investigation-action-center.md) ### [Secure score](microsoft-defender-atp/overview-secure-score.md) ### [Threat analytics](microsoft-defender-atp/threat-analytics.md) From 406d01af12d0eb64049ed9335a7f4180873a7cc9 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 13:21:08 -0800 Subject: [PATCH 25/39] Update machine-groups.md --- .../threat-protection/microsoft-defender-atp/machine-groups.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md index 0c7105a289..de2ea5f99f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md @@ -53,7 +53,7 @@ As part of the process of creating a machine group, you'll: 2. Click **Add machine group**. -3. Enter the group name and automation settings and specify the matching rule that determines which machines belong to the group. For more information on automation levels, see [Understand the Automated investigation flow](automated-investigations.md#understand-the-automated-investigation-flow). +3. Enter the group name and automation settings and specify the matching rule that determines which machines belong to the group. See [How the automated investigation starts](automated-investigations.md#how-the-automated-investigation-starts). >[!TIP] >If you want to group machines by organizational unit, you can configure the registry key for the group affiliation. For more information on device tagging, see [Create and manage machine tags](machine-tags.md). From 25541dbc3b650c69d870b84608de469425339c92 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 11 Feb 2020 13:23:06 -0800 Subject: [PATCH 26/39] Update machine-groups.md --- .../threat-protection/microsoft-defender-atp/machine-groups.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md index de2ea5f99f..cd57c99e3a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md @@ -83,7 +83,6 @@ Machines that are not matched to any groups are added to Ungrouped machines (def ## Related topics -## Related topic - [Manage portal access using role-based based access control](rbac.md) - [Create and manage machine tags](machine-tags.md) - [Get list of tenant machine groups using Graph API](get-machinegroups-collection.md) From ebccc799633f05ac5d6754520200e632ed1c6d55 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 11 Feb 2020 13:59:43 -0800 Subject: [PATCH 27/39] Corrected mark up of a note so that it will render. --- devices/hololens/hololens-commercial-infrastructure.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index a99a851024..568bbe92e5 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -166,8 +166,8 @@ Directions for upgrading to the commercial suite can be found [here](https://doc 1. [Create a device profile for Kiosk mode](https://docs.microsoft.com/intune/configuration/kiosk-settings#create-the-profile) - >[!NOTE] - >You can configure different users to have different Kiosk Mode experiences by using “Azure AD” as the “User logon type”. However, this option is only available in Multi-App kiosk mode. Multi-App kiosk mode will work with only one app as well as multiple apps. +> [!NOTE] +> You can configure different users to have different Kiosk Mode experiences by using “Azure AD” as the “User logon type”. However, this option is only available in Multi-App kiosk mode. Multi-App kiosk mode will work with only one app as well as multiple apps. ![Image that shows Configuration of Kiosk Mode in Intune](images/aad-kioskmode.png) @@ -183,4 +183,4 @@ Certificates can be deployed via you MDM (see "certificates" in the [MDM Section ## Next (Optional) Step: [Configure HoloLens using a provisioning package](hololens-provisioning.md) -## Next Step: [Enroll your device](hololens-enroll-mdm.md) \ No newline at end of file +## Next Step: [Enroll your device](hololens-enroll-mdm.md) From 77d42e765ecb837edcc84443edaef1d915aaccd7 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 11 Feb 2020 14:07:33 -0800 Subject: [PATCH 28/39] Put space between 'span' and heading to fix lack of rendering of the title --- devices/hololens/hololens-provisioning.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md index 3cd9ed9707..7eefba6e17 100644 --- a/devices/hololens/hololens-provisioning.md +++ b/devices/hololens/hololens-provisioning.md @@ -137,6 +137,7 @@ After you're done, click **Create**. It only takes a few seconds. When the packa 10. When the build completes, click **Finish**. + ## Apply a provisioning package to HoloLens during setup 1. Connect the device via USB to a PC and start the device, but do not continue past the **Fit** page of OOBE (the first page with the blue box). @@ -191,4 +192,4 @@ In Windows Configuration Designer, when you create a provisioning package for Wi >[!NOTE] >App installation (**UniversalAppInstall**) using a provisioning package is not currently supported for HoloLens. -## Next Step: [Enroll your device](hololens-enroll-mdm.md) \ No newline at end of file +## Next Step: [Enroll your device](hololens-enroll-mdm.md) From fbd6ebccca8e121d031c63962d69e5d46221e9bd Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 14:58:17 -0800 Subject: [PATCH 29/39] Added video link --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 3da4badfe6..41e41d783f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -27,6 +27,8 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. +[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] + ## Next-generation capabilities Threat & Vulnerability Management is built-in, real-time, cloud-powered, fully integrated with Microsoft endpoint security stack, the Microsoft Intelligent Security Graph, and the application analytics knowledgebase. From 068720b138a79f6d3c525c8c21bee80b49bbe2aa Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:08:43 -0800 Subject: [PATCH 30/39] Added blog ref --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 41e41d783f..54b425ff8c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -77,3 +77,4 @@ Microsoft Defender ATP’s Threat & Vulnerability Management allows security adm - [Software APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/software) - [Machine APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine) - [Recommendation APIs](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/vulnerability) +- [BLOG: Microsoft’s Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time](https://www.microsoft.com/security/blog/2019/07/02/microsofts-threat-vulnerability-management-now-helps-thousands-of-customers-to-discover-prioritize-and-remediate-vulnerabilities-in-real-time/) From 1e6c939968d1a7b0997a50204144d6cdb8658e08 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:14:28 -0800 Subject: [PATCH 31/39] Update next-gen-threat-and-vuln-mgt.md --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 54b425ff8c..12272ac0e8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -27,6 +27,7 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. +Watch this video for a quick overview of Threat & Vulnerability Management. [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] ## Next-generation capabilities From ee87de19b0bd2c72205a3ee7c473c4cd810e032d Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:18:37 -0800 Subject: [PATCH 32/39] Added MDATP API video ref --- .../microsoft-defender-atp/management-apis.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md index f42404e0ac..e25d5e8634 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md +++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md @@ -54,6 +54,9 @@ The Microsoft Defender ATP APIs can be grouped into three: Microsoft Defender ATP offers a layered API model exposing data and capabilities in a structured, clear and easy to use model, exposed through a standard Azure AD-based authentication and authorization model allowing access in context of users or SaaS applications. The API model was designed to expose entities and capabilities in a consistent form. +Watch this video for a quick overview of Microsoft Defender ATP's APIs. +[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4d73M] + The **Investigation API** exposes the richness of Microsoft Defender ATP - exposing calculated or 'profiled' entities (for example, machine, user, and file) and discrete events (for example, process creation and file creation) which typically describes a behavior related to an entity, enabling access to data via investigation interfaces allowing a query-based access to data. For more information see, [Supported APIs](exposed-apis-list.md). The **Response API** exposes the ability to take actions in the service and on devices, enabling customers to ingest indicators, manage settings, alert status, as well as take response actions on devices programmatically such as isolate machines from the network, quarantine files, and others. From f87e7a9505b72ead1f10b5bcc72386f0b1b99a28 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:19:11 -0800 Subject: [PATCH 33/39] Update management-apis.md --- .../threat-protection/microsoft-defender-atp/management-apis.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md index e25d5e8634..2634614f1b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md +++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md @@ -55,7 +55,7 @@ The Microsoft Defender ATP APIs can be grouped into three: Microsoft Defender ATP offers a layered API model exposing data and capabilities in a structured, clear and easy to use model, exposed through a standard Azure AD-based authentication and authorization model allowing access in context of users or SaaS applications. The API model was designed to expose entities and capabilities in a consistent form. Watch this video for a quick overview of Microsoft Defender ATP's APIs. -[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4d73M] +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4d73M] The **Investigation API** exposes the richness of Microsoft Defender ATP - exposing calculated or 'profiled' entities (for example, machine, user, and file) and discrete events (for example, process creation and file creation) which typically describes a behavior related to an entity, enabling access to data via investigation interfaces allowing a query-based access to data. For more information see, [Supported APIs](exposed-apis-list.md). From f8b45a50cecf90a87865b6955d434e5e86937e0c Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:21:44 -0800 Subject: [PATCH 34/39] Added API video link --- .../threat-protection/microsoft-defender-atp/apis-intro.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md index 589b46db48..1c6f356099 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md +++ b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md @@ -26,6 +26,9 @@ ms.topic: conceptual Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will enable you to automate workflows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). +Watch this video for a quick overview of Microsoft Defender ATP's APIs. +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4d73M] + In general, you’ll need to take the following steps to use the APIs: - Create an AAD application - Get an access token using this application From e8284a4eec8dc60530252a3ac318b0f9616b3778 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 11 Feb 2020 15:22:00 -0800 Subject: [PATCH 35/39] Acrolinx: Corrected 3 spelling errors --- windows/client-management/mdm/dmclient-csp.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/dmclient-csp.md b/windows/client-management/mdm/dmclient-csp.md index d1203b326a..b4183451fc 100644 --- a/windows/client-management/mdm/dmclient-csp.md +++ b/windows/client-management/mdm/dmclient-csp.md @@ -132,7 +132,7 @@ Optional. The character string that allows the user experience to include a cust Supported operations are Get, Replace, and Delete. **Provider/*ProviderID*/RequireMessageSigning** -Boolean type. Primarly used for SSL bridging mode where firewalls and proxies are deployed and where device client identity is required. When enabled, every SyncML message from the device will carry an additional HTTP header named MDM-Signature. This header contains BASE64-encoded Cryptographic Message Syntax using a Detached Signature of the complete SyncML message SHA-2 (inclusive of the SyncHdr and SyncBody). Signing is performed using the private key of the management session certificate that was enrolled as part of the enrollment process. The device public key and PKCS9 UTC signing time stamp are included as part of the authenticated attributes in the signature. +Boolean type. Primarily used for SSL bridging mode where firewalls and proxies are deployed and where device client identity is required. When enabled, every SyncML message from the device will carry an additional HTTP header named MDM-Signature. This header contains BASE64-encoded Cryptographic Message Syntax using a Detached Signature of the complete SyncML message SHA-2 (inclusive of the SyncHdr and SyncBody). Signing is performed using the private key of the management session certificate that was enrolled as part of the enrollment process. The device public key and PKCS9 UTC signing time stamp are included as part of the authenticated attributes in the signature. Default value is false, where the device management client does not include authentication information in the management session HTTP header. Optionally set to true, where the client authentication information is provided in the management session HTTP header. @@ -255,7 +255,7 @@ Optional. Added in Windows 10, version 1703. Specify the Discovery server URL o Supported operations are Add, Delete, Get, and Replace. Value type is string. **Provider/*ProviderID*/NumberOfDaysAfterLostContactToUnenroll** -Optional. Number of days after last sucessful sync to unenroll. +Optional. Number of days after last successful sync to unenroll. Supported operations are Add, Delete, Get, and Replace. Value type is integer. @@ -552,7 +552,7 @@ Optional. Boolean value that allows the IT admin to require the device to start Supported operations are Add, Get, and Replace. **Provider/*ProviderID*/Push** -Optional. Not configurable during WAP Provisioining XML. If removed, DM sessions triggered by Push will no longer be supported. +Optional. Not configurable during WAP Provisioning XML. If removed, DM sessions triggered by Push will no longer be supported. Supported operations are Add and Delete. From 111a7fdb8ab9f6baaf5e1be95d48450e8930bf39 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:22:34 -0800 Subject: [PATCH 36/39] Update next-gen-threat-and-vuln-mgt.md --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 12272ac0e8..972fd91c1d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -28,7 +28,7 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. Watch this video for a quick overview of Threat & Vulnerability Management. -[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] +>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] ## Next-generation capabilities Threat & Vulnerability Management is built-in, real-time, cloud-powered, fully integrated with Microsoft endpoint security stack, the Microsoft Intelligent Security Graph, and the application analytics knowledgebase. From 81c6d7cd103a1c7fa8fa07ebdc1658da915e23dd Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 11 Feb 2020 15:23:34 -0800 Subject: [PATCH 37/39] Capitalized "azure" --- ...roll-a-windows-10-device-automatically-using-group-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md index ee0d0066a0..4ced3aefe8 100644 --- a/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md +++ b/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy.md @@ -66,7 +66,7 @@ The following steps demonstrate required settings using the Intune service: Additionally, verify that the SSO State section displays **AzureAdPrt** as **YES**. - ![Auto-enrollment azure AD prt verification](images/auto-enrollment-azureadprt-verification.png) + ![Auto-enrollment Azure AD prt verification](images/auto-enrollment-azureadprt-verification.png) This information can also be found on the Azure AD device list. From 2343f446ad755b56842cb614f8c1b64fe7feaab0 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:27:05 -0800 Subject: [PATCH 38/39] Update next-gen-threat-and-vuln-mgt.md --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 972fd91c1d..21237ae67a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -27,7 +27,8 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. -Watch this video for a quick overview of Threat & Vulnerability Management. +Watch this video for a quick overview of Threat & Vulnerability Management. +
>[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] ## Next-generation capabilities From 6299241f5f2a5023a5a5ed83ef41d3ba0903ca32 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 11 Feb 2020 15:27:40 -0800 Subject: [PATCH 39/39] Update next-gen-threat-and-vuln-mgt.md --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 21237ae67a..09dea1ee83 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -28,7 +28,7 @@ Effectively identifying, assessing, and remediating endpoint weaknesses is pivot It helps organizations discover vulnerabilities and misconfigurations in real-time, based on sensors, without the need of agents or periodic scans. It prioritizes vulnerabilities based on the threat landscape, detections in your organization, sensitive information on vulnerable devices, and business context. Watch this video for a quick overview of Threat & Vulnerability Management. -
+ >[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4mLsn] ## Next-generation capabilities