From dc8275fbb76c6f2e84901d1e860dd0cf8925cbf9 Mon Sep 17 00:00:00 2001 From: TimShererWithAquent Date: Wed, 19 Aug 2020 09:21:38 -0700 Subject: [PATCH 01/10] Edit descriptions for SEO. --- .../threat-protection/windows-firewall/encryption-zone-gpos.md | 2 +- .../windows-firewall/exempt-icmp-from-authentication.md | 2 +- .../threat-protection/windows-firewall/exemption-list.md | 2 +- .../threat-protection/windows-firewall/firewall-gpos.md | 2 +- .../windows-firewall/firewall-policy-design-example.md | 2 +- ...hering-information-about-your-active-directory-deployment.md | 2 +- .../gathering-information-about-your-devices.md | 2 +- .../windows-firewall/gathering-other-relevant-information.md | 2 +- .../windows-firewall/gathering-the-information-you-need.md | 2 +- .../threat-protection/windows-firewall/gpo-domiso-boundary.md | 2 +- .../threat-protection/windows-firewall/gpo-domiso-encryption.md | 2 +- .../threat-protection/windows-firewall/gpo-domiso-firewall.md | 2 +- .../threat-protection/windows-firewall/isolated-domain-gpos.md | 2 +- .../threat-protection/windows-firewall/isolated-domain.md | 2 +- .../windows-firewall/isolating-apps-on-your-network.md | 2 +- .../windows-firewall/link-the-gpo-to-the-domain.md | 2 +- ...ilters-to-apply-to-a-different-zone-or-version-of-windows.md | 2 +- ...e-group-policy-management-console-to-ip-security-policies.md | 2 +- .../open-windows-firewall-with-advanced-security.md | 2 +- .../planning-certificate-based-authentication.md | 2 +- 20 files changed, 20 insertions(+), 20 deletions(-) diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md b/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md index 1a2eab4b13..33338e8b52 100644 --- a/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md +++ b/windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md @@ -1,6 +1,6 @@ --- title: Encryption Zone GPOs (Windows 10) -description: Encryption Zone GPOs +description: Learn how to add a device to an encryption zone by adding the device account to the encryption zone group in Windows Defender Firewall with Advanced Security. ms.assetid: eeb973dd-83a5-4381-9af9-65c43c98c29b ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md b/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md index 4293f9cc59..5b87eef36e 100644 --- a/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md +++ b/windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md @@ -1,6 +1,6 @@ --- title: Exempt ICMP from Authentication (Windows 10) -description: Exempt ICMP from Authentication +description: Learn how to add exemptions for any network traffic that uses the ICMP protocol in Windows Defender Firewall with Advanced Security. ms.assetid: c086c715-8d0c-4eb5-9ea7-2f7635a55548 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/exemption-list.md b/windows/security/threat-protection/windows-firewall/exemption-list.md index f66bc68daa..eb4909a401 100644 --- a/windows/security/threat-protection/windows-firewall/exemption-list.md +++ b/windows/security/threat-protection/windows-firewall/exemption-list.md @@ -1,6 +1,6 @@ --- title: Exemption List (Windows 10) -description: Learn the ins and outs of exemption lists on a secured network using Windows 10. +description: Learn about reasons to add devices to an exemption list in Windows Defender Firewall with Advanced Security and the trade-offs of having too many exemptions. ms.assetid: a05e65b4-b48d-44b1-a7f1-3a8ea9c19ed8 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/firewall-gpos.md b/windows/security/threat-protection/windows-firewall/firewall-gpos.md index 1af381ba0e..e40d0eddc7 100644 --- a/windows/security/threat-protection/windows-firewall/firewall-gpos.md +++ b/windows/security/threat-protection/windows-firewall/firewall-gpos.md @@ -1,6 +1,6 @@ --- title: Firewall GPOs (Windows 10) -description: Firewall GPOs +description: In this example, a Group Policy Object is linked to the domain container because the domain controllers are not part of the isolated domain. ms.assetid: 720645fb-a01f-491e-8d05-c9c6d5e28033 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md b/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md index 5127569bc4..a1b8a21886 100644 --- a/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md @@ -1,6 +1,6 @@ --- title: Firewall Policy Design Example (Windows 10) -description: Firewall Policy Design Example +description: This example features a fictitious company and illustrates firewall policy design for Windows Defender Firewall with Advanced Security. ms.assetid: 0dc3bcfe-7a4d-4a15-93a9-64b13bd775a7 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md index cd4b6c6d78..56c50d121a 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md +++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md @@ -1,6 +1,6 @@ --- title: Gathering Information about Your Active Directory Deployment (Windows 10) -description: Gathering Information about Your Active Directory Deployment +description: Learn about gathering Active Directory information, including domain layout, organizational unit architecture, and site topology, for your firewall deployment. ms.assetid: b591b85b-12ac-4329-a47e-bc1b03e66eb0 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md index 2feb5a2fd1..0d8532e07e 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md +++ b/windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md @@ -1,6 +1,6 @@ --- title: Gathering Information about Your Devices (Windows 10) -description: Gathering Information about Your Devices +description: Learn what information to gather about the devices in your enterprise to plan your Windows Defender Firewall with Advanced Security deployment. ms.assetid: 7f7cd3b9-de8e-4fbf-89c6-3d1a47bc2beb ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md index 5d29784f77..44b471961b 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md +++ b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md @@ -1,6 +1,6 @@ --- title: Gathering Other Relevant Information (Windows 10) -description: Gathering Other Relevant Information +description: Learn about additional information you may need to gather to deploy Windows Defender Firewall with Advanced Security policies in your organization. ms.assetid: 87ccca07-4346-496b-876d-cdde57d0ce17 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md b/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md index 89fc8ac3c0..da4b632a34 100644 --- a/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md +++ b/windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md @@ -1,6 +1,6 @@ --- title: Gathering the Information You Need (Windows 10) -description: Gathering the Information You Need +description: Collect and analyze information about your network, directory services, and devices to prepare for Windows Defender Firewall with Advanced Security deployment. ms.assetid: 545fef02-5725-4b1e-b67a-a32d94c27d15 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md index 006015b36a..ca757eeba4 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md @@ -1,6 +1,6 @@ --- title: GPO\_DOMISO\_Boundary (Windows 10) -description: GPO\_DOMISO\_Boundary +description: This example GPO supports devices that are not part of the isolated domain to access specific servers that must be available to those untrusted devices. ms.assetid: ead3a510-c329-4c2a-9ad2-46a3b4975cfd ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md index e16a7ecc32..ee39cb7790 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md @@ -1,6 +1,6 @@ --- title: GPO\_DOMISO\_Encryption\_WS2008 (Windows 10) -description: GPO\_DOMISO\_Encryption\_WS2008 +description: This example GPO supports the ability for servers that contain sensitive data to require encryption for all connection requests. ms.assetid: 84375480-af6a-4c79-aafe-0a37115a7446 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md b/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md index e44b50dd82..3cba8b312c 100644 --- a/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md +++ b/windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md @@ -1,6 +1,6 @@ --- title: GPO\_DOMISO\_Firewall (Windows 10) -description: GPO\_DOMISO\_Firewall +description: Learn about the settings and rules in this example GPO, which is authored by using the Group Policy editing tools. ms.assetid: 318467d2-5698-4c5d-8000-7f56f5314c42 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md b/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md index 84999a6bd2..a07f984898 100644 --- a/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md +++ b/windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md @@ -1,6 +1,6 @@ --- title: Isolated Domain GPOs (Windows 10) -description: Isolated Domain GPOs +description: Learn about GPOs for isolated domains in this example configuration of Windows Defender Firewall with Advanced Security. ms.assetid: e254ce4a-18c6-4868-8179-4078d9de215f ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/isolated-domain.md b/windows/security/threat-protection/windows-firewall/isolated-domain.md index bb06dc1bff..90b121b86e 100644 --- a/windows/security/threat-protection/windows-firewall/isolated-domain.md +++ b/windows/security/threat-protection/windows-firewall/isolated-domain.md @@ -1,6 +1,6 @@ --- title: Isolated Domain (Windows 10) -description: Isolated Domain +description: Learn about the isolated domain, which is the primary zone for trusted devices, which use connection security and firewall rules to control communication. ms.assetid: d6fa8d67-0078-49f6-9bcc-db1f24816c5e ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md b/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md index 1a5d115e8a..169d59a2df 100644 --- a/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md +++ b/windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md @@ -1,6 +1,6 @@ --- title: Isolating Microsoft Store Apps on Your Network (Windows 10) -description: Isolating Microsoft Store Apps on Your Network +description: Learn how to customize your firewall configuration to isolate the network access of the new Microsoft Store apps that run on devices added to your network. ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library diff --git a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md b/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md index 3b40dbd662..9f710aa000 100644 --- a/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md +++ b/windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md @@ -1,6 +1,6 @@ --- title: Link the GPO to the Domain (Windows 10) -description: Link the GPO to the Domain +description: Learn how to link a GPO to the Active Directory container for the target devices, after you configure it in Windows Defender Firewall with Advanced Security. ms.assetid: 746d4553-b1a6-4954-9770-a948926b1165 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md index b055c8d636..9a78732eb3 100644 --- a/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md +++ b/windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md @@ -1,6 +1,6 @@ --- title: Modify GPO Filters (Windows 10) -description: Modify GPO Filters to Apply to a Different Zone or Version of Windows +description: Learn how to modify GPO filters to apply to a different zone or version of windows in Windows Defender Firewall with Advanced Security. ms.assetid: 24ede9ca-a501-4025-9020-1129e2cdde80 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md index e00e35ccff..63c6cbf6d2 100644 --- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md +++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md @@ -1,6 +1,6 @@ --- title: Open the Group Policy Management Console to IP Security Policies (Windows 10) -description: Open the Group Policy Management Console to IP Security Policies +description: Learn how to open the Group Policy Management Console to IP Security Policies to configure GPOs for earlier versions of the Windows operating system. ms.assetid: 235f73e4-37b7-40f4-a35e-3e7238bbef43 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md index cbf3fd9257..3d67c96d9d 100644 --- a/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md @@ -1,6 +1,6 @@ --- title: Open Windows Defender Firewall with Advanced Security (Windows 10) -description: Open Windows Defender Firewall with Advanced Security +description: Learn how to open the Windows Defender Firewall with Advanced Security console. You must be a member of the Administrators group. ms.assetid: 788faff2-0f50-4e43-91f2-3e2595c0b6a1 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md b/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md index 100858ecbe..b2b2a0467b 100644 --- a/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md +++ b/windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md @@ -1,6 +1,6 @@ --- title: Planning Certificate-based Authentication (Windows 10) -description: Planning Certificate-based Authentication +description: Learn how a device unable to join an Active Directory domain can still participate in an isolated domain by using certificate-based authentication. ms.assetid: a55344e6-d0df-4ad5-a6f5-67ccb6397dec ms.reviewer: ms.author: dansimp From f03a9ea6a198eeb8cc2ddc955d79459a3cc52044 Mon Sep 17 00:00:00 2001 From: TimShererWithAquent Date: Wed, 19 Aug 2020 13:01:34 -0700 Subject: [PATCH 02/10] Edit descriptions for SEO. --- .../windows-firewall/configure-the-windows-firewall-log.md | 2 +- ...igure-the-workstation-authentication-certificate-template.md | 2 +- .../confirm-that-certificates-are-deployed-correctly.md | 2 +- .../windows-firewall/copy-a-gpo-to-create-a-new-gpo.md | 2 +- .../create-a-group-account-in-active-directory.md | 2 +- .../windows-firewall/create-a-group-policy-object.md | 2 +- .../create-an-authentication-exemption-list-rule.md | 2 +- .../windows-firewall/create-an-inbound-icmp-rule.md | 2 +- .../windows-firewall/create-an-inbound-port-rule.md | 2 +- .../create-an-inbound-program-or-service-rule.md | 2 +- .../windows-firewall/create-an-outbound-port-rule.md | 2 +- .../windows-firewall/create-inbound-rules-to-support-rpc.md | 2 +- .../windows-firewall/create-windows-firewall-rules-in-intune.md | 2 +- .../windows-firewall/create-wmi-filters-for-the-gpo.md | 2 +- .../determining-the-trusted-state-of-your-devices.md | 2 +- .../threat-protection/windows-firewall/documenting-the-zones.md | 2 +- .../windows-firewall/domain-isolation-policy-design-example.md | 2 +- .../windows-firewall/domain-isolation-policy-design.md | 2 +- .../windows-firewall/enable-predefined-outbound-rules.md | 2 +- .../threat-protection/windows-firewall/encryption-zone.md | 2 +- 20 files changed, 20 insertions(+), 20 deletions(-) diff --git a/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md b/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md index 537198bd08..8cb54165e1 100644 --- a/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md +++ b/windows/security/threat-protection/windows-firewall/configure-the-windows-firewall-log.md @@ -1,6 +1,6 @@ --- title: Configure the Windows Defender Firewall Log (Windows 10) -description: Configure the Windows Defender Firewall Log +description: Learn how to configure Windows Defender Firewall with Advanced Security to log dropped packets or successful connections by using Group Policy Management MMC. ms.assetid: f037113d-506b-44d3-b9c0-0b79d03e7d18 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md b/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md index 61f12fe05d..927053f40c 100644 --- a/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md +++ b/windows/security/threat-protection/windows-firewall/configure-the-workstation-authentication-certificate-template.md @@ -1,6 +1,6 @@ --- title: Configure the Workstation Authentication Template (Windows 10) -description: Configure the Workstation Authentication Certificate Template +description: Learn how to configure a workstation authentication certificate template, which is used for device certificates that are enrolled and deployed to workstations. ms.assetid: c3ac9960-6efc-47c1-bd69-d9d4bf84f7a6 ms.reviewer: manager: dansimp diff --git a/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md b/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md index 566425e4b8..65704e92f5 100644 --- a/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md +++ b/windows/security/threat-protection/windows-firewall/confirm-that-certificates-are-deployed-correctly.md @@ -1,6 +1,6 @@ --- title: Confirm That Certificates Are Deployed Correctly (Windows 10) -description: Confirm That Certificates Are Deployed Correctly +description: Learn how to confirm that a Group Policy is being applied as expected and that the certificates are being properly installed on the workstations. ms.assetid: de0c8dfe-16b0-4d3b-8e8f-9282f6a65eee ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md b/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md index e9c8024043..51ecd3fcb2 100644 --- a/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md +++ b/windows/security/threat-protection/windows-firewall/copy-a-gpo-to-create-a-new-gpo.md @@ -1,6 +1,6 @@ --- title: Copy a GPO to Create a New GPO (Windows 10) -description: Copy a GPO to Create a New GPO +description: Learn how to make a copy of a GPO by using the Active Directory Users and devices MMC snap-in to create a GPO for boundary zone devices. ms.assetid: 7f6a23e5-4b3f-40d6-bf6d-7895558b1406 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md b/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md index 5e5b2b22d9..35f885a1ee 100644 --- a/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md +++ b/windows/security/threat-protection/windows-firewall/create-a-group-account-in-active-directory.md @@ -1,6 +1,6 @@ --- title: Create a Group Account in Active Directory (Windows 10) -description: Create a Group Account in Active Directory +description: Learn how to create a security group for the computers that are to receive Group Policy settings by using the Active Directory Users and Computers console. ms.assetid: c3700413-e02d-4d56-96b8-7991f97ae432 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md b/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md index b790f7d1ac..f003f3c604 100644 --- a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md +++ b/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md @@ -1,6 +1,6 @@ --- title: Create a Group Policy Object (Windows 10) -description: Create a Group Policy Object +description: Learn how to use the Active Directory Users and Computers MMC snap-in to create a GPO. You must be a member of the Domain Administrators group. ms.assetid: 72a50dd7-5033-4d97-a5eb-0aff8a35cced ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md b/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md index 2f97c1e3a7..bdcad85769 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-authentication-exemption-list-rule.md @@ -1,6 +1,6 @@ --- title: Create an Authentication Exemption List Rule (Windows 10) -description: Create an Authentication Exemption List Rule +description: Learn how to create rules that exempt devices that cannot communicate by using IPSec from the authentication requirements of your isolation policies. ms.assetid: 8f6493f3-8527-462a-82c0-fd91a6cb5dd8 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md index 2c0470e6c8..914c035aa9 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-icmp-rule.md @@ -1,6 +1,6 @@ --- title: Create an Inbound ICMP Rule (Windows 10) -description: Create an Inbound ICMP Rule +description: Learn how to allow inbound ICMP traffic by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security. ms.assetid: 267b940a-79d9-4322-b53b-81901e357344 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md index 2c3d3fccae..89db14ccae 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md @@ -1,6 +1,6 @@ --- title: Create an Inbound Port Rule (Windows 10) -description: Create an Inbound Port Rule +description: Learn to allow traffic on specific ports by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security. ms.assetid: a7b6c6ca-32fa-46a9-a5df-a4e43147da9f ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md index 401e8de3f6..c2d887fe0d 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md @@ -1,6 +1,6 @@ --- title: Create an Inbound Program or Service Rule (Windows 10) -description: Create an Inbound Program or Service Rule +description: Learn how to allow inbound traffic to a program or service by using the Group Policy Management MMC snap-in to create firewall rules. ms.assetid: 00b7fa60-7c64-4ba5-ba95-c542052834cf ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md b/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md index 19ced05694..db459ab562 100644 --- a/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md +++ b/windows/security/threat-protection/windows-firewall/create-an-outbound-port-rule.md @@ -1,6 +1,6 @@ --- title: Create an Outbound Port Rule (Windows 10) -description: Create an Outbound Port Rule +description: Learn to block outbound traffic on a port by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security. ms.assetid: 59062b91-756b-42ea-8f2a-832f05d77ddf ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md b/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md index 84b71ac1f8..e44f10923b 100644 --- a/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md +++ b/windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md @@ -1,6 +1,6 @@ --- title: Create Inbound Rules to Support RPC (Windows 10) -description: Create Inbound Rules to Support RPC +description: Learn how to allow RPC network traffic by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security. ms.assetid: 0b001c2c-12c1-4a30-bb99-0c034d7e6150 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md index e7201d21c3..9b88cddfe3 100644 --- a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md +++ b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md @@ -1,6 +1,6 @@ --- title: Create Windows Firewall rules in Intune (Windows 10) -description: Explains how to create Windows Firewall rules in Intune +description: Learn how to use Intune to create rules in Windows Defender Firewall with Advanced Security. Start by creating a profile in Device Configuration in Intune. ms.assetid: 47057d90-b053-48a3-b881-4f2458d3e431 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md index 57292a294e..ebcd8943b9 100644 --- a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md +++ b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md @@ -1,6 +1,6 @@ --- title: Create WMI Filters for the GPO (Windows 10) -description: Create WMI Filters for the GPO +description: Learn how to use WMI filters on a GPO to make sure that each GPO for a group can only be applied to devices running the correct version of Windows. ms.assetid: b1a6d93d-a3c8-4e61-a388-4a3323f0e74e ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md b/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md index d7bed686fa..b4f3c5a658 100644 --- a/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md +++ b/windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md @@ -1,6 +1,6 @@ --- title: Determining the Trusted State of Your Devices (Windows 10) -description: Determining the Trusted State of Your Devices +description: Learn how to define the trusted state of devices in your enterprise to help design your strategy for using Windows Defender Firewall with Advanced Security. ms.assetid: 3e77f0d0-43aa-47dd-8518-41ccdab2f2b2 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md b/windows/security/threat-protection/windows-firewall/documenting-the-zones.md index 0fa1893aa6..6ed3a0bf2a 100644 --- a/windows/security/threat-protection/windows-firewall/documenting-the-zones.md +++ b/windows/security/threat-protection/windows-firewall/documenting-the-zones.md @@ -1,6 +1,6 @@ --- title: Documenting the Zones (Windows 10) -description: Documenting the Zones +description: Learn how to document the zone placement of devices in your design for Windows Defender Firewall with Advanced Security. ms.assetid: ebd7a650-4d36-42d4-aac0-428617f5a32d ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md index d0e345f2c5..bdc9a665db 100644 --- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md @@ -1,6 +1,6 @@ --- title: Domain Isolation Policy Design Example (Windows 10) -description: Domain Isolation Policy Design Example +description: This example uses a fictitious company to illustrate domain isolation policy design in Windows Defender Firewall with Advanced Security. ms.assetid: 704dcf58-286f-41aa-80af-c81720aa7fc5 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md index 948932fb53..c5bc30fb21 100644 --- a/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md @@ -1,6 +1,6 @@ --- title: Domain Isolation Policy Design (Windows 10) -description: Domain Isolation Policy Design +description: Learn how to design a domain isolation policy, based on which devices accept only connections from authenticated members of the same isolated domain. ms.assetid: 7475084e-f231-473a-9357-5e1d39861d66 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md b/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md index 17c9f0d4ee..92491a2ab8 100644 --- a/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md +++ b/windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md @@ -1,6 +1,6 @@ --- title: Enable Predefined Outbound Rules (Windows 10) -description: Enable Predefined Outbound Rules +description: Learn to deploy predefined firewall rules that block outbound network traffic for common network functions in Windows Defender Firewall with Advanced Security. ms.assetid: 71cc4157-a1ed-41d9-91e4-b3140c67c1be ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/encryption-zone.md b/windows/security/threat-protection/windows-firewall/encryption-zone.md index ced058672b..097cbdf870 100644 --- a/windows/security/threat-protection/windows-firewall/encryption-zone.md +++ b/windows/security/threat-protection/windows-firewall/encryption-zone.md @@ -1,6 +1,6 @@ --- title: Encryption Zone (Windows 10) -description: Encryption Zone +description: Learn how to create an encryption zone to contain devices that host very sensitive data and require that the sensitive network traffic be encrypted. ms.assetid: 55a025ce-357f-4d1b-b2ae-6ee32c9abe13 ms.reviewer: ms.author: dansimp From 180c6bdd75a88e4e2292114c13672ab001952173 Mon Sep 17 00:00:00 2001 From: TimShererWithAquent Date: Wed, 19 Aug 2020 14:55:21 -0700 Subject: [PATCH 03/10] Edit descriptions for SEO. --- .../add-test-devices-to-the-membership-group-for-a-zone.md | 2 +- .../assign-security-group-filters-to-the-gpo.md | 2 +- .../threat-protection/windows-firewall/boundary-zone-gpos.md | 2 +- .../threat-protection/windows-firewall/boundary-zone.md | 2 +- .../certificate-based-isolation-policy-design-example.md | 2 +- .../checklist-configuring-rules-for-an-isolated-server-zone.md | 2 +- .../checklist-configuring-rules-for-the-boundary-zone.md | 2 +- .../checklist-configuring-rules-for-the-encryption-zone.md | 2 +- .../checklist-configuring-rules-for-the-isolated-domain.md | 2 +- .../windows-firewall/checklist-creating-group-policy-objects.md | 2 +- .../checklist-creating-inbound-firewall-rules.md | 2 +- .../checklist-creating-outbound-firewall-rules.md | 2 +- ...-implementing-a-certificate-based-isolation-policy-design.md | 2 +- .../checklist-implementing-a-domain-isolation-policy-design.md | 2 +- ...-implementing-a-standalone-server-isolation-policy-design.md | 2 +- .../windows-firewall/configure-authentication-methods.md | 2 +- .../configure-data-protection-quick-mode-settings.md | 2 +- ...figure-group-policy-to-autoenroll-and-deploy-certificates.md | 2 +- .../configure-key-exchange-main-mode-settings.md | 2 +- .../configure-the-rules-to-require-encryption.md | 2 +- 20 files changed, 20 insertions(+), 20 deletions(-) diff --git a/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md b/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md index c79ea27f4e..6bfc87a6c3 100644 --- a/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md +++ b/windows/security/threat-protection/windows-firewall/add-test-devices-to-the-membership-group-for-a-zone.md @@ -1,6 +1,6 @@ --- title: Add Test Devices to the Membership Group for a Zone (Windows 10) -description: Add Test Devices to the Membership Group for a Zone +description: Learn how to add devices to the group for a zone to test whether your Windows Defender Firewall with Advanced Security implementation works as expected. ms.assetid: 47057d90-b053-48a3-b881-4f2458d3e431 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md b/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md index b41fba1e87..663f7ba800 100644 --- a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md +++ b/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md @@ -1,6 +1,6 @@ --- title: Assign Security Group Filters to the GPO (Windows 10) -description: Assign Security Group Filters to the GPO +description: Learn how to use Group Policy Management MMC to assign security group filters to a GPO to make sure that the GPO is applied to the correct computers. ms.assetid: bcbe3299-8d87-4ec1-9e86-8e4a680fd7c8 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md b/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md index 0b313e0d05..81e8194d88 100644 --- a/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md +++ b/windows/security/threat-protection/windows-firewall/boundary-zone-gpos.md @@ -1,6 +1,6 @@ --- title: Boundary Zone GPOs (Windows 10) -description: Boundary Zone GPOs +description: Learn about GPOs to create that must align with the group you create for the boundary zone in Windows Defender Firewall with Advanced Security. ms.assetid: 1ae66088-02c3-47e4-b7e8-74d0b8f8646e ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/boundary-zone.md b/windows/security/threat-protection/windows-firewall/boundary-zone.md index 05d8ac588f..849fd51e8b 100644 --- a/windows/security/threat-protection/windows-firewall/boundary-zone.md +++ b/windows/security/threat-protection/windows-firewall/boundary-zone.md @@ -1,6 +1,6 @@ --- title: Boundary Zone (Windows 10) -description: Boundary Zone +description: Learn how a boundary zone supports devices that must receive traffic from beyond an isolated domain in Windows Defender Firewall with Advanced Security. ms.assetid: ed98b680-fd24-44bd-a7dd-26c522e45a20 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md index efa67c42bc..45b1bdfe0f 100644 --- a/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md +++ b/windows/security/threat-protection/windows-firewall/certificate-based-isolation-policy-design-example.md @@ -1,6 +1,6 @@ --- title: Certificate-based Isolation Policy Design Example (Windows 10) -description: Certificate-based Isolation Policy Design Example +description: This example uses a fictitious company to illustrate certificate-based isolation policy design in Windows Defender Firewall with Advanced Security. ms.assetid: 509b513e-dd49-4234-99f9-636fd2f749e3 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md index 2163ee0015..9bc976625b 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-an-isolated-server-zone.md @@ -1,6 +1,6 @@ --- title: Checklist Configuring Rules for an Isolated Server Zone (Windows 10) -description: Checklist Configuring Rules for an Isolated Server Zone +description: Use these tasks to configure connection security rules and IPsec settings in GPOs for servers in an isolated server zone that are part of an isolated domain. ms.assetid: 67c50a91-e71e-4f1e-a534-dad2582e311c ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md index 8d8d97e772..4a8272c0a4 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-boundary-zone.md @@ -1,6 +1,6 @@ --- title: Checklist Configuring Rules for the Boundary Zone (Windows 10) -description: Checklist Configuring Rules for the Boundary Zone +description: Use these tasks to configure connection security rules and IPsec settings in your GPOs to implement the boundary zone in an isolated domain. ms.assetid: 25fe0197-de5a-4b4c-bc44-c6f0620ea94b ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md index 5c265b66ef..b9406909c6 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-encryption-zone.md @@ -1,6 +1,6 @@ --- title: Checklist Configuring Rules for the Encryption Zone (Windows 10) -description: Checklist Configuring Rules for the Encryption Zone +description: Use these tasks to configure connection security rules and IPsec settings in your GPOs to implement the encryption zone in an isolated domain. ms.assetid: 87b1787b-0c70-47a4-ae52-700bff505ea4 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md index 260980b98d..dce673dded 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md +++ b/windows/security/threat-protection/windows-firewall/checklist-configuring-rules-for-the-isolated-domain.md @@ -1,6 +1,6 @@ --- title: Checklist Configuring Rules for the Isolated Domain (Windows 10) -description: Checklist Configuring Rules for the Isolated Domain +description: Use these tasks to configure connection security rules and IPsec settings in your GPOs to implement the main zone in the isolated domain. ms.assetid: bfd2d29e-4011-40ec-a52e-a67d4af9748e ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md b/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md index 151e5017f4..4bea4169a2 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-group-policy-objects.md @@ -1,6 +1,6 @@ --- title: Checklist Creating Group Policy Objects (Windows 10) -description: Checklist Creating Group Policy Objects +description: Learn to deploy firewall settings, IPsec settings, firewall rules, or connection security rules, by using Group Policy in AD DS. ms.assetid: e99bd6a4-34a7-47b5-9791-ae819977a559 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md b/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md index 9c392608a3..4b04bec98e 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-inbound-firewall-rules.md @@ -1,6 +1,6 @@ --- title: Checklist Creating Inbound Firewall Rules (Windows 10) -description: Checklist Creating Inbound Firewall Rules +description: Use these tasks for creating inbound firewall rules in your GPOs for Windows Defender Firewall with Advanced Security. ms.assetid: 0520e14e-5c82-48da-8fbf-87cef36ce02f ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md b/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md index 10f025a062..4b03a9a468 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md +++ b/windows/security/threat-protection/windows-firewall/checklist-creating-outbound-firewall-rules.md @@ -1,6 +1,6 @@ --- title: Checklist Creating Outbound Firewall Rules (Windows 10) -description: Checklist Creating Outbound Firewall Rules +description: Use these tasks for creating outbound firewall rules in your GPOs for Windows Defender Firewall with Advanced Security. ms.assetid: 611bb98f-4e97-411f-82bf-7a844a4130de ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md index 4d6b02ef58..35fab2f320 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-certificate-based-isolation-policy-design.md @@ -1,6 +1,6 @@ --- title: Checklist Implementing a Certificate-based Isolation Policy Design (Windows 10) -description: Checklist Implementing a Certificate-based Isolation Policy Design +description: Use these references to learn about using certificates as an authentication option and configure a certificate-based isolation policy design. ms.assetid: 1e34b5ea-2e77-4598-a765-550418d33894 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md index 139618cb53..ec0b5c55dc 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-domain-isolation-policy-design.md @@ -1,6 +1,6 @@ --- title: Checklist Implementing a Domain Isolation Policy Design (Windows 10) -description: Checklist Implementing a Domain Isolation Policy Design +description: Use these references to learn about the domain isolation policy design and links to other checklists to complete tasks require to implement this design. ms.assetid: 76586eb3-c13c-4d71-812f-76bff200fc20 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md index 05aad0007e..35df1a0c05 100644 --- a/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md +++ b/windows/security/threat-protection/windows-firewall/checklist-implementing-a-standalone-server-isolation-policy-design.md @@ -1,6 +1,6 @@ --- title: Checklist Implementing a Standalone Server Isolation Policy Design (Windows 10) -description: Checklist Implementing a Standalone Server Isolation Policy Design +description: Use these tasks to create a server isolation policy design that is not part of an isolated domain. See references to concepts and links to other checklists. ms.assetid: 50a997d8-f079-408c-8ac6-ecd02078ade3 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md b/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md index 1537a9a193..547685f707 100644 --- a/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md +++ b/windows/security/threat-protection/windows-firewall/configure-authentication-methods.md @@ -1,6 +1,6 @@ --- title: Configure Authentication Methods (Windows 10) -description: Configure Authentication Methods +description: Learn how to configure authentication methods for devices in an isolated domain or standalone server zone in Windows Defender Firewall with Advanced Security. ms.assetid: 5fcdc523-617f-4233-9213-15fe19f4cd02 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md b/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md index 70452597e6..886c851257 100644 --- a/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md +++ b/windows/security/threat-protection/windows-firewall/configure-data-protection-quick-mode-settings.md @@ -1,6 +1,6 @@ --- title: Configure Data Protection (Quick Mode) Settings (Windows 10) -description: Configure Data Protection (Quick Mode) Settings +description: Learn how to configure the data protection settings for connection security rules in an isolated domain or a standalone isolated server zone. ms.assetid: fdcb1b36-e267-4be7-b842-5df9a067c9e0 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md b/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md index c16f30452b..c619cda63c 100644 --- a/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md +++ b/windows/security/threat-protection/windows-firewall/configure-group-policy-to-autoenroll-and-deploy-certificates.md @@ -1,6 +1,6 @@ --- title: Configure Group Policy to Autoenroll and Deploy Certificates (Windows 10) -description: Configure Group Policy to Autoenroll and Deploy Certificates +description: Learn how to configure Group Policy to automatically enroll client computer certificates and deploy them to the workstations on your network. ms.assetid: faeb62b5-2cc3-42f7-bee5-53ba45d05c09 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md b/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md index b8743e2e69..f1a44144b3 100644 --- a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md +++ b/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md @@ -1,6 +1,6 @@ --- title: Configure Key Exchange (Main Mode) Settings (Windows 10) -description: Configure Key Exchange (Main Mode) Settings +description:Learn how to configure the main mode key exchange settings used to secure the IPsec authentication traffic in Windows Defender Firewall with Advanced Security. ms.assetid: 5c593b6b-2cd9-43de-9b4e-95943fe82f52 ms.reviewer: ms.author: dansimp diff --git a/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md b/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md index 7fde7baa03..ca7c77dfd2 100644 --- a/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md +++ b/windows/security/threat-protection/windows-firewall/configure-the-rules-to-require-encryption.md @@ -1,6 +1,6 @@ --- title: Configure the Rules to Require Encryption (Windows 10) -description: Configure the Rules to Require Encryption +description: Learn how to configure rules to add encryption algorithms and delete the algorithm combinations that do not use encryption for zones that require encryption. ms.assetid: 07b7760f-3225-4b4b-b418-51787b0972a0 ms.reviewer: ms.author: dansimp From 5d7eadfcb6a3937a88a67a6fb4fd913d40ab9305 Mon Sep 17 00:00:00 2001 From: TimShererWithAquent Date: Thu, 20 Aug 2020 09:38:34 -0700 Subject: [PATCH 04/10] Fix typo. --- .../configure-key-exchange-main-mode-settings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md b/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md index f1a44144b3..7666bdc174 100644 --- a/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md +++ b/windows/security/threat-protection/windows-firewall/configure-key-exchange-main-mode-settings.md @@ -1,6 +1,6 @@ --- title: Configure Key Exchange (Main Mode) Settings (Windows 10) -description:Learn how to configure the main mode key exchange settings used to secure the IPsec authentication traffic in Windows Defender Firewall with Advanced Security. +description: Learn how to configure the main mode key exchange settings used to secure the IPsec authentication traffic in Windows Defender Firewall with Advanced Security. ms.assetid: 5c593b6b-2cd9-43de-9b4e-95943fe82f52 ms.reviewer: ms.author: dansimp From b4794ca1649de705244237e869e57244944db1cd Mon Sep 17 00:00:00 2001 From: ashwin-84 <54099665+ashwin-84@users.noreply.github.com> Date: Mon, 24 Aug 2020 11:05:43 +0530 Subject: [PATCH 05/10] Update microsoft-defender-atp-android.md Added explicit call out for AE support --- .../microsoft-defender-atp/microsoft-defender-atp-android.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md index 12f56bc412..865a9fc914 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md @@ -79,6 +79,7 @@ This topic describes how to install, configure, update, and use Microsoft Defend Microsoft Defender ATP for Android supports installation on both modes of enrolled devices - the legacy Device Administrator and Android Enterprise modes +**Currently, only Work Profile enrolled devices are supported in Android Enterprise. Support for other Android Enterprise modes will be announced when ready** Deployment of Microsoft Defender ATP for Android is via Microsoft Intune (MDM). For more information, see [Deploy Microsoft Defender ATP for Android with Microsoft Intune](android-intune.md). From 7e2ddb5a147fe457590326efaa445d76903a8c46 Mon Sep 17 00:00:00 2001 From: ashwin-84 <54099665+ashwin-84@users.noreply.github.com> Date: Mon, 24 Aug 2020 14:38:51 +0530 Subject: [PATCH 06/10] Update microsoft-defender-atp-android.md Added link for Defender ATP licensing requirements --- .../microsoft-defender-atp/microsoft-defender-atp-android.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md index 12f56bc412..d92b80f02c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md @@ -42,7 +42,7 @@ This topic describes how to install, configure, update, and use Microsoft Defend - **For end users** - - Microsoft Defender ATP license assigned to the end user(s) of the app. + - Microsoft Defender ATP license assigned to the end user(s) of the app. See [Microsoft Defender ATP licensing requirements](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements#licensing-requirements) - Intune Company Portal app can be downloaded from [Google Play](https://play.google.com/store/apps/details?id=com.microsoft.windowsintune.companyportal) From ab85a962901ad7f9b2b5307834b787ea4bc79d62 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Mon, 24 Aug 2020 07:33:49 -0700 Subject: [PATCH 07/10] Update microsoft-defender-atp-android.md --- .../microsoft-defender-atp/microsoft-defender-atp-android.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md index 865a9fc914..03e207ec3f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md @@ -78,8 +78,8 @@ This topic describes how to install, configure, update, and use Microsoft Defend ### Installation instructions Microsoft Defender ATP for Android supports installation on both modes of -enrolled devices - the legacy Device Administrator and Android Enterprise modes -**Currently, only Work Profile enrolled devices are supported in Android Enterprise. Support for other Android Enterprise modes will be announced when ready** +enrolled devices - the legacy Device Administrator and Android Enterprise modes. +**Currently, only Work Profile enrolled devices are supported in Android Enterprise. Support for other Android Enterprise modes will be announced when ready.** Deployment of Microsoft Defender ATP for Android is via Microsoft Intune (MDM). For more information, see [Deploy Microsoft Defender ATP for Android with Microsoft Intune](android-intune.md). From 056b46cd4daa9513ebf52945eeb3b0e5216eecc4 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Mon, 24 Aug 2020 09:27:57 -0700 Subject: [PATCH 08/10] Release notes for 101.06.63 --- .../threat-protection/microsoft-defender-atp/mac-whatsnew.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index a76ef78405..b236965be2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -38,6 +38,10 @@ ms.topic: conceptual > 2. Refer to this documentation for detailed configuration information and instructions: [New configuration profiles for macOS Catalina and newer versions of macOS](mac-sysext-policies.md). > 3. Monitor this page for an announcement of the actual release of MDATP for Mac agent update. +## 101.06.63 + +- Addressed a performance regression introduced in version `101.05.17`. The regression was introduced with the fix to eliminate the kernel panics some customers have observed when accessing SMB shares. We have reverted this code change and are investigating alternative ways to eliminate the kernel panics. + ## 101.05.17 > [!IMPORTANT] From ce090e589835db58822a9957be72eb57f7ffb5d0 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 24 Aug 2020 10:13:23 -0700 Subject: [PATCH 09/10] Update configure-block-at-first-sight-microsoft-defender-antivirus.md --- ...nfigure-block-at-first-sight-microsoft-defender-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md index 8a479654ed..b8c8cbff79 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md @@ -6,7 +6,7 @@ search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: manage ms.sitesec: library -ms.localizationpriority: medium +ms.localizationpriority: high author: denisebmsft ms.author: deniseb ms.reviewer: From f49d6e5b4b43c305fba7765d1d26dfd3220b90a0 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 24 Aug 2020 10:20:38 -0700 Subject: [PATCH 10/10] Update configure-block-at-first-sight-microsoft-defender-antivirus.md --- ...irst-sight-microsoft-defender-antivirus.md | 34 +++++++++---------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md index b8c8cbff79..88892bd4a0 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md @@ -1,6 +1,6 @@ --- title: Enable Block at First Sight to detect malware in seconds -description: Enable the Block at First sight feature to detect and block malware within seconds, and validate that it is configured correctly. +description: Turn on the block at first sight feature to detect and block malware within seconds, and validate that it is configured correctly. keywords: scan, BAFS, malware, first seen, first sight, cloud, defender search.product: eADQiWindows 10XVcnh ms.prod: w10 @@ -14,7 +14,7 @@ manager: dansimp ms.custom: nextgen --- -# Enable block at first sight +# Turn on block at first sight **Applies to:** @@ -29,9 +29,9 @@ You can [specify how long the file should be prevented from running](configure-c ## How it works -When Microsoft Defender Antivirus encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend applies heuristics, machine learning, and automated analysis of the file to determine whether the files are malicious or clean. +When Microsoft Defender Antivirus encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend applies heuristics, machine learning, and automated analysis of the file to determine whether the files are malicious or not a threat. -Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/). +Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. To learn more, see this blog: [Get to know the advanced technologies at the core of Microsoft Defender ATP next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/). ![List of Microsoft Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png) In Windows 10, version 1803, block at first sight can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files. @@ -42,11 +42,11 @@ If the cloud backend is unable to make a determination, Microsoft Defender Antiv In many cases, this process can reduce the response time for new malware from hours to seconds. -## Confirm and validate that block at first sight is enabled +## Confirm and validate that block at first sight is turned on Block at first sight requires a number of settings to be configured correctly or it will not work. These settings are enabled by default in most enterprise Microsoft Defender Antivirus deployments. -### Confirm block at first sight is enabled with Intune +### Confirm block at first sight is turned on with Intune 1. In Intune, navigate to **Device configuration - Profiles** > *Profile name* > **Device restrictions** > **Microsoft Defender Antivirus**. @@ -69,7 +69,7 @@ For more information about configuring Microsoft Defender Antivirus device restr For a list of Microsoft Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](https://docs.microsoft.com/intune/device-restrictions-windows-10#microsoft-defender-antivirus). -### Enable block at first sight with Microsoft Endpoint Configuration Manager +### Turn on block at first sight with Microsoft Endpoint Configuration Manager 1. In Microsoft Endpoint Configuration Manager, click **Assets and Compliance** > **Endpoint Protection** > **AntiMalware Policies**. @@ -91,8 +91,7 @@ For a list of Microsoft Defender Antivirus device restrictions in Intune, see [D 7. Click **OK** to create the policy. - -### Confirm block at first sight is enabled with Group Policy +### Confirm block at first sight is turned on with Group Policy 1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**. @@ -113,19 +112,19 @@ For a list of Microsoft Defender Antivirus device restrictions in Intune, see [D 2. Double-click **Turn off real-time protection** and ensure the option is set to **Disabled**, and then click **OK**. -If you had to change any of the settings, you should re-deploy the Group Policy Object across your network to ensure all endpoints are covered. +If you had to change any of the settings, you should redeploy the Group Policy Object across your network to ensure all endpoints are covered. -### Confirm block at first sight is enabled with Registry editor +### Confirm block at first sight is turned on with Registry editor 1. Start Registry Editor. -2. Go to **HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Spynet**, and make sure that +2. Go to `HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Spynet`, and make sure that 1. **SpynetReporting** key is set to **1** 2. **SubmitSamplesConsent** key is set to either **1** (Send safe samples) or **3** (Send all samples) -3. Go to **HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Real-Time Protection**, and make sure that +3. Go to `HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Real-Time Protection`, and make sure that 1. **DisableIOAVProtection** key is set to **0** @@ -152,14 +151,14 @@ Block at first sight is automatically enabled as long as **Cloud-delivered prote You can validate that the feature is working by following the steps outlined in [Validate connections between your network and the cloud](configure-network-connections-microsoft-defender-antivirus.md#validate-connections-between-your-network-and-the-cloud). -## Disable block at first sight +## Turn off block at first sight > [!WARNING] -> Disabling block at first sight will lower the protection state of the endpoint and your network. +> Turning off block at first sight will lower the protection state of the endpoint and your network. You may choose to disable block at first sight if you want to retain the prerequisite settings without using block at first sight protection. You might wish to do this if you are experiencing latency issues or you want to test the feature's impact on your network. -### Disable block at first sight with Group Policy +### Turn off block at first sight with Group Policy 1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure, and then click **Edit**. @@ -172,7 +171,8 @@ You may choose to disable block at first sight if you want to retain the prerequ > [!NOTE] > Disabling block at first sight will not disable or alter the prerequisite group policies. -## Related topics +## See also - [Microsoft Defender Antivirus in Windows 10](microsoft-defender-antivirus-in-windows-10.md) + - [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md)