update toc, prerelease, meta

windows/security/threat-protection/TOC.md

@@ -254,7 +254,7 @@
 ##### [Set preferences](microsoft-defender-atp/mac-preferences.md)
 ##### [Detect and block Potentially Unwanted Applications](microsoft-defender-atp/mac-pua.md)
 ##### [Device control]()
-###### [Overview](microsoft-defender-atp/mac-device-control-overview.md)
+###### [Device control overview](microsoft-defender-atp/mac-device-control-overview.md)
 ###### [JAMF examples](microsoft-defender-atp/mac-device-control-jamf.md)
 ###### [Intune examples](microsoft-defender-atp/mac-device-control-intune.md)
 ##### [Schedule scans](microsoft-defender-atp/mac-schedule-scan-atp.md)

windows/security/threat-protection/microsoft-defender-atp/mac-device-control-intune.md

@@ -1,6 +1,6 @@
 ---
 title: Examples of device control policies for Intune
-description: This document contains examples of device control policies that can be used with Intune.
+description: Learn how to use device control policies using examples that can be used with Intune.
 keywords: microsoft, defender, atp, mac, device, control, usb, removable, media, intune
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -30,10 +30,7 @@ ms.technology: mde
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
-> [!IMPORTANT]
+[!include[Prerelease information](../../includes/prerelease.md)]
-> **Device control for macOS is currently in public preview**<br>
-> This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
-> For more information, see [Microsoft Defender for Endpoint preview features](preview.md).
 
 This document contains examples of device control policies that you can customize for your own organization. These examples are applicable if you are using Intune to manage devices in your enterprise.
 

windows/security/threat-protection/microsoft-defender-atp/mac-device-control-jamf.md

@@ -1,7 +1,7 @@
 ---
 title: Examples of device control policies for JAMF
-description: This document contains examples of device control policies that can be used with JAMF.
+description: Learn how to use device control policies using examples that can be used with JAMF.
-keywords: microsoft, defender, atp, mac, device, control, usb, removable, media, jamf
+keywords: microsoft, defender, endpoint, atp, mac, device, control, usb, removable, media, jamf
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -30,16 +30,13 @@ ms.technology: mde
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
-> [!IMPORTANT]
+[!include[Prerelease information](../../includes/prerelease.md)]
-> **Device control for macOS is currently in public preview**<br>
-> This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
-> For more information, see [Microsoft Defender for Endpoint preview features](preview.md).
 
 This document contains examples of device control policies that you can customize for your own organization. These examples are applicable if you are using JAMF to manage devices in your enterprise.
 
 ## Restrict access to all removable media
 
-The following example restricts access to all removable media. Note the `none` permission that is applied at the top level of the policy, meaning that all file operations will be disallowed.
+The following example restricts access to all removable media. Note the `none` permission that is applied at the top level of the policy, meaning that all file operations will be prohibited.
 
 ```xml
 <?xml version="1.0" encoding="UTF-8"?> 

windows/security/threat-protection/microsoft-defender-atp/mac-device-control-overview.md

@@ -1,6 +1,6 @@
 ---
-title: How to control USB devices and other removable media on macOS
+title: Device control for macOS
-description: You can configure Microsoft Defender for Endpoint for Mac to reduce threats from removable storage such as USB devices.
+description: Learn how to configure Microsoft Defender for Endpoint for Mac to reduce threats from removable storage such as USB devices.
 keywords: microsoft, defender, atp, mac, device, control, usb, removable, media
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -30,10 +30,7 @@ ms.technology: mde
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
-> [!IMPORTANT]
+[!include[Prerelease information](../../includes/prerelease.md)]
-> **Device control for macOS is currently in public preview**<br>
-> This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
-> For more information, see [Microsoft Defender for Endpoint preview features](preview.md).
 
 ## Requirements
 
@@ -45,7 +42,7 @@ Device control for macOS has the following prerequisites:
 > - Minimum product version: 101.24.59
 > - Your device must be running with system extensions (this is the default on macOS 11 Big Sur). 
 > 
->   You can check if your device is running on system extensions, run the following command and verify that it is printing `endpoint_security_extension` to the console: 
+>   You can check if your device is running on system extensions by running the following command and verify that it is printing `endpoint_security_extension` to the console: 
 > 
 >   ```bash
 >   mdatp health --field real_time_protection_subsystem 
@@ -132,7 +129,7 @@ This section of the policy is hierarchical, allowing for maximum flexibility and
 
 For information on how to find the device identifiers, see [Look up device identifiers](#look-up-device-identifiers).
 
-The policy is evaluated from the most specific entry to the most general one. In other words, when a device is plugged in, the product tries to find the most specific match in the policy for each removable media device and apply the permissions at that level. If there is no match, then the next best match is applied, all the way to the permission specified at the top level, which is the default when a device does not match any other entry in the policy.
+The policy is evaluated from the most specific entry to the most general one. Meaning, when a device is plugged in, the product tries to find the most specific match in the policy for each removable media device and apply the permissions at that level. If there is no match, then the next best match is applied, all the way to the permission specified at the top level, which is the default when a device does not match any other entry in the policy.
 
 #### Policy enforcement level