Merge pull request #9717 from MicrosoftDocs/main

OOB publish for cpw-ad-wam-8470699

windows/client-management/manage-windows-copilot.md

@@ -3,7 +3,7 @@ title: Manage Copilot in Windows
 description: Learn how to manage Copilot in Windows for commercial environments using MDM and group policy. Learn about the chat providers available to Copilot in Windows.
 ms.topic: conceptual
 ms.subservice: windows-copilot
-ms.date: 02/09/2024
+ms.date: 03/21/2024
 ms.author: mstewart
 author: mestew
 appliesto:
@@ -109,10 +109,12 @@ To verify that Copilot with commercial data protection is enabled for the user a
 1. To verify that commercial data protection is enabled for the user, select the user's **Display name** to open the flyout menu.
 1. In the flyout, select the **Licenses & apps** tab, then expand the **Apps** list.
 1. Verify that **Copilot** is enabled for the user.
-1. If you prefer to view a user's licenses from the [Azure portal](https://portal.azure.com), you'll find it under **Microsoft Entra ID** > **Users**. Select the user's name, then **Licenses**. Select a  license that includes **Copilot**, and verify that it's listed as **On**.
-
-   > [!Note]
-   > If you previously disabled Copilot with commercial data protection (formerly Bing Chat Enterprise) using the URL, `https://aka.ms/TurnOffBCE`, see [Manage Copilot](/copilot/manage) for verifying that commercial data protection is enabled for your users.
+1. If you prefer to view a user's licenses from the [Azure portal](https://portal.azure.com), you'll find it under **Microsoft Entra ID** > **Users**. Select the user's name, then **Licenses**. Select a  license that includes **Copilot**, and verify that it's listed as **On**. If you previously disabled Copilot with commercial data protection (formerly Bing Chat Enterprise), see [Manage Copilot](/copilot/manage) for verifying that commercial data protection is enabled for your users.
+1. Copilot with commercial data protection is used as the chat provider platform for users when the following conditions are met:
+   - Users have an eligible license, commercial data protection in Copilot is enabled, and the [Copilot in Windows user experience is enabled](#enable-the-copilot-in-windows-user-experience-for-windows-11-version-22h2-clients).
+   - Users are signed in with their Microsoft Entra ID (work accounts)
+      - Users can sign into Windows with their Microsoft Entra ID
+      - For Active Directory users on Windows 11, a Microsoft Entra ID in the Web Account Manager (WAM) authentication broker can be used. Entra IDs in Microsoft Edge profiles and Microsoft 365 Apps would both be in WAM. <!--8470699-->
 
 The following sample PowerShell script connects to Microsoft Graph and lists which users that have Copilot with commercial data protection enabled and disabled:
 

windows/deployment/do/mcc-isp-faq.yml

@@ -15,7 +15,7 @@ metadata:
   appliesto: 
     - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
     - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
-  ms.date: 04/27/2023
+  ms.date: 03/21/2024
 title: Microsoft Connected Cache Frequently Asked Questions
 summary: |
   Frequently asked questions about Microsoft Connected Cache
@@ -27,6 +27,8 @@ sections:
         answer: Yes. Microsoft Connected Cache is a free service.  
       - question: What will Microsoft Connected Cache do for me? How will it impact our customers?
         answer: As an ISP, your network can benefit from reduced load on your backbone and improve customer download experience for supported Microsoft static content. It will also help you save on CDN costs.  
+      - question: I already peer with Microsoft(8075). What benefit will I receive by adding Microsoft Connected Cache to my network?
+        answer: MCC complements peering by offloading static content that is served off of multiple CDNs such as Akamai, Lumen, Edgecast. Static content such as OS updates, Apps, Software installs etc. can't be served via 8075. So, even if you're peering with Microsoft, you can benefit from installing MCC.  
       - question: Is there a non-disclosure agreement to sign?
         answer: No, a non-disclosure agreement isn't required.
       - question: What are the prerequisites and hardware requirements?
@@ -40,8 +42,15 @@ sections:
          
          The following are recommended hardware configurations:   
           
-          <!--Using include file, mcc-prerequisites.md, for shared content on DO monitoring-->
-          [!INCLUDE [Microsoft Connected Cache Prerequisites](includes/mcc-prerequisites.md)]
+         | Microsoft Connected Cache Machine Class | Scenario |Traffic Range| VM/Hardware Recommendation|
+         | -------- | -------- | -------- | -------- |
+         | Edge   | For smaller ISPs or remote sites part of a larger network. |< 5 Gbps Peak| VM </br> Up to 8 cores</br></br>Up to 16-GB memory</br></br>1 500 GB SSD|
+         | Metro POP   | For ISPs, IXs, or Transit Providers serving a moderate amount of traffic in a network that might require one of more cache nodes.   |5 to 20 Gbps Peak| VM or hardware</br></br>16 cores*</br></br>32-GB memory</br></br>2 - 3 500-GB SSDs each|
+         |Data Center|For ISPs, IXs, or Transit Providers serving a large amount traffic daily and might require deployment of multiple cache nodes.|20 to 40 Gbps Peak| Hardware, see sample spec below:</br></br>32 or more cores*</br></br>64 or more GB memory</br></br>4 - 6 500 - 1-TB SSDs** each |
+         
+         *Requires systems (chipset, CPU, motherboard) with PCIe version 3, or higher.
+         
+         **Drive speeds are important and to achieve higher egress, we recommend SSD NVMe in m.2 PCIe slot (version 4, or higher).
          
          We have one customer who is able to achieve mid-30s Gbps egress rate using the following hardware specification:  
           - Dell PowerEdge R330  
@@ -49,20 +58,20 @@ sections:
           - 48 GB, Micron Technology 18ASF1G72PDZ-2G1A1, Speed: 2133 MT/s  
           - 4 - Transcend SSD230s 1 TB SATA Drives  
           Intel Corporation Ethernet 10G 2P X520 Adapter (Link Aggregated)
-      - question: Will I need to provide hardware BareMetal server or VM?
-        answer: Microsoft Connected Cache is a software-only caching solution and will require you to provide your own server to host the software.
+      - question: Do I need to provide hardware BareMetal server or VM?
+        answer: Microsoft Connected Cache is a software-only caching solution and requires you to provide your own server to host the software.
       - question: Can we use hard drives instead of SSDs?
         answer: We highly recommend using SSDs as Microsoft Connected Cache is a read intensive application. We also recommend using multiple drives to improve performance.  
-      - question: Will I need to manually enter the CIDR blocks? If I have multiple cache nodes, should I configure a subset of CIDR blocks to each cache node?
-        answer: You can choose to route your traffic using manual CIDR blocks or BGP. If you have multiple Microsoft Connected Cache(s), you can allocate subsets of CIDR blocks to each cache node if you wish. However, since Microsoft Connected Cache has automatic load balancing, we recommend adding all of your traffic to all of your cache nodes.  
+      - question: Do I need to manually enter the CIDR blocks? If I have multiple cache nodes, should I configure a subset of CIDR blocks to each cache node?
+        answer: You can choose to route your traffic using manual CIDR blocks or BGP. If you have multiple Microsoft Connected Caches, you can allocate subsets of CIDR blocks to each cache node if you wish. However, since Microsoft Connected Cache has automatic load balancing, we recommend adding all of your traffic to all of your cache nodes.  
       - question: Should I add any load balancing mechanism?
-        answer: You don't need to add any load balancing. Our service will take care of routing traffic if you have multiple cache nodes serving the same CIDR blocks based on the reported health of the cache node.  
-      - question: How many Microsoft Connected Cache instances will I need? How do we set up if we support multiple countries or regions?
-        answer: As stated in the table above, the recommended configuration will achieve near the maximum possible egress of 40 Gbps with a two-port link aggregated NIC and four cache drives. We have a feature coming soon that will help you estimate the number of cache nodes needed. If your ISP spans multiple countries or regions, you can set up separate cache nodes per country or region.  
+        answer: You don't need to add any load balancing. Our service takes care of routing traffic if you have multiple cache nodes serving the same CIDR blocks based on the reported health of the cache node.  
+      - question: How many Microsoft Connected Cache instances do I need? How do we set up if we support multiple countries or regions?
+        answer: As stated in the recommended hardware table, the recommended configuration achieves near the maximum possible egress of 40 Gbps with a two-port link aggregated NIC and four cache drives. We have a feature coming soon that helps you estimate the number of cache nodes needed. If your ISP spans multiple countries or regions, you can set up separate cache nodes per country or region.  
       - question: Where should we install Microsoft Connected Cache?
         answer: You are in control of your hardware and you can pick the location based on your traffic and end customers. You can choose the location where you have your routers or where you have dense traffic or any other parameters.
       - question: How long would a piece of content live within the Microsoft Connected Cache? Is content purged from the cache?
-        answer: Once a request for said content is made, NGINX will look at the cache control headers from the original acquisition. If that content has expired, NGINX will continue to serve the stale content while it's downloading the new content.  We cache the content for 30 days. The content will be in the hot cache path (open handles and such) for 24 hrs, but will reside on disk for 30 days. The drive fills up and nginx will start to delete content based on its own algorithm, probably some combination of least recently used.
+        answer: Once a request for said content is made, NGINX looks at the cache control headers from the original acquisition. If that content is expired, NGINX continues to serve the stale content while it's downloading the new content. We cache the content for 30 days. The content will be in the hot cache path (open handles and such) for 24 hrs, but will reside on disk for 30 days. The drive fills up and nginx will start to delete content based on its own algorithm, probably some combination of least recently used.
       - question: What content is cached by Microsoft Connected Cache?
         answer: For more information about content cached, see [Delivery Optimization and Microsoft Connected Cache content endpoints - Windows Deployment](delivery-optimization-endpoints.md).  
       - question: Does Microsoft Connected Cache support Xbox or Teams content?
@@ -73,7 +82,7 @@ sections:
         answer: We have already successfully onboarded ISPs in many countries and regions around the world and have received positive feedback! However, you can always start off with a portion of your CIDR blocks to test out the performance of MCC before expanding to more customers.
       - question: How does Microsoft Connected Cache populate its content?
         answer: Microsoft Connected Cache is a cold cache warmed by client requests. The client requests content and that is what fills up the cache. There's no off-peak cache fill necessary. Microsoft Connected Cache will reach out to different CDN providers just like a client device would. The traffic flow from Microsoft Connected Cache will vary depending on how you currently transit to each of these CDN providers. The content can come from third party CDNs or from AFD.
-      - question: What CDNs will Microsoft Connected Cache pull content from?
+      - question: What CDNs does Microsoft Connected Cache pull content from?
         answer: | 
          Microsoft relies on a dynamic mix of 1st and 3rd party CDN providers to ensure enough capacity, redundancy, and performance for the delivery of Microsoft served content. Though we don't provide lists of the CDN vendors we utilize as they can change without notice, our endpoints are public knowledge. If someone were to perform a series of DNS lookups against our endpoints (tlu.dl.delivery.mp.microsoft.com for example), they would be able to determine which CDN or CDNs were in rotation at a given point in time:
          
@@ -84,13 +93,13 @@ sections:
          $ whois 13.107.4.50|grep "Organization:"
          
          Organization:   Microsoft Corporation (MSFT)
-      - question: I'm a network service provider and have downstream transit customers. If one of my downstream transit customers onboards to Microsoft Connected Cache, how will it affect my traffic?
+      - question: I'm a network service provider and have downstream transit customers. If one of my downstream transit customers onboards to Microsoft Connected Cache, how does it affect my traffic?
         answer: If a downstream customer deploys a Microsoft Connected Cache node, the cache controller will prefer the downstream ASN when handling that ASN's traffic.
       - question: I signed up for Microsoft Connected Cache, but I'm not receiving the verification email. What should I do?
-        answer: First, check that the email under the NOC role is correct in your PeeringDB page. If the email associated with NOC role is correct, search for an email from the sender "microsoft-noreply@microsoft.com" with the email subject - "Here's your Microsoft Connected Cache verification code" in your Spam folders. Still can't find it? Ensure that your email admin rules allow emails from the sender "microsoft-noreply@microsoft.com".
+        answer: First, check that the email under the NOC role is correct in your PeeringDB page. If the email associated with NOC role is correct, search for an email from the sender "microsoft-noreply@microsoft.com" with the email subject - "Here's your Microsoft Connected Cache verification code" in your Spam folders. Still can't find it? Ensure that your email admin rules allow emails from the sender `microsoft-noreply@microsoft.com`.
       - question: I noticed I can set up BGP for routing. How does BGP routing work for Microsoft Connected Cache?
         answer: BGP routing can be set up as an automatic method of routing traffic. To learn more about how BGP is used with Microsoft Connected Cache, see [BGP Routing](mcc-isp-create-provision-deploy.md#bgp-routing).
       - question: I have an active MCC, but I'm noticing I hit the message limit for my IoT Hub each day. Does this affect my MCC performance and should I be concerned?
-        answer: Even when the quota of 8k messages is hit, the MCC functionality won't be affected. Your client devices will continue to download content as normal. You'll also not be charged above the 8k message limit, so you don't need to worry at all about getting a paid plan. MCC will always be a free service. So if functionality isn't impacted, what is? Instead, messages about the configuration or edge deployment would be impacted. This means that if there was a request to update your MCC and the daily quota was reached, your MCC might not update. In that case, you would just need to wait for the next day to update. This is only a limitation of the early preview and isn't an issue during public preview.
+        answer: Even when the quota of 8k messages is hit, the MCC functionality isn't affected. Your client devices continue to download content as normal. You also won't be charged above the 8k message limit, so you don't need to worry at all about getting a paid plan. MCC will always be a free service. So if functionality isn't impacted, what is? Instead, messages about the configuration or edge deployment would be impacted. This means that if there was a request to update your MCC and the daily quota was reached, your MCC might not update. In that case, you would just need to wait for the next day to update. This is only a limitation of the early preview and isn't an issue during public preview.
       - question: What do I do if I need more support and have more questions even after reading this FAQ page?
         answer: For further support for Microsoft Connected Cache, visit [Troubleshooting Issues for Microsoft Connected Cache for ISP (public preview)](mcc-isp-support.md).

windows/deployment/do/mcc-isp-overview.md

@@ -13,7 +13,7 @@ appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
 - ✅ <a href=https://learn.microsoft.com/windows/deployment/do/waas-microsoft-connected-cache target=_blank>Microsoft Connected Cache for ISPs</a>	
-ms.date: 07/27/2023
+ms.date: 03/21/2024
 ---
 
 # Microsoft Connected Cache for ISPs overview
@@ -37,10 +37,15 @@ Microsoft Connected Cache uses Delivery Optimization as the backbone for Microso
 - Endpoint protection: Windows Defender definition updates
 - Xbox: Xbox Game Pass (PC only)
 
-Do you peer with [Microsoft (ASN 8075)](/azure/internet-peering/)? Microsoft Connected Cache complements peering by offloading static content that is served off of multiple CDNs such as Akamai, Lumen, and Edgecast. Microsoft Peering mainly caches dynamic content - by onboarding to Microsoft Connected Cache, you'll cache static content that otherwise would be served from the CDN. 
-
 For the full list of content endpoints that Microsoft Connected Cache for ISPs supports, see [Microsoft Connected Cache content and services endpoints](delivery-optimization-endpoints.md).
 
+### Are you already peering with 8075?
+
+MCC complements peering by offloading static content that is served off of multiple CDNs such as Akamai, Lumen, Edgecast. Static content such as OS updates, Apps, Software installs etc. can't be served via 8075. So, even if you're peering with Microsoft, you can benefit from installing MCC.
+
+:::image type="content" source="./media/mcc-isp-overview/mcc-isp-peeringvsmcc.png" alt-text="Chart containing Peering vs Cache Content Traffic." lightbox="./media/mcc-isp-overview/mcc-isp-peeringvsmcc.png":::
+
+
 ## How MCC works
 
 :::image type="content" source="./images/mcc-isp-diagram.png" alt-text="Data flow diagram of how Microsoft Connected Cache works." lightbox="./images/mcc-isp-diagram.png":::
@@ -71,3 +76,18 @@ The following steps describe how MCC is provisioned and used:
 1. Subsequent requests from end-user devices for content will be served from cache.
 
 1. If the MCC node is unavailable, the client gets content from the CDN to ensure uninterrupted service for your subscribers.
+
+### Hardware recommendation
+
+The following are recommended hardware configurations based on traffic ranges:
+
+| Microsoft Connected Cache Machine Class | Scenario |Traffic Range| VM/Hardware Recommendation|
+| -------- | -------- | -------- | -------- |
+| Edge   | For smaller ISPs or remote sites part of a larger network. |< 5 Gbps Peak| **VM** </br> </br>Up to 8 cores</br></br>Up to 16-GB memory</br></br>1 500 GB SSD|
+| Metro POP   | For ISPs, IXs, or Transit Providers serving a moderate amount of traffic in a network that might require one of more cache nodes.   |5 to 20 Gbps Peak| **VM or hardware**</br></br>16 cores*</br></br>32-GB memory</br></br>2 - 3 500-GB SSDs each|
+|Data Center|For ISPs, IXs, or Transit Providers serving a large amount traffic daily and might require deployment of multiple cache nodes.|20 to 40 Gbps Peak| **Hardware**, see sample spec below:</br></br> 32 or more cores*</br></br>64 or more GB memory</br></br>4 - 6 500 - 1-TB SSDs** each |
+
+*Requires systems (chipset, CPU, motherboard) with PCIe version 3, or higher.
+
+**Drive speeds are important and to achieve higher egress, we recommend SSD NVMe in m.2 PCIe slot (version 4, or higher).
+