diff --git a/windows/application-management/manage-windows-mixed-reality.md b/windows/application-management/manage-windows-mixed-reality.md index 0a173192fa..f6af0d88a5 100644 --- a/windows/application-management/manage-windows-mixed-reality.md +++ b/windows/application-management/manage-windows-mixed-reality.md @@ -44,7 +44,7 @@ Organizations that use Windows Server Update Services (WSUS) must take action to ``` Add-Package - Dism /Online /add-windowspackage + Dism /Online /add-package /packagepath:(path) ``` c. In **Settings** > **Update & Security** > **Windows Update**, select **Check for updates**. diff --git a/windows/configuration/wcd/wcd-messaging.md b/windows/configuration/wcd/wcd-messaging.md index 8300ae3455..b48bfa9e23 100644 --- a/windows/configuration/wcd/wcd-messaging.md +++ b/windows/configuration/wcd/wcd-messaging.md @@ -290,7 +290,7 @@ Setting | Description --- | --- TaiwanAlertEnabled | Receive Taiwan alerts. TaiwanEmergencyAlertEnabled | Receive Taiwan emergency alerts. -TaiwanPresidentialAlertEnabled | Receive Taiwan Presidential alerts. +TaiwanPresidentialAlertEnabled | Receive alerts from the Leader of the Taiwan Area. TaiwanRequiredMonthlytestEnabled | Receive Taiwan Required Monthly Test alerts. diff --git a/windows/security/hardware-protection/tpm/tpm-recommendations.md b/windows/security/hardware-protection/tpm/tpm-recommendations.md index a9f0a616d2..5b220439f0 100644 --- a/windows/security/hardware-protection/tpm/tpm-recommendations.md +++ b/windows/security/hardware-protection/tpm/tpm-recommendations.md @@ -8,7 +8,7 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: high author: brianlic-msft -ms.date: 10/27/2017 +ms.date: 05/16/2018 --- # TPM recommendations @@ -102,7 +102,9 @@ The following table defines which Windows features require TPM support. | Measured Boot | Yes | Yes | Yes | Measured Boot requires TPM 1.2 or 2.0 and UEFI Secure Boot | | BitLocker | Yes | Yes | Yes | TPM 1.2 or 2.0 is required | | Device Encryption | Yes | N/A | Yes | Device Encryption requires Modern Standby/Connected Standby certification, which requires TPM 2.0. | -| Device Guard | No | Yes | Yes | | +| Windows Defender Application Control (Device Guard) | No | Yes | Yes | | +| Windows Defender Exploit Guard | Yes | Yes | Yes | | +| Windows Defender System Guard | Yes | Yes | Yes | | | Credential Guard | No | Yes | Yes | Windows 10, version 1507 (End of Life as of May 2017) only supported TPM 2.0 for Credential Guard. Beginning with Windows 10, version 1511, TPM 1.2 and 2.0 are supported. | | Device Health Attestation| Yes | Yes | Yes | | | Windows Hello/Windows Hello for Business| No | Yes | Yes | Azure AD join supports both versions of TPM, but requires TPM with keyed-hash message authentication code (HMAC) and Endorsement Key (EK) certificate for key attestation support. | diff --git a/windows/security/identity-protection/vpn/images/custom-vpn-profile.png b/windows/security/identity-protection/vpn/images/custom-vpn-profile.png new file mode 100644 index 0000000000..0dc0c88880 Binary files /dev/null and b/windows/security/identity-protection/vpn/images/custom-vpn-profile.png differ diff --git a/windows/security/identity-protection/vpn/vpn-profile-options.md b/windows/security/identity-protection/vpn/vpn-profile-options.md index 4f1b8870a5..6ccddad1e0 100644 --- a/windows/security/identity-protection/vpn/vpn-profile-options.md +++ b/windows/security/identity-protection/vpn/vpn-profile-options.md @@ -6,9 +6,10 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security, networking -author: jdeckerms +author: shortpatti +ms.author: pashort ms.localizationpriority: high -ms.date: 07/27/2017 +ms.date: 05/17/2018 --- # VPN profile options @@ -37,10 +38,10 @@ The following table lists the VPN settings and whether the setting can be config | Name resolution: persistent | no | | Auto-trigger: app trigger | yes | | Auto-trigger: name trigger | yes | -| Auto-trigger: Always On | no | +| Auto-trigger: Always On | yes | | Auto-trigger: trusted network detection | no | | LockDown | no | -| Windows Information Protection (WIP) | no | +| Windows Information Protection (WIP) | yes | | Traffic filters | yes | The ProfileXML node was added to the VPNv2 CSP to allow users to deploy VPN profile as a single blob. This is particularly useful for deploying profiles with features that are not yet supported by MDMs. You can get additional examples in the [ProfileXML XSD](https://msdn.microsoft.com/library/windows/hardware/mt755930.aspx) topic. @@ -296,9 +297,24 @@ The following is a sample plug-in VPN profile. This blob would fall under the Pr After you configure the settings that you want using ProfileXML, you can apply it using Intune and a **Custom Configuration (Windows 10 Desktop and Mobile and later)** policy. -The OMS-URI setting to apply ProfileXML is **./user/vendor/MSFT/*VPN profile name*/ProfileXML**. +![Custom VPN Profile](images/custom-vpn-profile.png) + +1. Sign into the Azure portal. +2. Go to **Intune** > **Device Configuration** > **Profiles**. +3. Click **Create Profile**. +4. Enter a name and (optionally) a description. +5. Choose **Windows 10 and later** as the platform. +6. Choose **Custom** as the profile type. +7. Click **Add**. +8. Configure the custom setting: + a. Enter a name and (optionally) a description. + b. Enter the OMA-URI: **./user/vendor/MSFT/_VPN profile name_/ProfileXML**. + c. Set Data type to **String (XML file)**. + d. Upload the file with the profile XML. + e. Click **OK**. + 9. Click **OK**, then click **Create**. +10. Assign the profile. -![Paste your ProfileXML in OMA-URI Setting value field](images/vpn-profilexml-intune.png) ## Learn more