From b5ed97ba1d15db48f6943b000866ab7ecfd1b706 Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Mon, 14 Sep 2020 17:24:16 +0500
Subject: [PATCH 1/2] Update indicator-ip-domain.md

---
 .../microsoft-defender-atp/indicator-ip-domain.md            | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
index 90e188b28e..5f42abda95 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
@@ -46,6 +46,7 @@ It's important to understand the following prerequisites prior to creating indic
 > For web protection scenarios, we recommend using the built-in capabilities in Microsoft Edge. Microsoft Edge leverages [Network Protection](network-protection.md) to inspect network traffic and allows blocks for TCP, HTTP, and HTTPS (TLS). For all other processes, web protection scenarios leverage Network Protection for inspection and enforcement: <br>
 > NOTE:
 >- IP is supported for all three protocols
+>- Only single IP addresses are supported (no CIDR blocks or IP ranges)
 >- Encrypted URLs (full path) can only be blocked on first party browsers
 >- Encrypted URLS (FQDN only) can be blocked outside of first party browsers
 >- Full URL path blocks can be applied on the domain level and all unencrypted URLs
@@ -59,7 +60,7 @@ It's important to understand the following prerequisites prior to creating indic
 
 2. Select the **IP addresses or URLs/Domains** tab.
 
-3. Select **Add indicator**.
+3. Select **Add item**.
 
 4. Specify the following details:
    - Indicator - Specify the entity details and define the expiration of the indicator.
@@ -72,4 +73,4 @@ It's important to understand the following prerequisites prior to creating indic
 - [Create indicators](manage-indicators.md)
 - [Create indicators for files](indicator-file.md)
 - [Create indicators based on certificates](indicator-certificates.md)
-- [Manage indicators](indicator-manage.md)
\ No newline at end of file
+- [Manage indicators](indicator-manage.md)

From 5323230175e3727a46039391198639abbcdd2a68 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Mon, 14 Sep 2020 10:30:51 -0700
Subject: [PATCH 2/2] Update indicator-ip-domain.md

---
 .../microsoft-defender-atp/indicator-ip-domain.md               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
index 5f42abda95..50c42b1fe9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
@@ -1,4 +1,4 @@
----
+---
 title:  Create indicators for IPs and URLs/domains 
 ms.reviewer: 
 description: Create indicators for IPs and URLs/domains that define the detection, prevention, and exclusion of entities.