From 5b4e559c9f39619726422b6ade9c6ceec889b839 Mon Sep 17 00:00:00 2001 From: fattala Date: Tue, 25 Oct 2016 09:19:26 +0300 Subject: [PATCH 01/14] Update configure-proxy-internet-windows-defender-advanced-threat-protection.md a test for change --- ...net-windows-defender-advanced-threat-protection.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 5aaa60e929..5b5482c1cd 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -28,14 +28,13 @@ The embedded Windows Defender ATP sensor runs in system context using the LocalS The WinHTTP configuration setting is independent of the Windows Internet (WinINet) internet browsing proxy settings and can only discover a proxy server by using the following discovery methods: -- Configure the proxy server manually using a static proxy - - Auto-discovery methods: - - Transparent proxy +- Auto-discovery methods: + - Transparent proxy - - Manual static proxy configuration - - WinHTTP configured using netsh command - - Registry based configuration + - Manual static proxy configuration + - WinHTTP configured using netsh command + - Registry based configuration ## Configure the proxy server manually using a registry-based static proxy Configure a registry-based static proxy to allow only Windows Defender ATP sensor to report telemetry and communicate with Windows Defender ATP services if a computer is not be permitted to connect to the Internet. From 0691be48b809887e4e5238b2ef66726f86513e1a Mon Sep 17 00:00:00 2001 From: jcaparas Date: Tue, 25 Oct 2016 18:17:23 +1100 Subject: [PATCH 02/14] Update configure-proxy-internet-windows-defender-advanced-threat-protection.md --- ...roxy-internet-windows-defender-advanced-threat-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 5b5482c1cd..49d660bfbe 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -29,7 +29,7 @@ The embedded Windows Defender ATP sensor runs in system context using the LocalS The WinHTTP configuration setting is independent of the Windows Internet (WinINet) internet browsing proxy settings and can only discover a proxy server by using the following discovery methods: -- Auto-discovery methods: + - Auto-discovery methods: - Transparent proxy - Manual static proxy configuration From 21612e8497b91e3d2ac56e83f9823142919dd5de Mon Sep 17 00:00:00 2001 From: jcaparas Date: Tue, 25 Oct 2016 18:26:04 +1100 Subject: [PATCH 03/14] Update configure-proxy-internet-windows-defender-advanced-threat-protection.md --- ...y-internet-windows-defender-advanced-threat-protection.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 49d660bfbe..df0c5361b3 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -28,11 +28,10 @@ The embedded Windows Defender ATP sensor runs in system context using the LocalS The WinHTTP configuration setting is independent of the Windows Internet (WinINet) internet browsing proxy settings and can only discover a proxy server by using the following discovery methods: - - - Auto-discovery methods: + - Auto-discovery method: - Transparent proxy - - Manual static proxy configuration + - Manual static proxy configuration: - WinHTTP configured using netsh command - Registry based configuration From de5b0ba9035a62bbed018e09641a04007ffbdad8 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Tue, 25 Oct 2016 18:28:26 +1100 Subject: [PATCH 04/14] Update configure-proxy-internet-windows-defender-advanced-threat-protection.md --- ...-internet-windows-defender-advanced-threat-protection.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index df0c5361b3..a624053f4d 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -75,10 +75,8 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec Primary Domain Controller | .Microsoft.com DNS record :---|:--- - Central US | winatp-gw-cus.microsoft.com
us.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net - East US (2)| winatp-gw-eus.microsoft.com
us.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net - West Europe | winatp-gw-weu.microsoft.com
eu.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net - North Europe | winatp-gw-neu.microsoft.com
eu.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net + US | winatp-gw-cus.microsoft.com
us.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net
winatp-gw-eus.microsoft.com
us.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net +Europe | winatp-gw-weu.microsoft.com
eu.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net
winatp-gw-neu.microsoft.com
eu.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net
If a proxy or firewall is blocking anonymous traffic, as Windows Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the above listed URLs. From 0ee2a4522e50a244f78142c64251ae41bf9f5172 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Tue, 25 Oct 2016 18:32:27 +1100 Subject: [PATCH 05/14] Update configure-proxy-internet-windows-defender-advanced-threat-protection.md --- ...y-internet-windows-defender-advanced-threat-protection.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index a624053f4d..a47ee0cae8 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -75,10 +75,9 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec Primary Domain Controller | .Microsoft.com DNS record :---|:--- - US | winatp-gw-cus.microsoft.com
us.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net
winatp-gw-eus.microsoft.com
us.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net -Europe | winatp-gw-weu.microsoft.com
eu.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net
winatp-gw-neu.microsoft.com
eu.vortex-win.data.microsoft.com
crl.microsoft.com
*.blob.core.windows.net + US | ```winatp-gw-cus.microsoft.com```
```us.vortex-win.data.microsoft.com```
```crl.microsoft.com```
```*.blob.core.windows.net```
```winatp-gw-eus.microsoft.com```
```us.vortex-win.data.microsoft.com```
```crl.microsoft.com```
```*.blob.core.windows.net``` +Europe | ```winatp-gw-weu.microsoft.com```
```eu.vortex-win.data.microsoft.com```
```crl.microsoft.com```
```*.blob.core.windows.net```
```winatp-gw-neu.microsoft.com```
```eu.vortex-win.data.microsoft.com```
```crl.microsoft.com```
```*.blob.core.windows.net```
-
If a proxy or firewall is blocking anonymous traffic, as Windows Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the above listed URLs. If you selected US as your region, you should permit anonymous traffic for URLs listed in both Central US and East US (2). From 82205e5310c1c5a5d1640fbf9a939799abb2d8d3 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Tue, 25 Oct 2016 18:39:46 +1100 Subject: [PATCH 06/14] Update configure-proxy-internet-windows-defender-advanced-threat-protection.md --- ...xy-internet-windows-defender-advanced-threat-protection.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index a47ee0cae8..23670b825a 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -75,8 +75,8 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec Primary Domain Controller | .Microsoft.com DNS record :---|:--- - US | ```winatp-gw-cus.microsoft.com```
```us.vortex-win.data.microsoft.com```
```crl.microsoft.com```
```*.blob.core.windows.net```
```winatp-gw-eus.microsoft.com```
```us.vortex-win.data.microsoft.com```
```crl.microsoft.com```
```*.blob.core.windows.net``` -Europe | ```winatp-gw-weu.microsoft.com```
```eu.vortex-win.data.microsoft.com```
```crl.microsoft.com```
```*.blob.core.windows.net```
```winatp-gw-neu.microsoft.com```
```eu.vortex-win.data.microsoft.com```
```crl.microsoft.com```
```*.blob.core.windows.net```
+ US |```*.blob.core.windows.net```
```crl.microsoft.com```
```us.vortex-win.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
+Europe |```*.blob.core.windows.net```
```crl.microsoft.com```
```eu.vortex-win.data.microsoft.com```
```winatp-gw-neu.microsoft.com```

If a proxy or firewall is blocking anonymous traffic, as Windows Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the above listed URLs. From f14553fc51cfb85777ab2b067cc5d8c7e95dbe33 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Tue, 25 Oct 2016 18:41:44 +1100 Subject: [PATCH 07/14] Update configure-proxy-internet-windows-defender-advanced-threat-protection.md --- ...y-internet-windows-defender-advanced-threat-protection.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 23670b825a..24f01c30e8 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -75,8 +75,9 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec Primary Domain Controller | .Microsoft.com DNS record :---|:--- - US |```*.blob.core.windows.net```
```crl.microsoft.com```
```us.vortex-win.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
-Europe |```*.blob.core.windows.net```
```crl.microsoft.com```
```eu.vortex-win.data.microsoft.com```
```winatp-gw-neu.microsoft.com```

+ US |```*.blob.core.windows.net```
```crl.microsoft.com```
```us.vortex-win.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-cus.microsoft.com``` + +Europe |```*.blob.core.windows.net```
```crl.microsoft.com```
```eu.vortex-win.data.microsoft.com```
```winatp-gw-neu.microsoft.com```
```winatp-gw-weu.microsoft.com```
If a proxy or firewall is blocking anonymous traffic, as Windows Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the above listed URLs. From 7bf51b9077d62f56a2aa9d015349a4819c96ae7d Mon Sep 17 00:00:00 2001 From: jcaparas Date: Tue, 25 Oct 2016 18:42:57 +1100 Subject: [PATCH 08/14] Update configure-proxy-internet-windows-defender-advanced-threat-protection.md --- ...oxy-internet-windows-defender-advanced-threat-protection.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 24f01c30e8..3fb7c6fed0 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -75,8 +75,7 @@ If a proxy or firewall is blocking all traffic by default and allowing only spec Primary Domain Controller | .Microsoft.com DNS record :---|:--- - US |```*.blob.core.windows.net```
```crl.microsoft.com```
```us.vortex-win.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-cus.microsoft.com``` - + US |```*.blob.core.windows.net```
```crl.microsoft.com```
```us.vortex-win.data.microsoft.com```
```winatp-gw-cus.microsoft.com```
```winatp-gw-eus.microsoft.com``` Europe |```*.blob.core.windows.net```
```crl.microsoft.com```
```eu.vortex-win.data.microsoft.com```
```winatp-gw-neu.microsoft.com```
```winatp-gw-weu.microsoft.com```
If a proxy or firewall is blocking anonymous traffic, as Windows Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the above listed URLs. From 383be0c0c65ca8fe360dffdc0dfabf3dcc0f972e Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 27 Oct 2016 11:57:54 +1100 Subject: [PATCH 09/14] add auto-discovery info --- ...internet-windows-defender-advanced-threat-protection.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md index 3fb7c6fed0..c24886d168 100644 --- a/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md @@ -28,8 +28,13 @@ The embedded Windows Defender ATP sensor runs in system context using the LocalS The WinHTTP configuration setting is independent of the Windows Internet (WinINet) internet browsing proxy settings and can only discover a proxy server by using the following discovery methods: - - Auto-discovery method: + - Auto-discovery methods: - Transparent proxy + - Web Proxy Auto-discovery Protocol (WPAD) + +> [!NOTE] +> If you're using Transparent proxy or WPAD in your network topology, you don't need special endpoint configuration settings. For more information on Windows Defender ATP URL exclusions in the proxy, see [Enable access to Windows Defender ATP service URLs in the proxy server](#enable-access-to-windows-defender-atp-service-urls-in-the-proxy-server). + - Manual static proxy configuration: - WinHTTP configured using netsh command From 9bf26bec1392580505586248a8912b123254b078 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Fri, 4 Nov 2016 10:59:52 -0700 Subject: [PATCH 10/14] art update --- education/windows/school-get-minecraft.md | 1 - 1 file changed, 1 deletion(-) diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md index 6c58e6edeb..0adea43fb7 100644 --- a/education/windows/school-get-minecraft.md +++ b/education/windows/school-get-minecraft.md @@ -97,7 +97,6 @@ Enter email addresses for your students, and each student will get an email with ![Minecraft Education Edition product page](images/mc-install-for-me-teacher.png) 3. Click **Invite people**. - ![Assign to people](images/minecraft-assign-to-people.png) 4. Type the name, or email address of the student or group you want to assign the app to, and then click **Assign**. You can only assign the app to students with work or school accounts. If you don't find the student, you might need to add a work or school account for the student. From 9a0e622fabd42cd0afdaa268025bddbd8f1c8a0b Mon Sep 17 00:00:00 2001 From: isaiahng Date: Fri, 4 Nov 2016 12:49:57 -0700 Subject: [PATCH 11/14] Update W10T vs W10E article --- ...s-between-surface-hub-and-windows-10-enterprise.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/devices/surface-hub/differences-between-surface-hub-and-windows-10-enterprise.md b/devices/surface-hub/differences-between-surface-hub-and-windows-10-enterprise.md index 259cf8f3f8..73557c1f2c 100644 --- a/devices/surface-hub/differences-between-surface-hub-and-windows-10-enterprise.md +++ b/devices/surface-hub/differences-between-surface-hub-and-windows-10-enterprise.md @@ -39,7 +39,14 @@ Surface Hub is designed to be used in communal spaces, such as meeting rooms. Un ### Saving and browsing files -Users can only access files and folders under My Documents. Files saved locally during a session are deleted when users press **I'm done**. To save content created during a meeting, users should save files to a USB drive or to OneDrive. +Users have access to a limited set of directories on the Surface Hub: +- Music +- Videos +- Documents +- Pictures +- Downloads + +Files saved locally in these directories are deleted when users press **I'm done**. To save content created during a meeting, users should save files to a USB drive or to OneDrive. *Organization policies that this may affect:*
Policies related to access permissions and ownership of files and folders don't apply for Surface Hub. Users can't browse and save files to system directories and network folders. @@ -69,7 +76,7 @@ UWP apps pre-installed on Surface Hub: - Whiteboard* - Word Mobile -*Apps with an asterisk (\*) are unique to Surface Hub* +*Apps with an asterisk (*) are unique to Surface Hub* *Organization policies that this may affect:*
Use guidelines for Windows 10 Enterprise to determine the features and network requirements for default apps on the Surface Hub. From f12923f48f3eb3aa149a1cf528332aa65c2ba5d4 Mon Sep 17 00:00:00 2001 From: fattala Date: Sat, 5 Nov 2016 21:20:30 +0200 Subject: [PATCH 12/14] Update investigate-files-windows-defender-advanced-threat-protection.md add a small correction of a registry path --- ...stigate-files-windows-defender-advanced-threat-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md b/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md index 51e68f1fee..5d547bd269 100644 --- a/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md @@ -122,7 +122,7 @@ If you encounter a problem when trying to submit a file, try each of the followi a. Change the following registry entry and values to change the policy on specific endpoints: ``` -HKLM\SOFTWARE\Policies\Microsoft\Sense\AllowSampleCollection +HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection Value = 0 - block sample collection Value = 1 - allow sample collection ``` From 91291ce29592b34d2fcd128b2ced62375e46ae03 Mon Sep 17 00:00:00 2001 From: fattala Date: Sat, 5 Nov 2016 21:24:00 +0200 Subject: [PATCH 13/14] Update configure-endpoints-gp-windows-defender-advanced-threat-protection.md Made a small correction for the name of the GPO setting --- ...-endpoints-gp-windows-defender-advanced-threat-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md index 731d00b2c5..59f309b4ab 100644 --- a/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md @@ -67,7 +67,7 @@ You can use Group Policy (GP) to configure settings, such as settings for the sa 4. Click **Policies**, then **Administrative templates**. -5. Click **Windows components** and then **Windows Advanced Threat Protection**. +5. Click **Windows components** and then **Windows Defender ATP**. 6. Choose to enable or disable sample sharing from your endpoints. From ed00798f722cdae7f4f4afeeef5c513738d0c2bb Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 7 Nov 2016 22:41:22 +1100 Subject: [PATCH 14/14] fixed typos --- ...-endpoints-gp-windows-defender-advanced-threat-protection.md | 2 +- ...stigate-files-windows-defender-advanced-threat-protection.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md index 731d00b2c5..59f309b4ab 100644 --- a/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/configure-endpoints-gp-windows-defender-advanced-threat-protection.md @@ -67,7 +67,7 @@ You can use Group Policy (GP) to configure settings, such as settings for the sa 4. Click **Policies**, then **Administrative templates**. -5. Click **Windows components** and then **Windows Advanced Threat Protection**. +5. Click **Windows components** and then **Windows Defender ATP**. 6. Choose to enable or disable sample sharing from your endpoints. diff --git a/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md b/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md index 51e68f1fee..5d547bd269 100644 --- a/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md @@ -122,7 +122,7 @@ If you encounter a problem when trying to submit a file, try each of the followi a. Change the following registry entry and values to change the policy on specific endpoints: ``` -HKLM\SOFTWARE\Policies\Microsoft\Sense\AllowSampleCollection +HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection Value = 0 - block sample collection Value = 1 - allow sample collection ```