deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-20 01:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into threat-simulator

Browse Source
This commit is contained in:
Joey Caparas 2020-03-05 13:44:10 -08:00
commit 6495021c4c
6 changed files with 50 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
devices/surface-hub/surface-hub-update-history.md
View File

@ -24,6 +24,21 @@ Please refer to the “[Surface Hub Important Information](https://support.micro
## Windows 10 Team Creators Update 1703
<details>
<summary>February 28, 2020—update for Surface Hub 2S</summary>
This update is specific to the Surface Hub 2S and provides the driver and firmware updates outlined below:
* Surface Integration driver - 13.46.139.0
* Improves display brightness scenarios.
* Intel(R) Management Engine Interface driver - 1914.12.0.1256
* Improves system stability.
* Surface SMC Firmware update - 1.161.139.0
* Improves pen battery performance.
* Surface UEFI update - 694.2938.768.0
* Improves system stability.
</details>
<details>
<summary>February 11, 2020—update for Team edition based on KB4537765* (OS Build 15063.2284)</summary>

5
windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
View File

@ -94,7 +94,7 @@ The steps for creating the deployment share for production are the same as when
### Configure permissions for the production deployment share
To read files in the deployment share, you need to assign NTSF and SMB permissions to the MDT Build Account (MDT\_BA) for the **D:\\MDTProduction** folder
To read files in the deployment share, you need to assign NTFS and SMB permissions to the MDT Build Account (MDT\_BA) for the **D:\\MDTProduction** folder
On **MDT01**:
@ -727,6 +727,9 @@ On **MDT01**:
The ISO that you got when updating the offline media item can be burned to a DVD and used directly (it will be bootable), but it is often more efficient to use USB sticks instead since they are faster and can hold more data. (A dual-layer DVD is limited to 8.5 GB.)
>[!TIP]
>In this example, the .wim file is 5.5 GB in size. However, bootable USB sticks are formatted with the FAT32 file system which limits file size to 4.0 GB. This means you must split the .wim file, which can be done using DISM: <br>&nbsp;<br>Dism /Split-Image /ImageFile:D:\MDTOfflinemedia\Content\Deploy\Operating Systems\W10EX64RTM\REFW10X64-001.wim /SWMFile:E:\sources\install.swm /FileSize:3800. <br>&nbsp;<br>Windows Setup automatically installs from this file, provided you name it install.swm. The file names for the next files include numbers, for example: install2.swm, install3.swm. <br>&nbsp;<br>To enable split image in MDT, the Settings.xml file in your deployment share (ex: D:\MDTProduction\Control\Settings.xml) must have the **SkipWimSplit** value set to **False**. By default this value is set to True (\<SkipWimSplit\>True\</SkipWimSplit\>), so this must be changed and the offline media content updated.
Follow these steps to create a bootable USB stick from the offline media content:
1. On a physical machine running Windows 7 or later, insert the USB stick you want to use.

15
windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
View File

@ -37,11 +37,11 @@ Before you get started, see [Microsoft Defender ATP for Linux](microsoft-defende
## Configure the Linux software repository
Microsoft Defender ATP for Linux can be deployed from one of the following channels (denoted below as *[channel]*): *insider-fast* or *prod*. Each of these channels corresponds to a Linux software repository. Instructions for configuring your device to use one of these repositories are provided below.
Microsoft Defender ATP for Linux can be deployed from one of the following channels (denoted below as *[channel]*): *insiders-fast*, *insiders-slow*, or *prod*. Each of these channels corresponds to a Linux software repository. Instructions for configuring your device to use one of these repositories are provided below.
The choice of the channel determines the type and frequency of updates that are offered to your device. Devices in *insider-fast* can try out new features before devices in *prod*.
The choice of the channel determines the type and frequency of updates that are offered to your device. Devices in *insiders-fast* are the first ones to receive updates and new features, followed later by *insiders-slow* and lastly by *prod*.
In order to preview new features and provide early feedback, it is recommended that you configure some devices in your enterprise to use the *insider-fast* channel.
In order to preview new features and provide early feedback, it is recommended that you configure some devices in your enterprise to use either *insiders-fast* or *insiders-slow*.
### RHEL and variants (CentOS and Oracle EL)
@ -56,7 +56,7 @@ In order to preview new features and provide early feedback, it is recommended t
sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/[distro]/[version]/[channel].repo
```
For example, if you are running CentOS 7 and wish to deploy MDATP for Linux from the *insider-fast* channel:
For example, if you are running CentOS 7 and wish to deploy MDATP for Linux from the *insiders-fast* channel:
```bash
sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/centos/7/insiders-fast.repo
@ -94,7 +94,7 @@ In order to preview new features and provide early feedback, it is recommended t
sudo zypper addrepo -c -f -n microsoft-[channel] https://packages.microsoft.com/config/[distro]/[version]/[channel].repo
```
For example, if you are running SLES 12 and wish to deploy MDATP for Linux from the *insider-fast* channel:
For example, if you are running SLES 12 and wish to deploy MDATP for Linux from the *insiders-fast* channel:
```bash
sudo zypper addrepo -c -f -n microsoft-insiders-fast https://packages.microsoft.com/config/sles/12/insiders-fast.repo
@ -132,7 +132,7 @@ In order to preview new features and provide early feedback, it is recommended t
curl -o microsoft.list https://packages.microsoft.com/config/[distro]/[version]/[channel].list
```
For example, if you are running Ubuntu 18.04 and wish to deploy MDATP for Linux from the *insider-fast* channel:
For example, if you are running Ubuntu 18.04 and wish to deploy MDATP for Linux from the *insiders-fast* channel:
```bash
curl -o microsoft.list https://packages.microsoft.com/config/ubuntu/18.04/insiders-fast.list
@ -241,6 +241,9 @@ Download the onboarding package from Microsoft Defender Security Center:
1
```
> [!IMPORTANT]
> When the product starts for the first time, it downloads the latest antimalware definitions. Depending on your Internet connection, this can take up to a few minutes. During this time the above command returns a value of `0`.
5. Run a detection test to verify that the machine is properly onboarded and reporting to the service. Perform the following steps on the newly onboarded machine:
- Ensure that real-time protection is enabled (denoted by a result of `1` from running the following command):

11
windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md
View File

@ -42,7 +42,7 @@ Before you get started, please see [the main Microsoft Defender ATP for Linux pa
- Curl
- Unzip
- All host must be listed in the following format in the `/etc/ansible/hosts` file:
- All hosts must be listed in the following format in the `/etc/ansible/hosts` file:
```bash
[servers]
@ -129,11 +129,11 @@ Create subtask or role files that contribute to an actual task. Create the follo
- Add the Microsoft Defender ATP repository and key.
Microsoft Defender ATP for Linux can be deployed from one of the following channels (denoted below as *[channel]*): *insider-fast* or *prod*. Each of these channels corresponds to a Linux software repository.
Microsoft Defender ATP for Linux can be deployed from one of the following channels (denoted below as *[channel]*): *insiders-fast*, *insiders-slow*, or *prod*. Each of these channels corresponds to a Linux software repository.
The choice of the channel determines the type and frequency of updates that are offered to your device. Devices in *insider-fast* can try out new features before devices in *prod*.
The choice of the channel determines the type and frequency of updates that are offered to your device. Devices in *insiders-fast* are the first ones to receive updates and new features, followed later by *insiders-slow* and lastly by *prod*.
In order to preview new features and provide early feedback, it is recommended that you configure some devices in your enterprise to use the *insider-fast* channel.
In order to preview new features and provide early feedback, it is recommended that you configure some devices in your enterprise to use either *insiders-fast* or *insiders-slow*.
Note your distribution and version and identify the closest entry for it under `https://packages.microsoft.com/config/`.
@ -233,6 +233,9 @@ Now run the tasks files under `/etc/ansible/playbooks/`.
$ ansible-playbook /etc/ansible/playbooks/install_mdatp.yml -i /etc/ansible/hosts
```
> [!IMPORTANT]
> When the product starts for the first time, it downloads the latest antimalware definitions. Depending on your Internet connection, this can take up to a few minutes.
- Validation/configuration:
```bash

9
windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md
View File

@ -78,11 +78,11 @@ install_mdatp
### Contents of `install_mdatp/manifests/init.pp`
Microsoft Defender ATP for Linux can be deployed from one of the following channels (denoted below as *[channel]*): *insider-fast* or *prod*. Each of these channels corresponds to a Linux software repository.
Microsoft Defender ATP for Linux can be deployed from one of the following channels (denoted below as *[channel]*): *insiders-fast*, *insiders-slow*, or *prod*. Each of these channels corresponds to a Linux software repository.
The choice of the channel determines the type and frequency of updates that are offered to your device. Devices in *insider-fast* can try out new features before devices in *prod*.
The choice of the channel determines the type and frequency of updates that are offered to your device. Devices in *insiders-fast* are the first ones to receive updates and new features, followed later by *insiders-slow* and lastly by *prod*.
In order to preview new features and provide early feedback, it is recommended that you configure some devices in your enterprise to use the *insider-fast* channel.
In order to preview new features and provide early feedback, it is recommended that you configure some devices in your enterprise to use either *insiders-fast* or *insiders-slow*.
Note your distribution and version and identify the closest entry for it under `https://packages.microsoft.com/config/`.
@ -167,6 +167,9 @@ $ mdatp --health healthy
The above command prints `1` if the product is onboarded and functioning as expected.
> [!IMPORTANT]
> When the product starts for the first time, it downloads the latest antimalware definitions. Depending on your Internet connection, this can take up to a few minutes. During this time the above command returns a value of `0`.
If the product is not healthy, the exit code (which can be checked through `echo $?`) indicates the problem:
- 1 if the device is not yet onboarded.

9
windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
View File

@ -20,6 +20,15 @@ ms.topic: conceptual
# Microsoft Defender ATP for Linux
> [!IMPORTANT]
> **PUBLIC PREVIEW EDITION**
>
> This documentation is for a pre-release solution. The guidelines and the solution are subject to change between now and its general availability.
>
> As with any pre-release solution, remember to exercise caution when determining the target population for your deployments.
>
> If you have preview features turned on in the Microsoft Defender Security Center, you should be able to access the Linux onboarding page immediately. If you have not yet opted into previews, we encourage you to [turn on preview features](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/preview) in the Microsoft Defender Security Center today.
This topic describes how to install, configure, update, and use Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux.
> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4q3yP]