From 38783143214e3fd0f197ba7ef20034d0b4c472bb Mon Sep 17 00:00:00 2001 From: LizRoss Date: Tue, 25 Apr 2017 08:15:45 -0700 Subject: [PATCH 1/2] Updated applies to versions and fixed incorrect info --- .../app-behavior-with-wip.md | 2 +- .../collect-wip-audit-event-logs.md | 4 ++-- .../create-and-verify-an-efs-dra-certificate.md | 4 ++-- .../create-vpn-and-wip-policy-using-intune.md | 4 ++-- .../create-wip-policy-using-intune.md | 4 ++-- .../create-wip-policy-using-sccm.md | 14 +++++++------- .../enlightened-microsoft-apps-and-wip.md | 4 ++-- .../guidance-and-best-practices-wip.md | 4 ++-- .../mandatory-settings-for-wip.md | 4 ++-- .../overview-create-wip-policy.md | 4 ++-- .../protect-enterprise-data-using-wip.md | 4 ++-- .../recommended-network-definitions-for-wip.md | 4 ++-- .../testing-scenarios-for-wip.md | 4 ++-- .../using-owa-with-wip.md | 4 ++-- .../wip-app-enterprise-context.md | 4 ++-- 15 files changed, 34 insertions(+), 34 deletions(-) diff --git a/windows/threat-protection/windows-information-protection/app-behavior-with-wip.md b/windows/threat-protection/windows-information-protection/app-behavior-with-wip.md index d436e1e7a7..6f41240d2b 100644 --- a/windows/threat-protection/windows-information-protection/app-behavior-with-wip.md +++ b/windows/threat-protection/windows-information-protection/app-behavior-with-wip.md @@ -14,7 +14,7 @@ localizationpriority: high **Applies to:** - Windows 10, version 1607 and later -- Windows 10 Mobile +- Windows 10 Mobile, version 1607 and later Windows Information Protection (WIP) classifies apps into two categories: enlightened and unenlightened. Enlighted apps can differentiate between corporate and personal data, correctly determining which to protect based on internal policies. Corporate data is encrypted on the managed device and attempts to copy/paste or share this information with non-corporate apps or people will fail. Unenlightened apps, when marked as corporate-managed, consider all data corporate and encrypt everything by default. diff --git a/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs.md b/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs.md index fed5d91fb9..9316b2ab60 100644 --- a/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs.md +++ b/windows/threat-protection/windows-information-protection/collect-wip-audit-event-logs.md @@ -13,8 +13,8 @@ localizationpriority: high **Applies to:** -- Windows 10 and later -- Windows 10 Mobile and later +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later Windows Information Protection (WIP) creates audit events in the following situations: diff --git a/windows/threat-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md b/windows/threat-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md index ab2695ebf7..76d9d3a63c 100644 --- a/windows/threat-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md +++ b/windows/threat-protection/windows-information-protection/create-and-verify-an-efs-dra-certificate.md @@ -13,8 +13,8 @@ localizationpriority: high # Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate **Applies to:** -- Windows 10, version 1703 -- Windows 10 Mobile, version 1703 +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later If you don’t already have an EFS DRA certificate, you’ll need to create and extract one from your system before you can use Windows Information Protection (WIP), formerly known as enterprise data protection (EDP), in your organization. For the purposes of this section, we’ll use the file name EFSDRA; however, this name can be replaced with anything that makes sense to you. diff --git a/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md b/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md index a7f261c3e7..517a2ad07e 100644 --- a/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md +++ b/windows/threat-protection/windows-information-protection/create-vpn-and-wip-policy-using-intune.md @@ -14,8 +14,8 @@ localizationpriority: high # Create and deploy a VPN policy for Windows Information Protection (WIP) using Microsoft Intune **Applies to:** -- Windows 10, version 1607 -- Windows 10 Mobile +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later After you've created and deployed your Windows Information Protection (WIP) policy, you can use Microsoft Intune to create and deploy your Virtual Private Network (VPN) policy, linking it to your WIP policy. diff --git a/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md b/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md index 87beae20a0..49154d203f 100644 --- a/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md +++ b/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md @@ -412,12 +412,12 @@ There are no default locations included with WIP, you must add each of your netw Proxy servers proxy.contoso.com:80;proxy2.contoso.com:443 - Specify the proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in the Internal proxy servers list, which are used for non-WIP-protected traffic.

If you have multiple resources, you must separate them using the ";" delimiter. + Specify the proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in your Internal proxy servers list. Internal proxy servers must be used only for WIP-protected (enterprise) traffic.

If you have multiple resources, you must separate them using the ";" delimiter. Internal proxy servers contoso.internalproxy1.com;contoso.internalproxy2.com - Specify the proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in the Proxy servers list, which are used for WIP-protected traffic.

If you have multiple resources, you must separate them using the ";" delimiter. + Specify the proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in your Proxy servers list. Proxy servers must be used only for non-WIP-protected (non-enterprise) traffic.

If you have multiple resources, you must separate them using the ";" delimiter. IPv4 ranges diff --git a/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md b/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md index 91b8f3df68..d88247a0e4 100644 --- a/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md +++ b/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md @@ -14,9 +14,9 @@ localizationpriority: high # Create and deploy a Windows Information Protection (WIP) policy using System Center Configuration Manager **Applies to:** -- Windows 10, version 1607 -- Windows 10 Mobile -- System Center Configuration Manager +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later +- System Center Configuration Manager System Center Configuration Manager helps you create and deploy your Windows Information Protection (WIP) policy, including letting you choose your protected apps, your WIP-protection mode, and how to find enterprise data on the network. @@ -395,14 +395,14 @@ There are no default locations included with WIP, you must add each of your netw Specify the DNS suffixes used in your environment. All traffic to the fully-qualified domains appearing in this list will be protected.

This setting works with the IP ranges settings to detect whether a network endpoint is enterprise or personal on private networks.

If you have multiple resources, you must separate them using the "," delimiter. - Enterprise Proxy Servers + Proxy servers proxy.contoso.com:80;proxy2.contoso.com:443 - Specify your externally-facing proxy server addresses, along with the port through which traffic is allowed and protected with WIP.

This list shouldn’t include any servers listed in the Enterprise Internal Proxy Servers list, which are used for WIP-protected traffic.

This setting is also required if you use a proxy in your network. If you don't have a proxy server, you might find that enterprise resources are unavailable when a client is behind a proxy, such as when you’re visiting another company and not on that company’s guest network.

If you have multiple resources, you must separate them using the ";" delimiter. + Specify the proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in your Internal proxy servers list. Internal proxy servers must be used only for WIP-protected (enterprise) traffic.

If you have multiple resources, you must separate them using the ";" delimiter. - Enterprise Internal Proxy Servers + Internal proxy servers contoso.internalproxy1.com;contoso.internalproxy2.com - Specify the proxy servers your devices will go through to reach your cloud resources.

Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in the Enterprise Proxy Servers list, which are used for non-WIP-protected traffic.

If you have multiple resources, you must separate them using the ";" delimiter. + Specify the proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in your Proxy servers list. Proxy servers must be used only for non-WIP-protected (non-enterprise) traffic.

If you have multiple resources, you must separate them using the ";" delimiter. Enterprise IPv4 Range (Required) diff --git a/windows/threat-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md b/windows/threat-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md index 5555cd3892..77df2d4e51 100644 --- a/windows/threat-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md +++ b/windows/threat-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md @@ -15,8 +15,8 @@ localizationpriority: high **Applies to:** -- Windows 10, version 1607 and later -- Windows 10 Mobile +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later Learn the difference between enlightened and unenlightened apps, and then review the list of enlightened apps provided by Microsoft along with the text you will need to use to add them to your allowed apps list. diff --git a/windows/threat-protection/windows-information-protection/guidance-and-best-practices-wip.md b/windows/threat-protection/windows-information-protection/guidance-and-best-practices-wip.md index a0cabb4a95..af85cdebaf 100644 --- a/windows/threat-protection/windows-information-protection/guidance-and-best-practices-wip.md +++ b/windows/threat-protection/windows-information-protection/guidance-and-best-practices-wip.md @@ -14,8 +14,8 @@ localizationpriority: high # General guidance and best practices for Windows Information Protection (WIP) **Applies to:** -- Windows 10, version 1607 and later -- Windows 10 Mobile +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later This section includes info about the enlightened Microsoft apps, including how to add them to your allowed apps list in Microsoft Intune. It also includes some testing scenarios that we recommend running through with Windows Information Protection (WIP). diff --git a/windows/threat-protection/windows-information-protection/mandatory-settings-for-wip.md b/windows/threat-protection/windows-information-protection/mandatory-settings-for-wip.md index 096d363084..d4b9837475 100644 --- a/windows/threat-protection/windows-information-protection/mandatory-settings-for-wip.md +++ b/windows/threat-protection/windows-information-protection/mandatory-settings-for-wip.md @@ -13,8 +13,8 @@ localizationpriority: high # Mandatory tasks and settings required to turn on Windows Information Protection (WIP) **Applies to:** -- Windows 10, version 1703 -- Windows 10 Mobile, version 1703 +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later This list provides all of the tasks and settings that are required for the operating system to turn on Windows Information Protection (WIP), formerly known as enterprise data protection (EDP), in your enterprise. diff --git a/windows/threat-protection/windows-information-protection/overview-create-wip-policy.md b/windows/threat-protection/windows-information-protection/overview-create-wip-policy.md index b2b23e5275..eb659e55c3 100644 --- a/windows/threat-protection/windows-information-protection/overview-create-wip-policy.md +++ b/windows/threat-protection/windows-information-protection/overview-create-wip-policy.md @@ -13,8 +13,8 @@ localizationpriority: high # Create a Windows Information Protection (WIP) policy **Applies to:** -- Windows 10, version 1607 and later -- Windows 10 Mobile +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later Microsoft Intune and System Center Configuration Manager helps you create and deploy your enterprise data protection (WIP) policy, including letting you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network. diff --git a/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip.md b/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip.md index 534d29dde5..896d97f4a0 100644 --- a/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip.md +++ b/windows/threat-protection/windows-information-protection/protect-enterprise-data-using-wip.md @@ -14,8 +14,8 @@ localizationpriority: high # Protect your enterprise data using Windows Information Protection (WIP) **Applies to:** -- Windows 10, version 1703 -- Windows 10 Mobile, version 1703 +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare). diff --git a/windows/threat-protection/windows-information-protection/recommended-network-definitions-for-wip.md b/windows/threat-protection/windows-information-protection/recommended-network-definitions-for-wip.md index ca34c042a9..0d5eb4ca6f 100644 --- a/windows/threat-protection/windows-information-protection/recommended-network-definitions-for-wip.md +++ b/windows/threat-protection/windows-information-protection/recommended-network-definitions-for-wip.md @@ -14,8 +14,8 @@ localizationpriority: high **Applies to:** -- Windows 10, version 1607 and later -- Windows 10 Mobile +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare). diff --git a/windows/threat-protection/windows-information-protection/testing-scenarios-for-wip.md b/windows/threat-protection/windows-information-protection/testing-scenarios-for-wip.md index a2d5c9f975..a46e4231ad 100644 --- a/windows/threat-protection/windows-information-protection/testing-scenarios-for-wip.md +++ b/windows/threat-protection/windows-information-protection/testing-scenarios-for-wip.md @@ -14,8 +14,8 @@ localizationpriority: high # Testing scenarios for Windows Information Protection (WIP) **Applies to:** -- Windows 10, version 1607 and later -- Windows 10 Mobile +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later We've come up with a list of suggested testing scenarios that you can use to test Windows Information Protection (WIP) in your company. diff --git a/windows/threat-protection/windows-information-protection/using-owa-with-wip.md b/windows/threat-protection/windows-information-protection/using-owa-with-wip.md index eaf4299596..d60d0bf4ad 100644 --- a/windows/threat-protection/windows-information-protection/using-owa-with-wip.md +++ b/windows/threat-protection/windows-information-protection/using-owa-with-wip.md @@ -13,8 +13,8 @@ localizationpriority: high # Using Outlook on the web with Windows Information Protection (WIP) **Applies to:** -- Windows 10, version 1607 and later -- Windows 10 Mobile +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare). diff --git a/windows/threat-protection/windows-information-protection/wip-app-enterprise-context.md b/windows/threat-protection/windows-information-protection/wip-app-enterprise-context.md index 107cfa5c1f..c3c1f07f56 100644 --- a/windows/threat-protection/windows-information-protection/wip-app-enterprise-context.md +++ b/windows/threat-protection/windows-information-protection/wip-app-enterprise-context.md @@ -13,8 +13,8 @@ localizationpriority: high # Determine the Enterprise Context of an app running in Windows Information Protection (WIP) **Applies to:** -- Windows 10, version 1607 and later -- Windows 10 Mobile +- Windows 10, version 1607 and later +- Windows 10 Mobile, version 1607 and later >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare). From f078bdef3c2b76f0b10f2ac0d4c1369ad1673d7a Mon Sep 17 00:00:00 2001 From: LizRoss Date: Tue, 25 Apr 2017 08:18:59 -0700 Subject: [PATCH 2/2] Fixed error --- .../create-wip-policy-using-intune.md | 2 +- .../create-wip-policy-using-sccm.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md b/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md index 49154d203f..fea2c0a721 100644 --- a/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md +++ b/windows/threat-protection/windows-information-protection/create-wip-policy-using-intune.md @@ -417,7 +417,7 @@ There are no default locations included with WIP, you must add each of your netw Internal proxy servers contoso.internalproxy1.com;contoso.internalproxy2.com - Specify the proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in your Proxy servers list. Proxy servers must be used only for non-WIP-protected (non-enterprise) traffic.

If you have multiple resources, you must separate them using the ";" delimiter. + Specify the internal proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in your Proxy servers list. Proxy servers must be used only for non-WIP-protected (non-enterprise) traffic.

If you have multiple resources, you must separate them using the ";" delimiter. IPv4 ranges diff --git a/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md b/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md index d88247a0e4..828d6becd9 100644 --- a/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md +++ b/windows/threat-protection/windows-information-protection/create-wip-policy-using-sccm.md @@ -387,7 +387,7 @@ There are no default locations included with WIP, you must add each of your netw Enterprise Cloud Resources With proxy: contoso.sharepoint.com,contoso.internalproxy1.com|
contoso.visualstudio.com,contoso.internalproxy2.com

Without proxy: contoso.sharepoint.com|contoso.visualstudio.com - Specify the cloud resources to be treated as corporate and protected by WIP.

For each cloud resource, you may also optionally specify a proxy server from your Enterprise Internal Proxy Servers list to route traffic for this cloud resource. Be aware that all traffic routed through your Enterprise Internal Proxy Servers is considered enterprise.

If you have multiple resources, you must separate them using the "|" delimiter. If you don’t use proxy servers, you must also include the "," delimiter just before the "|". For example: URL <,proxy>|URL <,proxy>.

Important
In some cases, such as when an app connects directly to a cloud resource through an IP address, Windows can’t tell whether it’s attempting to connect to an enterprise cloud resource or to a personal site. In this case, Windows blocks the connection by default. To stop Windows from automatically blocking these connections, you can add the /*AppCompat*/ string to the setting. For example: URL <,proxy>|URL <,proxy>|/*AppCompat*/. + Specify the cloud resources to be treated as corporate and protected by WIP.

For each cloud resource, you may also optionally specify a proxy server from your Internal proxy servers list to route traffic for this cloud resource. Be aware that all traffic routed through your Internal proxy servers is considered enterprise.

If you have multiple resources, you must separate them using the "|" delimiter. If you don’t use proxy servers, you must also include the "," delimiter just before the "|". For example: URL <,proxy>|URL <,proxy>.

Important
In some cases, such as when an app connects directly to a cloud resource through an IP address, Windows can’t tell whether it’s attempting to connect to an enterprise cloud resource or to a personal site. In this case, Windows blocks the connection by default. To stop Windows from automatically blocking these connections, you can add the /*AppCompat*/ string to the setting. For example: URL <,proxy>|URL <,proxy>|/*AppCompat*/. Enterprise Network Domain Names (Required) @@ -402,7 +402,7 @@ There are no default locations included with WIP, you must add each of your netw Internal proxy servers contoso.internalproxy1.com;contoso.internalproxy2.com - Specify the proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in your Proxy servers list. Proxy servers must be used only for non-WIP-protected (non-enterprise) traffic.

If you have multiple resources, you must separate them using the ";" delimiter. + Specify the internal proxy servers your devices will go through to reach your cloud resources. Using this server type indicates that the cloud resources you’re connecting to are enterprise resources.

This list shouldn’t include any servers listed in your Proxy servers list. Proxy servers must be used only for non-WIP-protected (non-enterprise) traffic.

If you have multiple resources, you must separate them using the ";" delimiter. Enterprise IPv4 Range (Required)