deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 21:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' into mdt11

Browse Source
This commit is contained in:
Greg Lindsay 2021-10-04 13:32:00 -07:00 committed by GitHub
commit 78217671c5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 76 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.openpublishing.redirection.json
View File

@ -19065,6 +19065,11 @@
"redirect_url": "/windows/deployment/waas-manage-updates-wufb",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-security-baselines.md",
"redirect_url": "/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines",
"redirect_document_id": false
},
{
"source_path": "windows/deployment/update/change-history-for-update-windows-10.md",
"redirect_url": "/windows/deployment/deploy-whats-new",

7
windows/privacy/manage-windows-11-endpoints.md
View File

@ -68,6 +68,8 @@ The following methodology was used to derive these network endpoints:
|||HTTP|dmd.metaservices.microsoft.com|
|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||TLSv1.2/HTTPS/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||HTTP|www.microsoft.com|
||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information will not be sent back to Microsoft.|TLSv1.2|telecommand.telemetry.microsoft.com|
|||TLS v1.2/HTTPS/HTTP|watson.*.microsoft.com|
|Font Streaming|The following endpoints are used to download fonts on demand. If you turn off traffic for these endpoints, you will not be able to download fonts on demand.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#6-font-streaming)|
@ -79,8 +81,9 @@ The following methodology was used to derive these network endpoints:
|Microsoft Account|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-microsoft-account)|
||The following endpoints are used for Microsoft accounts to sign in. If you turn off traffic for these endpoints, users cannot sign in with Microsoft accounts. |TLSv1.2/HTTPS|login.live.com|
|Microsoft Edge|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#13-microsoft-edge)|
||This network traffic is related to the Microsoft Edge browser. The Microsoft Edge browser requires this endpoint to contact external websites.|HTTPS|iecvlist.microsoft.com|
||This traffic is related to the Microsoft Edge browser.|HTTPS|iecvlist.microsoft.com|
||The following endpoint is used by Microsoft Edge Update service to check for new updates. If you disable this endpoint, Microsoft Edge wont be able to check for and apply new edge updates.|TLSv1.2/HTTPS/HTTP|msedge.api.cdp.microsoft.com|
|Microsoft forward link redirection service (FWLink)|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. If you disable this endpoint, Windows Defender won't be able to update its malware definitions; links from Windows and other Microsoft products to the Web won't work; and PowerShell updateable Help won't update. To disable the traffic, instead disable the traffic that's getting forwarded.|HTTP|go.microsoft.com|
|Microsoft Store|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps cannot be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com.akamaized.net|
||The following endpoint is needed to load the content in the Microsoft Store app.|HTTPS|livetileedge.dsx.mp.microsoft.com|
@ -111,7 +114,7 @@ The following methodology was used to derive these network endpoints:
|||TLSv1.2/HTTPS/HTTP|config.edge.skype.com|
|Teams|The following endpoint is used for Microsoft Teams application.||[Learn how to turn off traffic to all of the following endpoint(s).]( manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
|||TLSv1.2/HTTPS/HTTP|config.teams.microsoft.com|
|Microsoft Defender Antivirus|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device will not use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device will not use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
|||HTTPS/TLSv1.2|wdcp.microsoft.com|
||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications will not appear.|HTTPS|*smartscreen-prod.microsoft.com|
|||HTTPS/HTTP|checkappexec.microsoft.com|

4
windows/privacy/manage-windows-21H1-endpoints.md
View File

@ -65,8 +65,10 @@ The following methodology was used to derive these network endpoints:
||The following endpoint is used to authenticate a device. If you turn off traffic for this endpoint, the device will not be authenticated.|HTTPS|login.live.com*|
|Device metadata|The following endpoint is used to retrieve device metadata. If you turn off traffic for this endpoint, metadata will not be updated for the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#4-device-metadata-retrieval)|
|||HTTP|dmd.metaservices.microsoft.com|
|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. <br/>If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|Diagnostic Data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. ||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-feedback)|
|||TLSv1.2/HTTPS/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||HTTP|www.microsoft.com|
||The following endpoints are used by Windows Error Reporting. To turn off traffic for these endpoints, enable the following Group Policy: Administrative Templates > Windows Components > Windows Error Reporting > Disable Windows Error Reporting. This means error reporting information will not be sent back to Microsoft.|TLSv1.2|telecommand.telemetry.microsoft.com|
|||TLS v1.2/HTTPS/HTTP|watson.*.microsoft.com|
|Font Streaming|The following endpoints are used to download fonts on demand. If you turn off traffic for these endpoints, you will not be able to download fonts on demand.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#6-font-streaming)|

59
windows/privacy/windows-11-endpoints-non-enterprise-editions.md
View File

@ -31,7 +31,7 @@ The following methodology was used to derive the network endpoints:
5. The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
6. All traffic was captured in our lab using a IPV4 network. Therefore, no IPV6 traffic is reported here.
7. These tests were conducted in an approved Microsoft lab. It's possible your results may be different.
8. These tests were conducted for one week. If you capture traffic for longer, you may have different results.
8. These tests were conducted for one week. If you capture traffic for longer you may have different results.
> [!NOTE]
> Microsoft uses global load balancers that can appear in network trace-routes. For example, an endpoint for *.akadns.net might be used to load balance requests to an Azure datacenter, which can change over time.
@ -40,7 +40,7 @@ The following methodology was used to derive the network endpoints:
| **Area** | **Description** | **Protocol** | **Destination** |
|-----------|--------------- |------------- |-----------------|
| Activity Feed Service |The following endpoints are used by Activity Feed Service, which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
| Activity Feed Service |The following endpoints are used by Activity Feed Service which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
|Apps|The following endpoints are used for the Weather app.|TLSv1.2/HTTPS/HTTP|tile-service.weather.microsoft.com|
||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser.|TLSv1.2/HTTPS/HTTP|evoke-windowsservices-tas.msedge.net|
||The following endpoint is used for OneNote Live Tile.|HTTPS/HTTP|cdn.onenote.net|
@ -53,7 +53,9 @@ The following methodology was used to derive the network endpoints:
|Device authentication|The following endpoint is used to authenticate a device.|HTTPS|login.live.com*|
|Device Directory Service|Used by Device Directory Service to keep track of user-device associations and storing metadata about the devices.|HTTPS/HTTP|cs.dds.microsoft.com|
|Device metadata|The following endpoint is used to retrieve device metadata.|TLSv1.2/HTTP|dmd.metaservices.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. <br/>If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||TLSv1.2/HTTP|www.microsoft.com|
||The following endpoints are used by Windows Error Reporting.|TLSv1.2/HTTPS/HTTP|watson.telemetry.microsoft.com|
|Font Streaming|The following endpoints are used to download fonts on demand.|TLSv1.2/HTTPS|fs.microsoft.com*|
|Licensing|The following endpoint is used for online activation and some app licensing.|HTTPS/HTTP|*licensing.mp.microsoft.com|
@ -104,7 +106,8 @@ The following methodology was used to derive the network endpoints:
|||TLSv1.2|definitionupdates.microsoft.com|
||The following endpoints are used for Windows Defender SmartScreen reporting and notifications.|TLSv1.2|*.smartscreen.microsoft.com|
|||TLSv1.2/HTTP|checkappexec.microsoft.com|
|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips.|TLSv1.2/HTTPS/HTTP|arc.msn.com*</br>ris.api.iris.microsoft.com|
|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips.|TLSv1.2/HTTPS/HTTP|arc.msn.com*|
|||TLSv1.2/HTTPS/HTTP|ris.api.iris.microsoft.com|
|||HTTPS|mucp.api.account.microsoft.com|
|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers.|TLSv1.2/HTTPS/HTTP|*.prod.do.dsp.mp.microsoft.com|
|||TLSv1.2/HTTP|emdl.ws.microsoft.com|
@ -114,16 +117,18 @@ The following methodology was used to derive the network endpoints:
||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store to help keep the device secure.|TLSv1.2/HTTPS/HTTP|*.update.microsoft.com|
||The following endpoint is used for compatibility database updates for Windows.|HTTP/HTTPS|adl.windows.com|
||The following endpoint is used for content regulation.|TLSv1.2/HTTPS/HTTP|tsfe.trafficshaping.dsp.mp.microsoft.com|
|Xbox Live|The following endpoints are used for Xbox Live.|TLSv1.2/HTTPS/HTTP|dlassets-ssl.xboxlive.com|
|Xbox Live|The following endpoints are used for Xbox Live.|
|||TLSv1.2/HTTPS/HTTP|dlassets-ssl.xboxlive.com|
|||TLSv1.2/HTTPS|da.xboxservices.com|
|||HTTPS|www.xboxab.com|
|
## Windows 11 Pro
| **Area** | **Description** | **Protocol** | **Destination** |
| --- | --- | --- | ---|
| Activity Feed Service |The following endpoints are used by Activity Feed Service, which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
| Activity Feed Service |The following endpoints are used by Activity Feed Service which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
|Apps|The following endpoints are used for the Weather app.|TLSv1.2/HTTPS/HTTP|tile-service.weather.microsoft.com|
||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser.|TLSv1.2/HTTPS/HTTP|evoke-windowsservices-tas.msedge.net|
||The following endpoint is used for OneNote Live Tile.|HTTPS/HTTP|cdn.onenote.net|
@ -132,13 +137,16 @@ The following methodology was used to derive the network endpoints:
|Cortana and Live Tiles|The following endpoints are related to Cortana and Live Tiles|TLSv1.2/HTTPS/HTTP|www.bing.com*|
|Device authentication|The following endpoint is used to authenticate a device.|HTTPS|login.live.com*|
|Device metadata|The following endpoint is used to retrieve device metadata.|TLSv1.2/HTTP|dmd.metaservices.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. <br/>If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft. |TLSv1.2/HTTP|v10.events.data.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||TLSv1.2/HTTP|www.microsoft.com|
||The following endpoints are used by Windows Error Reporting.|TLSv1.2/HTTPS/HTTP|watson.telemetry.microsoft.com|
|Font Streaming|The following endpoints are used to download fonts on demand.|TLSv1.2/HTTPS|fs.microsoft.com*|
|Licensing|The following endpoint is used for online activation and some app licensing.|HTTPS/HTTP|*licensing.mp.microsoft.com|
|Maps|The following endpoints are used to check for updates to maps that have been downloaded for offline use.|HTTPS/HTTP|maps.windows.com|
|Microsoft Account|The following endpoints are used for Microsoft accounts to sign in. |TLSv1.2/HTTPS/HTTP|*login.live.com|
|Microsoft Edge|The following endpoint is used by Microsoft Edge Update service to check for new updates. If you disable this endpoint, Microsoft Edge wont be able to check for and apply new edge updates. |HTTPS/HTTP|msedge.api.cdp.microsoft.com|
|Microsoft Account|The following endpoints are used for Microsoft accounts to sign in|TLSv1.2/HTTPS/HTTP|*login.live.com|
|Microsoft Edge|The following endpoint is used by Microsoft Edge Update service to check for new updates.|HTTPS/HTTP|msedge.api.cdp.microsoft.com|
|Microsoft forward link redirection|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer|TLSv1.2/HTTPS/HTTP|go.microsoft.com|
|Microsoft Store|The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps)|TLSv1.2/HTTPS/HTTP|img-prod-cms-rt-microsoft-com.akamaized.net|
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way.|TLSv1.2/HTTPS|*.wns.windows.com|
||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store.|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
@ -167,11 +175,13 @@ The following methodology was used to derive the network endpoints:
|Skype|The following endpoint is used to retrieve Skype configuration values.|TLSv1.2/HTTPS/HTTP|*.pipe.aria.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|config.edge.skype.com|
|Teams|The following endpoint is used for Microsoft Teams application.|TLSv1.2/HTTPS/HTTP|config.teams.microsoft.com|
|Microsoft Defender Antivirus|The following endpoints are used for Windows Defender when Cloud-based Protection is enabled|TLSv1.2/HTTPS|wdcp.microsoft.com</br>wdcpalt.microsoft.com|
|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled|TLSv1.2/HTTPS|wdcp.microsoft.com|
||||wdcpalt.microsoft.com|
|||HTTPS/HTTP|*.smartscreen-prod.microsoft.com|
||The following endpoints are used for Windows Defender SmartScreen reporting and notifications.|TLSv1.2|*.smartscreen.microsoft.com|
|||TLSv1.2/HTTP|checkappexec.microsoft.com|
|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips.|TLSv1.2/HTTPS/HTTP|arc.msn.com*</br>ris.api.iris.microsoft.com|
|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips.|TLSv1.2/HTTPS/HTTP|arc.msn.com*|
|||TLSv1.2/HTTPS/HTTP|ris.api.iris.microsoft.com|
|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers.|TLSv1.2/HTTPS/HTTP|*.prod.do.dsp.mp.microsoft.com|
|||TLSv1.2/HTTP|emdl.ws.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|*.dl.delivery.mp.microsoft.com|
@ -180,17 +190,16 @@ The following methodology was used to derive the network endpoints:
||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store to help keep the device secure.|TLSv1.2/HTTPS/HTTP|*.update.microsoft.com|
||The following endpoint is used for compatibility database updates for Windows.|HTTP/HTTPS|adl.windows.com|
||The following endpoint is used for content regulation.|TLSv1.2/HTTPS/HTTP|tsfe.trafficshaping.dsp.mp.microsoft.com|
|Xbox Live|The following endpoints are used for Xbox Live.|TLSv1.2/HTTPS/HTTP|dlassets-ssl.xboxlive.com|
|Xbox Live|The following endpoints are used for Xbox Live.|
|||TLSv1.2/HTTPS/HTTP|dlassets-ssl.xboxlive.com|
|||TLSv1.2/HTTPS|da.xboxservices.com|
|
## Windows 11 Education
| **Area** | **Description** | **Protocol** | **Destination** |
| --- | --- | --- | ---|
| Activity Feed Service |The following endpoints are used by Activity Feed Service, which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
| Activity Feed Service |The following endpoints are used by Activity Feed Service which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
|Apps|The following endpoints are used for the Weather app.|TLSv1.2/HTTPS/HTTP|tile-service.weather.microsoft.com|
||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser.|TLSv1.2/HTTPS/HTTP|evoke-windowsservices-tas.msedge.net|
||The following endpoint is used for OneNote Live Tile.|HTTPS/HTTP|cdn.onenote.net|
@ -201,14 +210,17 @@ The following methodology was used to derive the network endpoints:
|||TLSv1.2|odinvzc.azureedge.net|
|||TLSv1.2|b-ring.msedge.net|
|Device metadata|The following endpoint is used to retrieve device metadata.|TLSv1.2/HTTP|dmd.metaservices.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. <br/>If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||TLSv1.2/HTTP|www.microsoft.com|
||The following endpoints are used by Windows Error Reporting.|TLSv1.2/HTTPS/HTTP|watson.telemetry.microsoft.com|
|Font Streaming|The following endpoints are used to download fonts on demand.|TLSv1.2/HTTPS|fs.microsoft.com*|
|Licensing|The following endpoint is used for online activation and some app licensing.|HTTPS/HTTP|*licensing.mp.microsoft.com|
|Location|The following endpoints are used for location data.|TLSV1.2|inference.location.live.net|
|Maps|The following endpoints are used to check for updates to maps that have been downloaded for offline use.|HTTPS/HTTP|maps.windows.com|
|Microsoft Account|The following endpoints are used for Microsoft accounts to sign in|TLSv1.2/HTTPS/HTTP|*login.live.com|
|Microsoft Edge|The following endpoint is used by Microsoft Edge Update service to check for new updates. If you disable this endpoint, Microsoft Edge wont be able to check for and apply new edge updates.|HTTPS/HTTP|msedge.api.cdp.microsoft.com|
|Microsoft Edge|The following endpoint is used by Microsoft Edge Update service to check for new updates.|HTTPS/HTTP|msedge.api.cdp.microsoft.com|
|Microsoft forward link redirection|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer|TLSv1.2/HTTPS/HTTP|go.microsoft.com|
|Microsoft Store|The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps)|TLSv1.2/HTTPS/HTTP|img-prod-cms-rt-microsoft-com.akamaized.net|
||The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way.|TLSv1.2/HTTPS|*.wns.windows.com|
||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store.|TLSv1.2/HTTPS/HTTP|storecatalogrevocation.storequality.microsoft.com|
@ -229,11 +241,13 @@ The following methodology was used to derive the network endpoints:
|Skype|The following endpoint is used to retrieve Skype configuration values.|TLSv1.2/HTTPS/HTTP|*.pipe.aria.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|config.edge.skype.com|
|Teams|The following endpoint is used for Microsoft Teams application.|TLSv1.2/HTTPS/HTTP|config.teams.microsoft.com|
|Microsoft Defender Antivirus|The following endpoints are used for Windows Defender when Cloud-based Protection is enabled|TLSv1.2/HTTPS|wdcp.microsoft.com</br>wdcpalt.microsoft.com|
|Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled|TLSv1.2/HTTPS|wdcp.microsoft.com|
||||wdcpalt.microsoft.com|
|||HTTPS/HTTP|*.smartscreen-prod.microsoft.com|
||The following endpoints are used for Windows Defender SmartScreen reporting and notifications.|TLSv1.2|*.smartscreen.microsoft.com|
|||TLSv1.2/HTTP|checkappexec.microsoft.com|
|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips.|TLSv1.2/HTTPS/HTTP|arc.msn.com*</br>ris.api.iris.microsoft.com|
|Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips.|TLSv1.2/HTTPS/HTTP|arc.msn.com*|
|||TLSv1.2/HTTPS/HTTP|ris.api.iris.microsoft.com|
|Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers.|TLSv1.2/HTTPS/HTTP|*.prod.do.dsp.mp.microsoft.com|
|||TLSv1.2/HTTP|emdl.ws.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|*.dl.delivery.mp.microsoft.com|
@ -242,5 +256,6 @@ The following methodology was used to derive the network endpoints:
||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store to help keep the device secure.|TLSv1.2/HTTPS/HTTP|*.update.microsoft.com|
||The following endpoint is used for compatibility database updates for Windows.|HTTP/HTTPS|adl.windows.com|
||The following endpoint is used for content regulation.|TLSv1.2/HTTPS/HTTP|tsfe.trafficshaping.dsp.mp.microsoft.com|
|Xbox Live|The following endpoints are used for Xbox Live.|TLSv1.2/HTTPS/HTTP|dlassets-ssl.xboxlive.com|
|Xbox Live|The following endpoints are used for Xbox Live.|
|||TLSv1.2/HTTPS/HTTP|dlassets-ssl.xboxlive.com|
|||TLSv1.2/HTTPS|da.xboxservices.com|

20
windows/privacy/windows-endpoints-21H1-non-enterprise-editions.md
View File

@ -33,7 +33,7 @@ The following methodology was used to derive the network endpoints:
5. The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
6. All traffic was captured in our lab using a IPV4 network. Therefore, no IPV6 traffic is reported here.
7. These tests were conducted in an approved Microsoft lab. It's possible your results may be different.
8. These tests were conducted for one week. If you capture traffic for longer, you may have different results.
8. These tests were conducted for one week. If you capture traffic for longer you may have different results.
> [!NOTE]
> Microsoft uses global load balancers that can appear in network trace-routes. For example, an endpoint for *.akadns.net might be used to load balance requests to an Azure datacenter, which can change over time.
@ -42,7 +42,7 @@ The following methodology was used to derive the network endpoints:
| **Area** | **Description** | **Protocol** | **Destination** |
|-----------|--------------- |------------- |-----------------|
| Activity Feed Service |The following endpoints are used by Activity Feed Service, which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
| Activity Feed Service |The following endpoints are used by Activity Feed Service which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
|Apps|The following endpoints are used for the Weather app.|TLSv1.2/HTTPS/HTTP|tile-service.weather.microsoft.com|
||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser.|TLSv1.2/HTTPS/HTTP|evoke-windowsservices-tas.msedge.net|
||The following endpoint is used for OneNote Live Tile.|HTTPS/HTTP|cdn.onenote.net|
@ -55,7 +55,9 @@ The following methodology was used to derive the network endpoints:
|Device authentication|The following endpoint is used to authenticate a device.|HTTPS|login.live.com*|
|Device Directory Service|Used by Device Directory Service to keep track of user-device associations and storing metadata about the devices.|HTTPS/HTTP|cs.dds.microsoft.com|
|Device metadata|The following endpoint is used to retrieve device metadata.|TLSv1.2/HTTP|dmd.metaservices.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. <br/>If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||TLSv1.2/HTTP|www.microsoft.com|
||The following endpoints are used by Windows Error Reporting.|TLSv1.2/HTTPS/HTTP|watson.telemetry.microsoft.com|
|Font Streaming|The following endpoints are used to download fonts on demand.|TLSv1.2/HTTPS|fs.microsoft.com*|
|Licensing|The following endpoint is used for online activation and some app licensing.|HTTPS/HTTP|*licensing.mp.microsoft.com|
@ -131,7 +133,7 @@ The following methodology was used to derive the network endpoints:
| **Area** | **Description** | **Protocol** | **Destination** |
| --- | --- | --- | ---|
| Activity Feed Service |The following endpoints are used by Activity Feed Service, which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
| Activity Feed Service |The following endpoints are used by Activity Feed Service which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
|Apps|The following endpoints are used for the Weather app.|TLSv1.2/HTTPS/HTTP|tile-service.weather.microsoft.com|
||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser.|TLSv1.2/HTTPS/HTTP|evoke-windowsservices-tas.msedge.net|
||The following endpoint is used for OneNote Live Tile.|HTTPS/HTTP|cdn.onenote.net|
@ -140,7 +142,9 @@ The following methodology was used to derive the network endpoints:
|Cortana and Live Tiles|The following endpoints are related to Cortana and Live Tiles|TLSv1.2/HTTPS/HTTP|www.bing.com*|
|Device authentication|The following endpoint is used to authenticate a device.|HTTPS|login.live.com*|
|Device metadata|The following endpoint is used to retrieve device metadata.|TLSv1.2/HTTP|dmd.metaservices.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. <br/>If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||TLSv1.2/HTTP|www.microsoft.com|
||The following endpoints are used by Windows Error Reporting.|TLSv1.2/HTTPS/HTTP|watson.telemetry.microsoft.com|
|Font Streaming|The following endpoints are used to download fonts on demand.|TLSv1.2/HTTPS|fs.microsoft.com*|
|Licensing|The following endpoint is used for online activation and some app licensing.|HTTPS/HTTP|*licensing.mp.microsoft.com|
@ -200,7 +204,7 @@ The following methodology was used to derive the network endpoints:
| **Area** | **Description** | **Protocol** | **Destination** |
| --- | --- | --- | ---|
| Activity Feed Service |The following endpoints are used by Activity Feed Service, which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
| Activity Feed Service |The following endpoints are used by Activity Feed Service which enables multiple cross-device data roaming scenarios on Windows|TLSv1.2/HTTPS/HTTP|activity.windows.com|
|Apps|The following endpoints are used for the Weather app.|TLSv1.2/HTTPS/HTTP|tile-service.weather.microsoft.com|
||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser.|TLSv1.2/HTTPS/HTTP|evoke-windowsservices-tas.msedge.net|
||The following endpoint is used for OneNote Live Tile.|HTTPS/HTTP|cdn.onenote.net|
@ -211,7 +215,9 @@ The following methodology was used to derive the network endpoints:
|||TLSv1.2|odinvzc.azureedge.net|
|||TLSv1.2|b-ring.msedge.net|
|Device metadata|The following endpoint is used to retrieve device metadata.|TLSv1.2/HTTP|dmd.metaservices.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service. <br/>If you turn off traffic for this endpoint, diagnostic and usage information, which helps Microsoft find and fix problems and improve our products and services, will not be sent back to Microsoft.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|Diagnostic data|The following endpoints are used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service.|TLSv1.2/HTTP|v10.events.data.microsoft.com|
|||TLSv1.2/HTTPS/HTTP|v20.events.data.microsoft.com|
|||TLSv1.2/HTTP|www.microsoft.com|
||The following endpoints are used by Windows Error Reporting.|TLSv1.2/HTTPS/HTTP|watson.telemetry.microsoft.com|
|Font Streaming|The following endpoints are used to download fonts on demand.|TLSv1.2/HTTPS|fs.microsoft.com*|
|Licensing|The following endpoint is used for online activation and some app licensing.|HTTPS/HTTP|*licensing.mp.microsoft.com|

5
windows/security/operating-system.md
View File

@ -19,6 +19,11 @@ ms.date: 09/21/2021
Security and privacy depend on an operating system that guards your system and information from the moment it starts up, providing fundamental chip-to-cloud protection. Windows 11 is the most secure Windows yet with extensive security measures designed to help keep you safe. These measures include built-in advanced encryption and data protection, robust network and system security, and intelligent safeguards against ever-evolving threats.
Watch the latest [Microsoft Mechanics](https://www.youtube.com/channel/UCJ9905MRHxwLZ2jeNQGIWxA) video that shows off some of the latest Windows 11 security technology.
> [!VIDEO https://www.youtube.com/watch?v=2RTwGNyhSy8]
<br/><br/>
Use the links in the following table to learn more about the operating system security features and capabilities in Windows 11.<br/><br/>
| Security Measures | Features & Capabilities |

83
windows/security/threat-protection/windows-security-baselines.md
View File

@ -1,83 +0,0 @@
---
title: Windows security baselines
description: Learn how to use Windows security baselines in your organization. Specific to Windows 10, Windows Server, and Microsoft 365 Apps for enterprise.
keywords: virtualization, security, malware
ms.prod: m365-security
ms.mktglfcycl: deploy
ms.localizationpriority: medium
ms.author: dansimp
author: dulcemontemayor
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
ms.date: 06/25/2018
ms.reviewer:
ms.technology: mde
---
# Windows security baselines
**Applies to**
- Windows 10
- Windows Server
- Microsoft 365 Apps for enterprise
- Microsoft Edge
## Using security baselines in your organization
Microsoft is dedicated to providing its customers with secure operating systems, such as Windows 10 and Windows Server, and secure apps, such as Microsoft Edge. In addition to the security assurance of its products, Microsoft also enables you to have fine control over your environments by providing various configuration capabilities.
Even though Windows and Windows Server are designed to be secure out-of-the-box, many organizations still want more granular control over their security configurations. To navigate the large number of controls, organizations need guidance on configuring various security features. Microsoft provides this guidance in the form of security baselines.
We recommend that you implement an industry-standard configuration that is broadly known and well-tested, such as Microsoft security baselines, as opposed to creating a baseline yourself. This helps increase flexibility and reduce costs.
Here is a good blog about [Sticking with Well-Known and Proven Solutions](/archive/blogs/fdcc/sticking-with-well-known-and-proven-solutions).
## What are security baselines?
Every organization faces security threats. However, the types of security threats that are of most concern to one organization can be completely different from another organization. For example, an e-commerce company may focus on protecting its Internet-facing web apps, while a hospital may focus on protecting confidential patient information. The one thing that all organizations have in common is a need to keep their apps and devices secure. These devices must be compliant with the security standards (or security baselines) defined by the organization.
A security baseline is a group of Microsoft-recommended configuration settings that explains their security impact. These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and customers.
## Why are security baselines needed?
Security baselines are an essential benefit to customers because they bring together expert knowledge from Microsoft, partners, and customers.
For example, there are over 3,000 Group Policy settings for Windows 10, which does not include over 1,800 Internet Explorer 11 settings. Of these 4,800 settings, only some are security-related. Although Microsoft provides extensive guidance on different security features, exploring each one can take a long time. You would have to determine the security impact of each setting on your own. Then, you would still need to determine the appropriate value for each setting.
In modern organizations, the security threat landscape is constantly evolving, and IT pros and policy-makers must keep up with security threats and make required changes to Windows security settings to help mitigate these threats. To enable faster deployments and make managing Windows easier, Microsoft provides customers with security baselines that are available in consumable formats, such as Group Policy Objects Backups.
## How can you use security baselines?
You can use security baselines to:
- Ensure that user and device configuration settings are compliant with the baseline.
- Set configuration settings. For example, you can use Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline.
## Where can I get the security baselines?
You can download the security baselines from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55319). This download page is for the Security Compliance Toolkit (SCT), which comprises tools that can assist admins in managing baselines in addition to the security baselines.
The security baselines are included in the [Security Compliance Toolkit (SCT)](security-compliance-toolkit-10.md), which can be downloaded from the Microsoft Download Center. The SCT also includes tools to help admins manage the security baselines.
[![Security Compliance Toolkit.](images/security-compliance-toolkit-1.png)](security-compliance-toolkit-10.md)
[![Get Support.](images/get-support.png)](get-support-for-security-baselines.md)
## Community
[![Microsoft Security Guidance Blog.](images/community.png)](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bd-p/Security-Baselines)
## Related Videos
You may also be interested in this msdn channel 9 video:
- [Defrag Tools](https://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-174-Security-Baseline-Policy-Analyzer-and-LGPO)
## See Also
- [Microsoft Endpoint Configuration Manager](https://www.microsoft.com/cloud-platform/system-center-configuration-manager)
- [Operations Management Suite](https://www.microsoft.com/cloud-platform/operations-management-suite)
- [Configuration Management for Nano Server](/archive/blogs/grouppolicy/configuration-management-on-servers/)
- [Microsoft Security Guidance Blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines)
- [Microsoft Security Compliance Toolkit Download](https://www.microsoft.com/download/details.aspx?id=55319)
- [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=55319)