diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 107a70bff1..863e6b22b7 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -1352,6 +1352,11 @@ "redirect_document_id": true }, { +"source_path": "windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md", +"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration", +"redirect_document_id": false +}, +{ "source_path": "windows/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection.md", "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection", "redirect_document_id": true diff --git a/devices/hololens/hololens-connect-devices.md b/devices/hololens/hololens-connect-devices.md index a220b4570c..f75a5599df 100644 --- a/devices/hololens/hololens-connect-devices.md +++ b/devices/hololens/hololens-connect-devices.md @@ -45,10 +45,15 @@ HoloLens (1st gen) supports the following classes of Bluetooth devices: ### HoloLens (1st gen): Pair the clicker 1. Use the bloom gesture to go to **Start**, and then select **Settings**. + 1. Select **Devices**, and make sure that Bluetooth is on. + 1. Use the tip of a pen to press and hold the clicker pairing button until the clicker status light blinks white. Make sure to hold down the button until the light starts blinking. + The pairing button is on the underside of the clicker, next to the finger loop. + ![The pairing button is beside the finger loop](images/use-hololens-clicker-1.png) + 1. On the pairing screen, select **Clicker** > **Pair**. ## HoloLens 2: Connect USB-C devices @@ -77,3 +82,10 @@ To use Miracast, follow these steps: 1. On the list of devices that appears, select an available device. 1. Complete the pairing to begin projecting. + +## Disable Bluetooth + +This procedure turns off the RF components of the Bluetooth radio and disables all Bluetooth functionality on Microsoft HoloLens. + +1. Use the bloom gesture (HoloLens (1st gen)) or the start gesture (HoloLens 2) to go to **Start**, and then select **Settings** > **Devices**. +1. Move the slider switch for **Bluetooth** to the **Off** position. diff --git a/devices/hololens/hololens2-autopilot.md b/devices/hololens/hololens2-autopilot.md index 5589ec096d..02c0a61b10 100644 --- a/devices/hololens/hololens2-autopilot.md +++ b/devices/hololens/hololens2-autopilot.md @@ -71,7 +71,7 @@ Review the "[Requirements](https://docs.microsoft.com/windows/deployment/windows Before you start the OOBE and provisioning process, make sure that the HoloLens devices meet the following requirements: - The devices are not already members of Azure AD, and are not enrolled in Intune (or another MDM system). The Autopilot self-deploying process completes these steps. To make sure that all the device-related information is cleaned up, check the **Devices** pages in both Azure AD and Intune. -- Every device can connect to the internet. You can use a wired or wireless connection. +- Every device can connect to the internet. You can "USB C to Ethernet" adapters for wired internet connectivity or "USB C to Wifi" adapters for wireless internet connectivity. - Every device can connect to a computer by using a USB-C cable, and that computer has the following available: - Advanced Recovery Companion (ARC) - The latest Windows update: Windows 10, version 19041.1002.200107-0909 or a later version) diff --git a/devices/surface/TOC.md b/devices/surface/TOC.md index 92801e4289..4d8062c985 100644 --- a/devices/surface/TOC.md +++ b/devices/surface/TOC.md @@ -29,6 +29,7 @@ ### [Deploy Surface devices](deploy.md) ### [Windows Autopilot and Surface devices](windows-autopilot-and-surface-devices.md) +### [Windows Virtual Desktop on Surface](windows-virtual-desktop-surface.md) ### [Deploying, managing, and servicing Surface Pro X](surface-pro-arm-app-management.md) ### [Surface Pro X app compatibility](surface-pro-arm-app-performance.md) ### [Manage and deploy Surface driver and firmware updates](manage-surface-driver-and-firmware-updates.md) diff --git a/devices/surface/get-started.yml b/devices/surface/get-started.yml index a11e35c584..131d77a578 100644 --- a/devices/surface/get-started.yml +++ b/devices/surface/get-started.yml @@ -52,8 +52,8 @@ landingContent: url: microsoft-surface-deployment-accelerator.md - text: Autopilot and Surface devices url: windows-autopilot-and-surface-devices.md - - text: Deploying, managing, and servicing Surface Pro X - url: surface-pro-arm-app-management.md + - text: Windows Virtual Desktop on Surface + url: windows-virtual-desktop-surface.md # Card - title: Manage Surface devices diff --git a/devices/surface/windows-virtual-desktop-surface.md b/devices/surface/windows-virtual-desktop-surface.md new file mode 100644 index 0000000000..80434c8eb7 --- /dev/null +++ b/devices/surface/windows-virtual-desktop-surface.md @@ -0,0 +1,158 @@ +--- +title: Windows Virtual Desktop on Surface +description: This article explains how Surface devices deliver an ideal end node for Windows Virtual Desktop solutions, providing customers with flexible form factors, Windows 10 modern device security and manageability, and support for persistent, on-demand & just-in-time work scenarios. +ms.prod: w10 +ms.mktglfcycl: manage +ms.localizationpriority: medium +ms.sitesec: library +author: coveminer +ms.author: greglin +ms.topic: article +ms.date: 5/20/2020 +ms.reviewer: rohenr +manager: laurawi +audience: itpro +--- + +# Windows Virtual Desktop on Surface + +## Introduction + +Windows Virtual Desktop on Surface lets you run Virtual Desktop Infrastructure (VDI) on a Surface device blurring the lines between the local desktop experience and the virtual desktop where touch, pen, ink, and biometric authentication span both physical and virtual environments. Representing another milestone in the evolution of computing, Windows Virtual Desktop on Surface 1 combines Microsoft 365 - virtualized in the Azure cloud - with the advanced security protections, enterprise-level manageability, and enhanced productivity tools of Windows 10 on Surface. This fusion of premium form factor and Virtual Desktop Infrastructure in Azure provides exceptional customer value across user experiences, portability, security, business continuity, and modern management. + +### Windows Virtual Desktop + +Windows Virtual Desktop (WVD) is a comprehensive desktop and app virtualization service running in the Azure cloud. It’s the only virtual desktop infrastructure that delivers simplified management, multi-session Windows 10, optimizations for Office 365 ProPlus, and support for Remote Desktop Services (RDS) environments. With WVD you can quickly deploy and scale Windows desktops and apps on Azure and get built-in security and compliance features. + +### Windows Virtual Desktop partner integrations + +For a list of approved partner providers and independent software vendors for Windows Virtual Desktop, see [Windows Virtual Desktop partner integrations](https://docs.microsoft.com/azure/virtual-desktop/partners). Some partners also provide Virtual Desktop as a Service (DaaS). DaaS frees you from having to maintain your own virtual machines (VMs) by providing a fully managed, turnkey desktop and virtualization service. The ability to deliver customized desktops to users anywhere in the world enables companies to quickly adjust to changing market conditions by spinning up cloud desktops on-demand - when and where they’re needed. + +## Microsoft Surface Devices + +Surface engineering has long set new standards for innovation by going beyond the keyboard and mouse to imagine more natural ways of interacting with devices, whether by touch, voice, ink, or Surface Dial. And with chip-to-cloud integration of Microsoft 365 and the security and manageability of Windows 10 Pro, Surface delivers connected hardware, software, apps, and services the way they were intended. Although it’s possible to run WVD from Windows devices dating back to Windows 7, Microsoft Surface devices provide unique advantages including support for: + +- **Flexible form factors** - like 2-in-1 devices such as Surface Go 2, Surface Pro 7 and Surface Pro X with pen, touch and detachable keyboard. +- **Persistent, on-demand and just-in-time work scenarios** - with offline and on-device access for more productive experiences. +- **Windows 10 modern device security and manageability** - providing the flexibility to be productive anywhere. + +## Flexible form factors and premium user experience + +The Microsoft Surface for Business family comprises a diverse portfolio of form factors including traditional laptops, all-in-one machines, and 2-in-1 devices. Surface devices deliver experiences people love with the choice and flexibility they need in order to work on their terms. + +### The modern virtual desktop endpoint + +Surface 2-in-1 devices, including [Surface Go 2](https://www.microsoft.com/p/surface-go-2) (10.5”), [Surface Pro 7](https://www.microsoft.com/surface/devices/surface-pro-7/) (12”) and [Surface Pro X](https://www.microsoft.com/p/surface-pro-x/) (13”), provide users with the ideal cloud desktop endpoint bringing together the optimal balance of portability, versatility, power, and all-day battery. From site engineers relying on Surface Go 2 in tablet mode to financial advisors attaching Surface Pro 7 to a dock and multiple monitors, 2-in-1 devices deliver the versatility that has come to define the modern workplace. + + Unlike traditional, fixed VDI “terminals”, Surface devices allow users to work from anywhere and enable companies to remain viable and operational during unforeseen events -- from severe weather to public health emergencies. With support for persistent, on-demand and just-in-time scenarios, Surface devices effectively help companies sustain ongoing operations and mitigate risk from disruptive events. Features designed to enhance productivity on Surface 2-in-1 devices include: + +- Vibrant, high resolution displays with 3:2 aspect ratio to get work done. +- Natural inking and multi-touch for more immersive experiences. +- With a wide variety of built-in and third-party accessibility features, Surface devices let you choose how to interact with your device, express ideas, and get work done. +- Far-field mics and high-performance speakers for improved virtual meetings. +- Biometric security including built-in, Windows Hello camera that comes standard on every Surface device. +- Long battery life 2 and fast charging. +- LTE options 3 on modern devices like Surface Pro X and Surface Go 2 for hassle-free and secure connectivity. +- Support for a wide range of peripherals such as standard printers, 3D printers, cameras, credit card readers, barcode scanners, and many others. A large ecosystem of Designed for Surface partners provides licensed and certified Surface accessories. +- Broad range of Device Redirection support. + +### Device Redirection Support + +The Surface-centric productivity experiences listed above become even more compelling in Windows Virtual Desktop environments by taking advantage of device redirection capabilities with Windows 10. Surface provides a broad range of device redirection support, especially when compared to OEM thin clients and fixed terminals, Android, iOS/macOS and Web-based access. The Windows Inbox (MSTSC) and Windows Desktop (MSRDC) clients provide the most device redirection capabilities including Input Redirection (keyboard, mouse, pen and touch), Port Redirection (serial and USB) and Other Redirections (cameras, clipboard, local drive/storage, location, microphones, printers, scanners, smart cards and speakers). For a detailed comparison of device redirection support refer to the [device redirection documentation](https://docs.microsoft.com/windows-server/remote/remote-desktop-services/clients/remote-desktop-app-compare#redirection-support). + +### Familiar Desktop Experience + +Not only does running the Windows Desktop Client on Surface devices provide users with a broad set of device redirection capabilities, it lets everyone launch apps in familiar ways — directly from the Start Menu or Search bar. + +### Persistent, on-demand and just-in-time work scenarios + +Windows Virtual Desktop on Surface helps customers meet increasingly complex business and security requirements across industries, employee roles, and work environments. These include: + +- Multi-layered security of access to data and organizational resources. +- Compliance with industry regulations. +- Support for an increasingly elastic workforce. +- Employee-specific needs across a variety of job functions. +- Ability to support specialized, processor-intensive workloads. +- Resilience for sustaining operations during disruptions. + +### Table 1. Windows Virtual Desktop business conversations + +| Security & regulation | Elastic workforce | Work Roles | Special workloads | Business continuity | +| ---------------------------------------------------- | ---------------------------------------------------------------------------- | ----------------------------------------------------------------- | ---------------------------------------------------------------------------- | ---------------------------------------------------- | +| - Financial Services
- Healthcare
- Government | - Merger & acquisition
- Short term employees
- Contractors & partners | - BYOD & mobile
- Customer support/service
- Branch workers | - Design & engineering
- Support for legacy apps
- Software dev & test | - On demand
- Just-in-Time (JIT)
- Work @ Home | + +### Offline and on-device access for more productive experiences + +Traditionally, VDI solutions only work when the endpoint is connected to the internet. But what happens when the internet or power is unavailable for any reason (due to mobility, being on a plane, or power outages, and so on)? + +To support business continuity and keep employees productive, Surface devices can easily augment the virtual desktop experience with offline access to files, Microsoft 365 and third-party applications. Traditional apps like Microsoft Office, available across .x86, x64, Universal Windows Platform, ARM platforms, enable users to stay productive in “offline mode”. Files from the virtual desktop cloud environment can be synced locally on Surface using OneDrive for Business for offline access as well. You can have the confidence that all locally “cached” information is up-to-date and secure. + +In addition to adding support for offline access to apps and files, Surface devices are designed to optimize collaborative experiences like Microsoft Teams “On-Device”. Although some VDI solutions support the use of Teams through a virtual session, users can benefit from the more optimized experience provided by a locally installed instance of Teams. Localizing communications and collaboration apps for multimedia channels like voice, video, live captioning allows organizations to take full advantage of Surface devices’ ability to provide optimized Microsoft 365 experiences. The emergence of Surface artificial intelligence (AI) or “AI-on-device” brings new capabilities to life, such as eye gaze technology that adjusts the appearance of your eyes so the audience sees you looking directly at the camera when communicating via video. + +An alternative to locally installing traditional applications is to take advantage of the latest version of Microsoft Edge, which comes with support for Progressive Web Apps (PWA). PWAs are just websites that are progressively enhanced to function like native apps on supporting platforms. The qualities of a PWA combine the best of the web and native apps by additional features, such as push notifications, background data refresh, offline support, and more. + +### Virtual GPUs + +GPUs are ideal for AI compute and graphics-intensive workloads, helping customers to fuel innovation through scenarios like high-end remote visualization, deep learning, and predictive analytics. However, this isn’t ideal for professionals who need to work remotely or while on the go because varying degrees of internal GPU horsepower are tied to the physical devices, limiting mobility and flexibility. + +To solve for this Azure offers the N-series family of Virtual Machines with NVIDIA GPU capabilities (vGPU). With vGPUs, IT can either share GPU performance across multiple virtual machines, or power demanding workloads by assigning multiple GPUs to a single virtual machine. For Surface this means that no matter what device you’re using, from the highly portable Surface Go 2 to the slim and stylish Surface Laptop 3, your device has access to powerful server-class graphics performance. Surface and vGPUs allow you to combine all the things you love about Surface, to include pen, touch, keyboard, trackpad and PixelSense displays, with graphics capability only available in high performance computing environments. + +Azure N-series brings these capabilities to life on your Surface device allowing you to work in any way you want, wherever you go. [Learn more about Azure N-Series and GPU optimized virtual machine sizes.](https://docs.microsoft.com/azure/virtual-machines/sizes-gpu) + +## Microsoft 365 and Surface + +Even in a virtualized desktop environment, Microsoft 365 and Surface deliver the experiences employees love, the protection organizations demand, and flexibility for teams to work their way. According to Forrester Research: 4 + +- Microsoft 365-powered Surface devices give users up to 5 hours in weekly productivity gains with up to 9 hours saved per week for highly mobile workers, providing organizations with 112 percent ROI on Microsoft 365 with Surface +- 75 percent agree Microsoft 365-powered Surface devices help improve employee satisfaction and retention +- agree that Microsoft 365- powered Surface devices have helped improve employee satisfaction and retention. + +### Security and management + +From chip to cloud, Microsoft 365 and Surface helps organizations stay protected and up to date. +With both Surface hardware and software designed, built, and tested by Microsoft, users can be confident they’re productive and protected by leading technologies from chip to cloud. With increased numbers of users working remotely, protecting corporate data and intellectual property becomes more paramount than ever. Windows Virtual Desktop on Surface is designed around a zero-trust security model in which every access request is strongly authenticated, authorized within policy constraints, and inspected for anomalies before granting access. + +By maximizing efficiencies from cloud computing, modern management enables IT to better serve the needs of users, stakeholders and customers in an increasingly competitive business environment. For example, you can get Surface devices up-and-running with minimal interaction from your team. Setup is automatic and self-serviced. Updates are quick and painless for both your team and your users. You can manage devices regardless of their physical location. + +Security and management features delivered with Windows Virtual Desktop on Surface include: + +- **Windows Update.** Keeping Windows up to date helps you stay ahead of new security threats. Windows 10 has been engineered from the ground up to be more secure and utilize the latest hardware capabilities to improve security. With a purpose-built UEFI 5 and Windows Update for Business that responds to evolving threats, end-to-end protection is secure and simplified. + +- **Hardware encryption.** Device encryption lets you protect the data on your Surface so it can only be accessed by authorized individuals. All Surface for Business devices feature a discrete Trusted Platform Module (dTPM) that is hardware-protected against intrusion while software uses protected keys and measurements to verify software validity. +- **Windows Defender.** Windows Defender Antivirus brings together machine learning, big-data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect devices. The tool is built in and needs no extra agents to be deployed on-devices or in the VDI environment, simplifying management and optimizing device start up. Windows Defender is built in and needs no extra agents to be deployed on-device or in the VDI environment, simplifying management and optimizing device start up. The true out-of-the-box experience. +- **Removable drives** - A subset of newer Surface devices feature removable SSD drives 6 providing greater control over data retention. +- **Modern authentication -** Microsoft 365 and Surface is a unified platform delivering every Windows security feature (subject to licensing and enablement). All Surface portfolio devices ship with a custom-built camera, designed for Windows Hello for Business providing biometric security that persists seamlessly from on-device to VDI-based experiences. +- **Modern firmware management** -Using Device Firmware Configuration Interface (DFCI),7 IT administrators can remotely disable hardware elements at a firmware level such as mics, USB ports, SD card slots, cameras, and Bluetooth which removes power to the peripheral. Windows Defender Credential Guard uses virtualization-based security so that only privileged system software can access them. +- **Backward and forward compatibility** - Windows 10 devices provide backward and forward compatibility across hardware, software and services. Microsoft has a strong history of maintaining legacy support of hardware, peripherals, software and services while incorporating the latest technologies. Businesses can plan IT investments to have a long useful life. +- **Bridge for legacy Windows 7 workloads** - For solution scenarios dependent on legacy Windows OS environments, enterprises can use VDI instances of Windows 7 running in Azure. This enables support on modern devices like Surface without the risk of relying on older Windows 7 machines that no longer receive the latest security updates. In addition to these “future proofing” benefits, migration of any legacy workloads becomes greatly simplified when modern Windows 10 hardware is already deployed. +- **Zero-Touch Deployment** - Autopilot is the recommended modern management deployment option for Surface devices. Windows Autopilot on Surface is a cloud-based deployment technology in Windows 10. You can use Windows Autopilot on Surface to remotely deploy and configure devices in a zero-touch process right out of the box. Windows Autopilot-registered devices are identified over the Internet at first startup through a unique device signature that's called a hardware hash. They're automatically enrolled and configured by using modern management solutions such as Azure Active Directory (Azure AD) and mobile device management. + +### Surface devices: Minimizing environmental impacts + +Surface performs life cycle assessments to calculate the environmental impact of devices across key stages of product life cycle enabling Microsoft to minimize these impacts. Each Surface product has an ECO profile that includes details on greenhouse gas emissions, primary energy consumption and material composition data, packaging, recycling, and related criteria. To download profiles for each Surface device, see [ECO Profiles](https://www.microsoft.com/download/details.aspx?id=55974) on the Microsoft Download Center. + +## Summary + +Windows Virtual Desktop on Surface provides organizations with greater flexibility and resilience in meeting the diverse needs of users, stakeholders, and customers. Running Windows Virtual Desktop solutions on Surface devices provides unique advantages over continued reliance on legacy devices. Flexible form factors like Surface Go 2 and Surface Pro 7 connected to the cloud (or offline), enable users to be productive from anywhere, at any time. Whether employees work in persistent, on-demand, or just-in-time scenarios, Windows Virtual Desktop on Surface affords businesses with the versatility to sustain productivity throughout disruptions from public health emergencies or other unforeseen events. Using the built in, multi-layered security and modern manageability of Windows 10, companies can take advantage of an expanding ecosystem of cloud-based services to rapidly deploy and scale Windows desktops and apps. Simply put, Windows Virtual Desktop on Surface delivers critically needed technology to organizations and businesses of all sizes. + +## Learn more + +For more information, see the following resources: + +- [Windows Virtual Desktop](https://azure.microsoft.com/services/virtual-desktop/) +- [Surface for Business](https://www.microsoft.com/surface/business) +- [Modernize your workforce with Microsoft Surface](https://boards.microsoft.com/public/prism/103849?token=754435c36d) +- [A guide to Surface Technical Content and Solutions](https://boards.microsoft.com/public/prism/104362/category/90968?token=09e688ec4a) +- [Microsoft zero-trust security](https://www.microsoft.com/security/business/zero-trust) + + +---------- + +1. Windows Virtual Desktop on Surface refers to running Azure Virtual Desktop Infrastructure on a Surface device and is described here as an architectural solution, not a separately available product.
+2. Battery life varies significantly with settings, usage and other factors.
+3. Service availability and performance subject to service provider’s network. Contact your service provider for details, compatibility, pricing, SIM card, and activation. See all specs and frequencies at surface.com.
+4. Forrester Consulting, “A Forrester Total Economic Impact™ Study: Maximizing Your ROI from Microsoft 365 Enterprise with Microsoft Surface,” commissioned by Microsoft, 2018.
+5. Surface Go and Surface Go 2 use a third-party UEFI and do not support DFCI. DFCI is currently available for Surface Book 3, Surface Laptop 3, Surface Pro 7, and Surface Pro X. Find out more about managing Surface UEFI settings.
+6. Removable SSD is available on Surface Laptop 3 and Surface Pro X. Note that hard drive is not user removable. Hard drive is only removable a by skilled technician following Microsoft instructions.
+7. DFCI is currently available for Surface Book 3, Surface Laptop 3, Surface Pro 7, and Surface Pro X. [Find out more](https://docs.microsoft.com/surface/manage-surface-uefi-settings) about managing Surface UEFI settings. + diff --git a/windows/client-management/mdm/get-seat.md b/windows/client-management/mdm/get-seat.md index 2169488622..598d24ea19 100644 --- a/windows/client-management/mdm/get-seat.md +++ b/windows/client-management/mdm/get-seat.md @@ -1,6 +1,6 @@ --- title: Get seat -description: The Get seat operation retrieves the information about an active seat for a specified user in the Micosoft Store for Business. +description: The Get seat operation retrieves the information about an active seat for a specified user in the Microsoft Store for Business. ms.assetid: 715BAEB2-79FD-4945-A57F-482F9E7D07C6 ms.reviewer: manager: dansimp @@ -14,7 +14,7 @@ ms.date: 09/18/2017 # Get seat -The **Get seat** operation retrieves the information about an active seat for a specified user in the Micosoft Store for Business. +The **Get seat** operation retrieves the information about an active seat for a specified user in the Microsoft Store for Business. ## Request diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index 5697d954da..0ab027fca0 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -710,6 +710,7 @@ Policy, Policy/Channels, Policy/Channels/ChannelName, Policy/Channels/ChannelNam
  • LocalPoliciesSecurityOptions/InteractiveLogon_MachineInactivityLimit
  • LocalPoliciesSecurityOptions/InteractiveLogon_MessageTextForUsersAttemptingToLogOn
  • LocalPoliciesSecurityOptions/InteractiveLogon_MessageTitleForUsersAttemptingToLogOn
    • +
  • LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM
  • LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests
  • LocalPoliciesSecurityOptions/RecoveryConsole_AllowAutomaticAdministrativeLogon
  • LocalPoliciesSecurityOptions/Shutdown_AllowSystemToBeShutDownWithoutHavingToLogOn
    • diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 07bf447af0..047fef66ae 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -2390,6 +2390,9 @@ The following diagram shows the Policy configuration service provider in tree fo
    LocalPoliciesSecurityOptions/NetworkAccess_RestrictClientsAllowedToMakeRemoteCallsToSAM
    +
    + LocalPoliciesSecurityOptions/NetworkSecurity_AllowLocalSystemToUseComputerIdentityForNTLM +
    LocalPoliciesSecurityOptions/NetworkSecurity_AllowPKU2UAuthenticationRequests
    diff --git a/windows/configuration/cortana-at-work/cortana-at-work-feedback.md b/windows/configuration/cortana-at-work/cortana-at-work-feedback.md index 60ae0ffa10..9b2fcfb9c3 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-feedback.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-feedback.md @@ -16,10 +16,10 @@ manager: dansimp To provide feedback on an individual request or response, select the item in the conversation history and then select **Give feedback**. This opens the Feedback Hub application where you can provide more information to help diagnose reported issues. -:::image type="content" source="../../../images/screenshot11.png" alt-text="Screenshot: Send feedback page"::: +:::image type="content" source="../screenshot1.png" alt-text="Screenshot: Send feedback page"::: To provide feedback about the application in general, go to the **Settings** menu by selecting the three dots in the top left of the application, and select **Feedback**. This opens the Feedback Hub where more information on the issue can be provided. -:::image type="content" source="../../../images/screenshot12.png" alt-text="Screenshot: Select Feedback to go to the Feedback Hub"::: +:::image type="content" source="../screenshot12.png" alt-text="Screenshot: Select Feedback to go to the Feedback Hub"::: In order for enterprise users to provide feedback, admins must unblock the Feedback Hub in the [Azure portal](https://portal.azure.com/). Go to the **Enterprise applications section** and enable **Users can allow apps to access their data**. \ No newline at end of file diff --git a/windows/configuration/cortana-at-work/cortana-at-work-overview.md b/windows/configuration/cortana-at-work/cortana-at-work-overview.md index fc94b61cee..9bdf2f0ae6 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-overview.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-overview.md @@ -17,7 +17,7 @@ ms.author: dansimp Cortana is a personal productivity assistant in Microsoft 365, helping your users achieve more with less effort and focus on what matters. The Cortana app in Windows 10 helps users quickly get information across Microsoft 365, using typed or spoken queries to connect with people, check calendars, set reminders, add tasks, and more. -:::image type="content" source="../../../images/screenshot1.png" alt-text="Screenshot: Cortana home page example"::: +:::image type="content" source="../screenshot1.png" alt-text="Screenshot: Cortana home page example"::: ## Where is Cortana available for use in my organization? @@ -30,11 +30,11 @@ The Cortana app in Windows 10, version 2004 requires the latest Microsoft Store Cortana requires a PC running Windows 10, version 1703 or later, as well as the following software to successfully run the included scenario in your organization. >[!NOTE] ->A microphone is not required to use Cortana. +>A microphone isn't required to use Cortana. |**Software** |**Minimum version** | |---------|---------| -|Client operating system | Desktop:
    - Windows 10, version 2004 (recommended)

    - Windows 10, version 103 (legacy version of Cortana)

    Mobile: Windows 10 mobile, version 1703 (legacy version of Cortana)

    For more information on the differences between Cortana in Windows 10, version 2004 and earlier versions, see **How is my data processed by Cortana** below. | +|Client operating system | Desktop:
    - Windows 10, version 2004 (recommended)

    - Windows 10, version 1703 (legacy version of Cortana)

    Mobile: Windows 10 mobile, version 1703 (legacy version of Cortana)

    For more information on the differences between Cortana in Windows 10, version 2004 and earlier versions, see **How is my data processed by Cortana** below. | |Azure Active Directory (Azure AD) | While all employees signing into Cortana need an Azure AD account, an Azure AD premium tenant isn’t required. | |Additional policies (Group Policy and Mobile Device Management (MDM)) |There is a rich set of policies that can be used to manage various aspects of Cortana. Most of these policies will limit the abilities of Cortana but won't turn Cortana off. For example, if you turn **Speech** off, your employees won't be able to use the wake word (“Cortana”) for hands-free activation or voice commands to easily ask for help. | @@ -48,7 +48,7 @@ Cortana's approach to integration with Microsoft 365 has changed with Windows 10 ### Cortana in Windows 10, version 2004 and later -Cortana enterprise services that can be accessed using Azure AD through Cortana in Windows 10, version 2004 and later, meet the same enterprise-level privacy, security, and compliance promises as reflected in the [Online Services Terms (OST)](https://www.microsoft.com/en-us/licensing/product-licensing/products). For more information, see [Cortana in Microsoft 365](https://docs.microsoft.com/microsoft-365/admin/misc/cortana-integration?view=o365-worldwide#what-data-is-processed-by-cortana-in-office-365). +Cortana enterprise services that can be accessed using Azure AD through Cortana in Windows 10, version 2004 and later, meet the same enterprise-level privacy, security, and compliance promises as reflected in the [Online Services Terms (OST)](https://www.microsoft.com/en-us/licensing/product-licensing/products). To learn more, see [Cortana in Microsoft 365](https://docs.microsoft.com/microsoft-365/admin/misc/cortana-integration?view=o365-worldwide#what-data-is-processed-by-cortana-in-office-365). #### How does Microsoft store, retain, process, and use Customer Data in Cortana? @@ -71,7 +71,7 @@ First, the user must enable the wake word from within Cortana settings. Once it The first decision is made by the Windows Multiple Voice Assistant platform leveraging hardware optionally included in the user's PC for power savings. If the wake word is detected, Windows will show a microphone icon in the system tray indicating an assistant app is listening. -:::image type="content" source="../../../images/screenshot2.png" alt-text="Microphone icon in the system tray indicating an assistant app is listening"::: +:::image type="content" source="../screenshot2.png" alt-text="Screenshot: Microphone icon in the system tray indicating an assistant app is listening"::: At that point, the Cortana app will receive the audio, run a second, more accurate wake word detector, and optionally send it to a Microsoft cloud service where a third wake word detector will confirm. If the service does not confirm that the activation was valid, the audio will be discarded and deleted from any further processing or server logs. On the user's PC, the Cortana app will be silently dismissed, and no query will be shown in conversation history because the query was discarded. @@ -85,4 +85,4 @@ Cortana is covered under the [Microsoft Privacy Statement](https://privacy.micro ## See also -- [What is Cortana?](https://go.microsoft.com/fwlink/p/?LinkId=746818) \ No newline at end of file +- [What is Cortana?](https://go.microsoft.com/fwlink/p/?LinkId=746818) diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md index 642a124de8..ae1cc6a4a5 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-1.md @@ -22,9 +22,9 @@ manager: dansimp 4. Say **Cortana, what can you do?**. -When you say "Cortana", Cortana will open in listening mode to acknowledge the wake word. +When you say **Cortana**, Cortana will open in listening mode to acknowledge the wake word. -:::image type="content" source="../../../images/screenshot4.png" alt-text="Screenshot: Cortana listening mode"::: +:::image type="content" source="../screenshot4.png" alt-text="Screenshot: Cortana listening mode"::: Once you finish saying your query, Cortana will open with the result. diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md index c541b4b620..cd8da63e37 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-2.md @@ -20,7 +20,7 @@ manager: dansimp Cortana will respond with the information from Bing. -:::image type="content" source="../../media/screenshot5.png" alt-text="Screenshot: Cortana showing current time in Hyderbad"::: +:::image type="content" source="../screenshot5.png" alt-text="Screenshot: Cortana showing current time in Hyderbad"::: >[!NOTE] ->This scenario requires Bing Answers to be enabled. For more information, see [Set up and configure the Bing Answers feature](https://docs.microsoft.com/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10#set-up-and-configure-the-bing-answers-feature). \ No newline at end of file +>This scenario requires Bing Answers to be enabled. To learn more, see [Set up and configure the Bing Answers feature](https://docs.microsoft.com/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10#set-up-and-configure-the-bing-answers-feature). \ No newline at end of file diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md index 333199a0a5..5382e5665c 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-3.md @@ -16,11 +16,10 @@ manager: dansimp This scenario helps you set up, review, and edit a reminder. For example, you can remind yourself to send someone a link to a document after a meeting. -1. Select the **Cortana** icon in the taskbar and type _Remind me to send a link to the deck at 3:05pm_ and press **Enter**. +1. Select the **Cortana** icon in the taskbar and type **Remind me to send a link to the deck at 3:05pm** and press **Enter**. Cortana will create a reminder in Microsoft To Do and will remind you at the appropriate time. -:::image type="content" source="../../../images/screenshot6.png" alt-text="Screenshot: Cortana set a reminder"::: - -:::image type="content" source="../../../images/screenshot7.png" alt-text="Screenshot: Cortana showing reminder on page"::: +:::image type="content" source="../screenshot6.png" alt-text="Screenshot: Cortana set a reminder"::: +:::image type="content" source="../screenshot7.png" alt-text="Screenshot: Cortana showing reminder on page"::: \ No newline at end of file diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md index ec22777755..1a34778608 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-4.md @@ -14,7 +14,7 @@ manager: dansimp # Test scenario 4 - Use Cortana to find free time on your calendar -This process helps you find out if a time slot is free on your calendar. +This scenario helps you find out if a time slot is free on your calendar. 1. Select the **Cortana** icon in the taskbar. @@ -24,4 +24,4 @@ This process helps you find out if a time slot is free on your calendar. Cortana will respond with your availability for that time, as well as nearby meetings. -:::image type="content" source="../../../images/screenshot8.png" alt-text="Screenshot: Cortana showing free time on a calendar"::: \ No newline at end of file +:::image type="content" source="../screenshot8.png" alt-text="Screenshot: Cortana showing free time on a calendar"::: \ No newline at end of file diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md index ee0bbe9a6e..6312ad8983 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-5.md @@ -20,6 +20,6 @@ Cortana can help you quickly look up information about someone or the org chart. 2. Type or select the mic and say, **Who is name of person in your organization's?** -:::image type="content" source="../../../images/screenshot8.png" alt-text="Screenshot: Cortana showing name of person in your organization"::: +:::image type="content" source="../screenshot9.png" alt-text="Screenshot: Cortana showing name of person in your organization"::: -Cortana will respond with information about the person. You can select the person to open information about them in Microsoft Search. \ No newline at end of file +Cortana will respond with information about the person. You can select the person to see more information about them in Microsoft Search. \ No newline at end of file diff --git a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md index 739f5afbfd..b2c7bdd9dd 100644 --- a/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md +++ b/windows/configuration/cortana-at-work/cortana-at-work-scenario-6.md @@ -14,7 +14,7 @@ manager: dansimp # Test scenario 6 – Change your language and perform a quick search with Cortana -Cortana can help employees in regions outside the US search for quick answers like currency conversions, time zone conversions, or weather in their location or another. +Cortana can help employees in regions outside the US search for quick answers like currency conversions, time zone conversions, or weather in their location. 1. Select the **Cortana** icon in the taskbar. @@ -22,4 +22,4 @@ Cortana can help employees in regions outside the US search for quick answers li 3. Once the app has restarted, type or say **Convierte 100 Euros a Dólares**. -:::image type="content" source="../../../images/screenshot10.png" alt-text="Screenshot: Cortana showing a change your language and showing search results in Spanish"::: \ No newline at end of file +:::image type="content" source="../screenshot10.png" alt-text="Screenshot: Cortana showing a change your language and showing search results in Spanish"::: \ No newline at end of file diff --git a/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10.md b/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10.md index c1b71aa782..14dfdcd3da 100644 --- a/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10.md +++ b/windows/configuration/cortana-at-work/set-up-and-test-cortana-in-windows-10.md @@ -32,8 +32,8 @@ Users cannot enable or disable the Bing Answer feature individually. So, if you Sign in to the [Office Configuration Admin tool](https://config.office.com/). Follow the steps [here](https://docs.microsoft.com/deployoffice/overview-office-cloud-policy-service#steps-for-creating-a-policy-configuration) to create this policy configuration. Once completed, the policy will look as shown below: - -:::image type="content" source="../../../images/screenshot3.png" alt-text="Screenshot: Bing policy example"::: + +:::image type="content" source="../screenshot3.png" alt-text="Screenshot: Bing policy example"::: ## How does Microsoft handle customer data for Bing Answers? @@ -43,7 +43,7 @@ When a user enters a search query (by speech or text), Cortana evaluates if the 2. If it is not for any of the first-party compliant skills, the query is sent to Bing for a search of public results from Bing.com. Because enterprise searches might be sensitive, similar to [Microsoft Search in Bing](https://docs.microsoft.com/MicrosoftSearch/security-for-search#microsoft-search-in-bing-protects-workplace-searches), Bing Answers in Cortana has implemented a set of trust measures, described below, that govern how the separate search of public results from Bing.com is handled. The Bing Answers in Cortana trust measures are consistent with the enhanced privacy and security measures described in [Microsoft Search in Bing](https://docs.microsoft.com/MicrosoftSearch/security-for-search). All Bing.com search logs that pertain to Cortana traffic are disassociated from users' workplace identity. All Cortana queries issued via a work or school account are stored separately from public, non-Cortana traffic. -Bing Answers is enabled by default for all users. However, admins can configure and change this for specific users/user groups in their organization. +Bing Answers is enabled by default for all users. However, admins can configure and change this for specific users and user groups in their organization. ## How the Bing Answer policy configuration is applied Before a query is sent to Bing for a search of public results from Bing.com, the Bing Answers service checks with the Office Cloud Policy Service to see if there are any policy configurations that pertain to the user for allowing Bing Answers to respond to questions users ask Cortana. If the user is a member of an AAD group that is assigned that policy configuration, then the appropriate policy settings are applied and a check is made again in 10 minutes. \ No newline at end of file diff --git a/images/screenshot1.png b/windows/configuration/screenshot1.png similarity index 100% rename from images/screenshot1.png rename to windows/configuration/screenshot1.png diff --git a/images/screenshot10.png b/windows/configuration/screenshot10.png similarity index 100% rename from images/screenshot10.png rename to windows/configuration/screenshot10.png diff --git a/images/screenshot11.png b/windows/configuration/screenshot11.png similarity index 100% rename from images/screenshot11.png rename to windows/configuration/screenshot11.png diff --git a/images/screenshot12.png b/windows/configuration/screenshot12.png similarity index 100% rename from images/screenshot12.png rename to windows/configuration/screenshot12.png diff --git a/images/screenshot2.png b/windows/configuration/screenshot2.png similarity index 100% rename from images/screenshot2.png rename to windows/configuration/screenshot2.png diff --git a/images/screenshot3.png b/windows/configuration/screenshot3.png similarity index 100% rename from images/screenshot3.png rename to windows/configuration/screenshot3.png diff --git a/images/screenshot4.png b/windows/configuration/screenshot4.png similarity index 100% rename from images/screenshot4.png rename to windows/configuration/screenshot4.png diff --git a/images/screenshot5.png b/windows/configuration/screenshot5.png similarity index 100% rename from images/screenshot5.png rename to windows/configuration/screenshot5.png diff --git a/images/screenshot6.png b/windows/configuration/screenshot6.png similarity index 100% rename from images/screenshot6.png rename to windows/configuration/screenshot6.png diff --git a/images/screenshot7.png b/windows/configuration/screenshot7.png similarity index 100% rename from images/screenshot7.png rename to windows/configuration/screenshot7.png diff --git a/images/screenshot8.png b/windows/configuration/screenshot8.png similarity index 100% rename from images/screenshot8.png rename to windows/configuration/screenshot8.png diff --git a/images/screenshot9.png b/windows/configuration/screenshot9.png similarity index 100% rename from images/screenshot9.png rename to windows/configuration/screenshot9.png diff --git a/windows/deployment/update/how-windows-update-works.md b/windows/deployment/update/how-windows-update-works.md index 7284fecba7..e427a2f861 100644 --- a/windows/deployment/update/how-windows-update-works.md +++ b/windows/deployment/update/how-windows-update-works.md @@ -80,7 +80,7 @@ Windows Update takes the following sets of actions when it runs a scan. #### Starts the scan for updates When users start scanning in Windows Update through the Settings panel, the following occurs: -- The scan first generates a “ComApi” message. The caller (Windows Defender Antivirus) tells the WU engine to scan for updates. +- The scan first generates a “ComApi” message. The caller (Microsoft Defender Antivirus) tells the WU engine to scan for updates. - "Agent" messages: queueing the scan, then actually starting the work: - Updates are identified by the different IDs ("Id = 10", "Id = 11") and from the different thread ID numbers. - Windows Update uses the thread ID filtering to concentrate on one particular task. diff --git a/windows/deployment/update/update-compliance-monitor.md b/windows/deployment/update/update-compliance-monitor.md index 55e6f693d9..8e4da6a05c 100644 --- a/windows/deployment/update/update-compliance-monitor.md +++ b/windows/deployment/update/update-compliance-monitor.md @@ -18,8 +18,8 @@ ms.topic: article # Monitor Windows Updates with Update Compliance > [!IMPORTANT] -> While [Windows Analytics was retired on January 31, 2020](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor), support for Update Compliance has continued through the Azure Portal. Two planned feature removals for Update Compliance – Windows Defender Antivirus reporting and Perspectives – are now scheduled to be removed beginning Monday, May 11, 2020. -> * The retirement of Windows Defender Antivirus reporting will begin Monday, May 11, 2020. You can continue to review malware definition status and manage and monitor malware attacks with Microsoft Endpoint Manager's [Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune). Configuration Manager customers can monitor Endpoint Protection with [Endpoint Protection in Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection). +> While [Windows Analytics was retired on January 31, 2020](https://docs.microsoft.com/windows/deployment/update/update-compliance-monitor), support for Update Compliance has continued through the Azure Portal. Two planned feature removals for Update Compliance – Microsoft Defender Antivirus reporting and Perspectives – are now scheduled to be removed beginning Monday, May 11, 2020. +> * The retirement of Microsoft Defender Antivirus reporting will begin Monday, May 11, 2020. You can continue to review malware definition status and manage and monitor malware attacks with Microsoft Endpoint Manager's [Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune). Configuration Manager customers can monitor Endpoint Protection with [Endpoint Protection in Configuration Manager](https://docs.microsoft.com/configmgr/protect/deploy-use/monitor-endpoint-protection). > * The Perspectives feature of Update Compliance will be retired Monday, May 11, 2020. The Perspectives feature is part of the Log Search portal of Log Analytics, which was deprecated on February 15, 2019 in favor of [Azure Monitor Logs](https://docs.microsoft.com/azure/azure-monitor/log-query/log-search-transition). Your Update Compliance solution will be automatically upgraded to Azure Monitor Logs, and the data available in Perspectives will be migrated to a set of queries in the [Needs Attention section](update-compliance-need-attention.md) of Update Compliance. ## Introduction diff --git a/windows/deployment/update/update-compliance-using.md b/windows/deployment/update/update-compliance-using.md index 47ea2040ed..b61cef1778 100644 --- a/windows/deployment/update/update-compliance-using.md +++ b/windows/deployment/update/update-compliance-using.md @@ -17,7 +17,7 @@ ms.topic: article # Use Update Compliance -In this section you'll learn how to use Update Compliance to monitor your device's Windows updates and Windows Defender Antivirus status. To configure your environment for use with Update Compliance, refer to [Get started with Update Compliance](update-compliance-get-started.md). +In this section you'll learn how to use Update Compliance to monitor your device's Windows updates and Microsoft Defender Antivirus status. To configure your environment for use with Update Compliance, refer to [Get started with Update Compliance](update-compliance-get-started.md). Update Compliance: @@ -50,7 +50,7 @@ When you select this tile, you will be redirected to the Update Compliance works Update Compliance's overview blade summarizes all the data Update Compliance provides. It functions as a hub from which you can navigate to different sections. The total number of devices detected by Update Compliance is reported in the title of this blade. What follows is a distribution for all devices as to whether they are up to date on the following items: * Security updates: A device is up to date on quality updates whenever it has the latest applicable quality update installed. Quality updates are monthly cumulative updates that are specific to a version of Windows 10. * Feature updates: A device is up to date on feature updates whenever it has the latest applicable feature update installed. Update Compliance considers [Servicing Channel](waas-overview.md#servicing-channels) when determining update applicability. -* AV Signature: A device is up to date on Antivirus Signature when the latest Windows Defender Signatures have been downloaded. This distribution only considers devices that are running Windows Defender Antivirus. +* AV Signature: A device is up to date on Antivirus Signature when the latest Windows Defender Signatures have been downloaded. This distribution only considers devices that are running Microsoft Defender Antivirus. The blade also provides the time at which your Update Compliance workspace was [refreshed](#update-compliance-data-latency). diff --git a/windows/privacy/gdpr-win10-whitepaper.md b/windows/privacy/gdpr-win10-whitepaper.md index 302909fefa..ce2c263dfe 100644 --- a/windows/privacy/gdpr-win10-whitepaper.md +++ b/windows/privacy/gdpr-win10-whitepaper.md @@ -132,24 +132,24 @@ As seen with recent ransomware attacks, once called the "black plague" of the In In response to these threats and as a part of your mechanisms to resist these types of breaches so that you remain in compliance with the GDPR, Windows 10 provides built in technology, detailed below including the following: -- Windows Defender Antivirus to respond to emerging threats on data. +- Microsoft Defender Antivirus to respond to emerging threats on data. - Microsoft Edge to systemically disrupt phishing, malware, and hacking attacks. - Windows Defender Device Guard to block all unwanted applications on client machines. #### Responding to emerging data threats -Windows Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers. In Windows 10, it uses a multi-pronged approach to improve antimalware: +Microsoft Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers. In Windows 10, it uses a multi-pronged approach to improve antimalware: - **Cloud-delivered protection.** Helps to detect and block new malware within seconds, even if the malware has never been seen before. -- **Rich local context.** Improves how malware is identified. Windows 10 informs Windows Defender Antivirus not only about content like files and processes, but also where the content came from, where it's been stored, and more. +- **Rich local context.** Improves how malware is identified. Windows 10 informs Microsoft Defender Antivirus not only about content like files and processes, but also where the content came from, where it's been stored, and more. -- **Extensive global sensors.** Help to keep Windows Defender Antivirus current and aware of even the newest malware. This is accomplished in two ways: by collecting the rich local context data from end points and by centrally analyzing that data. +- **Extensive global sensors.** Help to keep Microsoft Defender Antivirus current and aware of even the newest malware. This is accomplished in two ways: by collecting the rich local context data from end points and by centrally analyzing that data. -- **Tamper proofing.** Helps to guard Windows Defender Antivirus itself against malware attacks. For example, Windows Defender Antivirus uses Protected Processes, which prevents untrusted processes from attempting to tamper with Windows Defender Antivirus components, its registry keys, and so on. +- **Tamper proofing.** Helps to guard Microsoft Defender Antivirus itself against malware attacks. For example, Microsoft Defender Antivirus uses Protected Processes, which prevents untrusted processes from attempting to tamper with Microsoft Defender Antivirus components, its registry keys, and so on. -- **Enterprise-level features.** Give IT pros the tools and configuration options necessary to make Windows Defender Antivirus an enterprise-class antimalware solution. +- **Enterprise-level features.** Give IT pros the tools and configuration options necessary to make Microsoft Defender Antivirus an enterprise-class antimalware solution. #### Systemically disrupting phishing, malware, and hacking attacks In today’s threat landscape, your ability to provide those mechanisms should be tied to the specific data-focused attacks you face through phishing, malware and hacking due to the browser-related attacks. @@ -204,7 +204,7 @@ Among the key benefits of ATP are the following: - Built in, not bolted on - agentless with high performance and low impact, cloud-powered; easy management with no deployment. -- Single pane of glass for Windows security - explore 6 months of rich machine timeline that unifies security events from Windows Defender ATP, Windows Defender Antivirus. +- Single pane of glass for Windows security - explore 6 months of rich machine timeline that unifies security events from Windows Defender ATP, Microsoft Defender Antivirus. - Power of the Microsoft graph - leverages the Microsoft Intelligence Security Graph to integrate detection and exploration with Office 365 ATP subscription, to track back and respond to attacks. @@ -216,7 +216,7 @@ To provide Detection capabilities, Windows 10 improves our OS memory and kernel We continue to upgrade our detections of ransomware and other advanced attacks, applying our behavioral and machine-learning detection library to counter changing attacks trends. Our historical detection capability ensures new detection rules apply to up to six months of stored data to detect attacks that previously went unnoticed. Customers can also add customized detection rules or IOCs to augment the detection dictionary. -Customers asked us for a single pane of glass across the entire Windows security stack. Windows Defender Antivirus detections and Windows Defender Device Guard blocks are the first to surface in the Windows Defender ATP portal interleaved with Windows Defender ATP detections. The new user entity adds identity as a pivot, providing insight into actions, relationships, and alerts that span machines and allow us to track attackers moving laterally across the network. +Customers asked us for a single pane of glass across the entire Windows security stack. Microsoft Defender Antivirus detections and Windows Defender Device Guard blocks are the first to surface in the Windows Defender ATP portal interleaved with Windows Defender ATP detections. The new user entity adds identity as a pivot, providing insight into actions, relationships, and alerts that span machines and allow us to track attackers moving laterally across the network. Our alert page now includes a new process tree visualization that aggregates multiple detections and related events into a single view that helps security teams reduce the time to resolve cases by providing the information required to understand and resolve incidents without leaving the alert page. @@ -314,7 +314,7 @@ Azure Information Protection also helps your users share sensitive data in a sec - **Windows Hello for Business:** https://www.youtube.com/watch?v=WOvoXQdj-9E and https://docs.microsoft.com/windows/access-protection/hello-for-business/hello-identity-verification -- **Windows Defender Antivirus:** https://www.youtube.com/watch?v=P1aNEy09NaI and https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10 +- **Microsoft Defender Antivirus:** https://www.youtube.com/watch?v=P1aNEy09NaI and https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10 - **Windows Defender Advanced Threat Protection:** https://www.youtube.com/watch?v=qxeGa3pxIwg and https://docs.microsoft.com/windows/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md index 4bbec23cef..6085890428 100644 --- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md +++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md @@ -1595,7 +1595,7 @@ You can disconnect from the Microsoft Antimalware Protection Service. >1. Ensure Windows and Windows Defender are fully up to date. >2. Search the Start menu for "Tamper Protection" by clicking on the search icon next to the Windows Start button. Then scroll down to the Tamper Protection toggle and turn it **Off**. This will allow you to modify the Registry key and allow the Group Policy to make the setting. Alternatively, you can go to **Windows Security Settings -> Virus & threat protection, click on Manage Settings** link and then scroll down to the Tamper Protection toggle to set it to **Off**. -- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Join Microsoft MAPS** and then select **Disabled** from the drop-down box named **Join Microsoft MAPS** +- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **MAPS** > **Join Microsoft MAPS** and then select **Disabled** from the drop-down box named **Join Microsoft MAPS** -OR- @@ -1608,7 +1608,7 @@ You can disconnect from the Microsoft Antimalware Protection Service. You can stop sending file samples back to Microsoft. -- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Never Send**. +- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Never Send**. -or- @@ -1617,11 +1617,11 @@ You can stop sending file samples back to Microsoft. You can stop downloading **Definition Updates**: -- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**. +- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**. -and- -- **Disable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to **Nothing**. +- **Disable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to **Nothing**. -or- @@ -1645,7 +1645,7 @@ You can turn off **Enhanced Notifications** as follows: -or- -- **Enable** the Group Policy **Turn off enhanced notifications** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Reporting**. +- **Enable** the Group Policy **Turn off enhanced notifications** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Reporting**. -or- diff --git a/windows/privacy/manage-windows-1809-endpoints.md b/windows/privacy/manage-windows-1809-endpoints.md index 6367bb1968..789a9029a6 100644 --- a/windows/privacy/manage-windows-1809-endpoints.md +++ b/windows/privacy/manage-windows-1809-endpoints.md @@ -398,7 +398,7 @@ The following endpoint is used to retrieve Skype configuration values. To turn o ## Windows Defender The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. -If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender), the device will not use Cloud-based Protection. For a detailed list of Windows Defender Antivirus cloud service connections, see [Allow connections to the Windows Defender Antivirus cloud service](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud-service). +If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender), the device will not use Cloud-based Protection. For a detailed list of Microsoft Defender Antivirus cloud service connections, see [Allow connections to the Microsoft Defender Antivirus cloud service](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud-service). | Source process | Protocol | Destination | |----------------|----------|------------| diff --git a/windows/privacy/windows-diagnostic-data-1703.md b/windows/privacy/windows-diagnostic-data-1703.md index 73ccd75c12..ef7ec52739 100644 --- a/windows/privacy/windows-diagnostic-data-1703.md +++ b/windows/privacy/windows-diagnostic-data-1703.md @@ -74,7 +74,7 @@ This type of data includes details about the health of the device, operating sys | Category Name | Description and Examples | | - | - | |Device health and crash data | Information about the device and software health such as: