From 8925ff8a0c42b0db48fdc17a965a6a6331421cdb Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Wed, 11 Sep 2024 14:28:25 -0600 Subject: [PATCH] Update wording in App Control for Business deployment guide --- windows/client-management/mdm/applicationcontrol-csp.md | 2 +- ...duction-to-virtualization-based-security-and-appcontrol.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md index 5f26f04b42..7d20bc1c4c 100644 --- a/windows/client-management/mdm/applicationcontrol-csp.md +++ b/windows/client-management/mdm/applicationcontrol-csp.md @@ -11,7 +11,7 @@ ms.date: 01/31/2024 -App Control for Business policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies.md) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot. +App Control for Business policies can be managed from an MDM server, or locally by using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](/windows/security/application-security/application-control/app-control-for-business/design/deploy-multiple-appcontrol-policies) (introduced in Windows 10, version 1903). It also provides support for policy deployment (introduced in Windows 10, version 1709) without reboot. Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently doesn't schedule a reboot. Existing App Control for Business policies deployed using the AppLocker CSP's CodeIntegrity node can now be deployed using the ApplicationControl CSP URI. Although App Control policy deployment using the AppLocker CSP will continue to be supported, all new feature work will be done in the ApplicationControl CSP only. diff --git a/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md b/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md index 86be3d519b..ce8d6225a0 100644 --- a/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md +++ b/windows/security/application-security/application-control/introduction-to-virtualization-based-security-and-appcontrol.md @@ -1,5 +1,5 @@ --- -title: App Control for Businessand virtualization-based code integrity +title: App Control for Business and virtualization-based code integrity description: Hardware and software system integrity-hardening capabilities that can be deployed separately or in combination with App Control for Business. ms.localizationpriority: medium author: vinaypamnani-msft @@ -15,7 +15,7 @@ appliesto: - ✅ Windows Server 2016 --- -# App Control for Businessand virtualization-based protection of code integrity +# App Control and virtualization-based protection of code integrity Windows includes a set of hardware and OS technologies that, when configured together, allow enterprises to "lock down" Windows systems so they behave more like kiosk devices. In this configuration, [**App Control for Business**](app-control-for-business/appcontrol.md) is used to restrict devices to run only approved apps, while the OS is hardened against kernel memory attacks using [**memory integrity**](../../hardware-security/enable-virtualization-based-protection-of-code-integrity.md).