Merge pull request #829 from Microsoft/wdav-update-compl-pubprev

Updates for Update Compliance topics
2025-05-29 13:47:23 +00:00 · 2017-06-07 18:58:40 -07:00 · 2017-06-07 18:58:40 -07:00 · 8e9a6fceed
commit 8e9a6fceed
parent 38277a6285 18a8d124cf
4 changed files with 69 additions and 66 deletions
--- a/windows/deployment/update/images/uc-01-wdav.png
+++ b/windows/deployment/update/images/uc-01-wdav.png
--- a/windows/deployment/update/update-compliance-get-started.md
+++ b/windows/deployment/update/update-compliance-get-started.md
@ -1,6 +1,7 @@
 ---
 title: Get started with Update Compliance (Windows 10)
-description: Explains how to configure Update Compliance.
+description: Configure Update Compliance in OMS to see the status of updates and antimalware protection on devices in your network.
+keywords: update compliance, oms, operations management suite, prerequisites, requirements, updates, upgrades, antivirus, antimalware, signature, log analytics, wdav
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
@ -14,91 +15,90 @@ This topic explains the steps necessary to configure your environment for Window

 Steps are provided in sections that follow the recommended setup process:
 1.	Ensure that [prerequisites](#update-compliance-prerequisites) are met.
-2.	[Add Update Compliance](#add-update-compliance-to-microsoft-operations-management-suite) to Microsoft Operations Management Suite
-3.	[Deploy your Commercial ID](#deploy-your-commercial-id-to-your-windows-10-devices) to your organization’s devices
+2.	[Add Update Compliance](#add-update-compliance-to-microsoft-operations-management-suite) to Microsoft Operations Management Suite.
+3.	[Deploy your Commercial ID](#deploy-your-commercial-id-to-your-windows-10-devices) to your organization’s devices.

-## Update Compliance Prerequisites
+## Update Compliance prerequisites

 Update Compliance has the following requirements: 
 1. Update Compliance is currently only compatible with Windows 10 devices. The solution is intended to be used with desktop devices (Windows 10 workstations and laptops). 
 2. The solution requires that Windows 10 telemetry is enabled on all devices that are intended to be displayed in the solution. These devices must have at least the [basic level of telemetry](https://technet.microsoft.com/itpro/windows/manage/configure-windows-telemetry-in-your-organization#basic-level) enabled. To learn more about Windows telemetry, see [Configure Windows telemetry in your organization](/windows/configuration/configure-windows-telemetry-in-your-organization). 
-3. The telemetry of your organization’s Windows devices must be successfully transmitted to Microsoft. Microsoft has specified [endpoints for different aspects of telemetry](https://technet.microsoft.com/itpro/windows/manage/configure-windows-telemetry-in-your-organization#endpoints), which must be whitelisted by your organization so the data can be transmitted. The following table is taken from the article on telemetry endpoints and summarizes the use of each endpoint:
+3. The telemetry of your organization’s Windows devices must be successfully transmitted to Microsoft. Microsoft has specified [endpoints for each of the telemetry services](https://technet.microsoft.com/itpro/windows/manage/configure-windows-telemetry-in-your-organization#endpoints), which must be whitelisted by your organization so the data can be transmitted. The following table is taken from the article on telemetry endpoints and summarizes the use of each endpoint:

-  <TABLE BORDER=1>
-  <TR><TD BGCOLOR="#cceeff">Service<TD BGCOLOR="#cceeff">Endpoint
-  <TR><TD>Connected User Experience and Telemetry component<TD>v10.vortex-win.data.microsoft.com
-  <BR>settings-win.data.microsoft.com
-  <TR><TD>Windows Error Reporting	<TD>watson.telemetry.microsoft.com
-  <TR><TD>Online Crash Analysis	<TD>oca.telemetry.microsoft.com
-  </TABLE>
+Service | Endpoint
+--- | ---
+Connected User Experience and Telemetry component | v10.vortex-win.data.microsoft.com<BR>settings-win.data.microsoft.com
+Windows Error Reporting | watson.telemetry.microsoft.com
+Online Crash Analysis | oca.telemetry.microsoft.com

-4. To use Windows Defender Antivirus Assessment, devices must be protected by Windows Defender AV (and not a 3rd party AV program), and must have enabled [cloud-delivered protection](/windows/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus). See the [Windows Defender Antivirus in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) content library for more information on enabling, configuring, and validating Windows Defender AV.
+
+ 4. To use Windows Defender Antivirus Assessment, devices must be protected by Windows Defender AV (and not a 3rd party AV program), and must have enabled [cloud-delivered protection](/windows/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus). See the [Windows Defender Antivirus in Windows 10](/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) content library for more information on enabling, configuring, and validating Windows Defender AV.


 ## Add Update Compliance to Microsoft Operations Management Suite

-Update Compliance is offered as a solution in the Microsoft Operations Management Suite (OMS), a collection of cloud-based servicing for monitoring and automating your on-premises and cloud environments. For more information about OMS, see [Operations Management Suite overview](https://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/).
+Update Compliance is offered as a solution in the Microsoft Operations Management Suite (OMS), a collection of cloud-based servicing for monitoring and automating your on-premise and cloud environments. For more information about OMS, see [Operations Management Suite overview](https://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/). 

 If you are already using OMS, you’ll find Update Compliance in the Solutions Gallery. Select the **Update Compliance** tile in the gallery and then click **Add** on the solution's details page. Update Compliance is now visible in your workspace.

 If you are not yet using OMS, use the following steps to subscribe to OMS Update Compliance:

-1.	Go to [Operations Management Suite’s page](https://www.microsoft.com/en-us/cloud-platform/operations-management-suite) on Microsoft.com and click **Sign in**.
+1.	Go to [Operations Management Suite](https://www.microsoft.com/en-us/cloud-platform/operations-management-suite) on Microsoft.com and click **Sign in**.
+
+
+   [![](images/uc-02a.png)](images/uc-02.png)

-    <P><TABLE BORDER=1><TR><TD>
-    <A HREF="images/uc-02.png"><img src="images/uc-02a.png"></A>
-    <TABLE>

 2.	Sign in to Operations Management Suite (OMS). You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory (Azure AD), use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS.

-    <P><TABLE BORDER=1><TR><TD>
-    <A HREF="images/uc-03.png"><img src="images/uc-03a.png"></A>
-    <TABLE>
+
+   [![](images/uc-03a.png)](images/uc-03.png)
+

 3.	Create a new OMS workspace. 

-    <P><TABLE BORDER=1><TR><TD>
-    <A HREF="images/uc-04.png"><img src="images/uc-04a.png"></A>
-    <TABLE>
+
+   [![](images/uc-04a.png)](images/uc-04.png)
 
 4.	Enter a name for the workspace, select the workspace region, and provide the email address that you want associated with this workspace. Click **Create**.

-    <P><TABLE BORDER=1><TR><TD>
-    <A HREF="images/uc-05.png"><img src="images/uc-05a.png"></A>
-    <TABLE>
+
+   [![](images/uc-05a.png)](images/uc-05.png)
+

 5.	If your organization already has an Azure subscription, you can link it to your workspace. Note that you may need to request access from your organization’s Azure administrator. If your organization does not have an Azure subscription, create a new one or select the default OMS Azure subscription from the list. If you do not yet have an Azure subscription, follow [this guide](https://blogs.technet.microsoft.com/upgradeanalytics/2016/11/08/linking-operations-management-suite-workspaces-to-microsoft-azure/) to create and link an Azure subscription to an OMS workspace.

-    <P><TABLE BORDER=1><TR><TD>
-    <A HREF="images/uc-06.png"><img src="images/uc-06a.png"></A>
-    <TABLE>
+
+   [![](images/uc-06a.png)](images/uc-06.png)
+

 6.	To add the Update Compliance solution to your workspace, go to the Solutions Gallery.

-    <P><TABLE BORDER=1><TR><TD>
-    <A HREF="images/uc-07.png"><img src="images/uc-07a.png"></A>
-    <TABLE>

-7.	Select the **Update Compliance** tile in the gallery and then select **Add** on the solution’s details page. You might need to scroll to find **Update Compliance**. The solution is now visible on your workspace.
+   [![](images/uc-07a.png)](images/uc-07.png)
+
+
+7.	Select the **Update Compliance** tile in the gallery and then select **Add** on the solution’s details page. You might need to scroll to find **Update Compliance**. The solution is now visible in your workspace. 
+
+ 
+   [![](images/uc-08a.png)](images/uc-08.png)

-    <P><TABLE BORDER=1><TR><TD>
-    <A HREF="images/uc-08.png"><img src="images/uc-08a.png"></A>
-    <TABLE>

 8.	Click the **Update Compliance** tile to configure the solution. The **Settings Dashboard** opens.

-    <P><TABLE BORDER=1><TR><TD>
-    <A HREF="images/uc-09.png"><img src="images/uc-09a.png"></A>
-    <TABLE>
+
+   [![](images/uc-09a.png)](images/uc-09.png)
+

 9.	Click **Subscribe** to subscribe to OMS Update Compliance. You will then need to distribute your Commercial ID across all your organization’s devices. More information on the Commercial ID is provided below.

-    <P><TABLE BORDER=1><TR><TD>
-    <A HREF="images/uc-10.png"><img src="images/uc-10a.png"></A>
-    <TABLE>
+
+   [![](images/uc-10a.png)](images/uc-10.png)
+

 After you are subscribed to OMS Update Compliance and your devices have a Commercial ID, you will begin receiving data. It will typically take 24 hours for the first data to begin appearing. The following section explains how to deploy your Commercial ID to your Windows 10 devices.

+>[!NOTE]
 >You can unsubscribe from the Update Compliance solution if you no longer want to monitor your organization’s devices. User device data will continue to be shared with Microsoft while the opt-in keys are set on user devices and the proxy allows traffic.

 ## Deploy your Commercial ID to your Windows 10 devices
--- a/windows/deployment/update/update-compliance-monitor.md
+++ b/windows/deployment/update/update-compliance-monitor.md
@ -1,6 +1,7 @@
 ---
-title: Monitor Windows Updates with Update Compliance (Windows 10)
-description: Introduction to Update Compliance.
+title: Monitor Windows Updates and Windows Defender AV with Update Compliance (Windows 10)
+description: You can use Update Compliance in OMS to monitor the progress of updates and key antimalware protection features on devices in your network.
+keywords: oms, operations management suite, wdav, updates, upgrades, antivirus, antimalware, signature, log analytics
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
@ -8,26 +9,26 @@ ms.pagetype: deploy
 author: greg-lindsay
 ---

-# Monitor Windows Updates with Update Compliance
+# Monitor Windows Updates and Windows Defender Antivirus with Update Compliance

 ## Introduction

-With Windows 10, organizations need to change the way they approach monitoring and deploying updates. Update Compliance is a powerful set of tools that enable organizations to monitor and track all important aspects of Microsoft’s new servicing strategy: [Windows as a Service](waas-overview.md).
+With Windows 10, organizations need to change the way they approach monitoring and deploying updates. Update Compliance is a powerful set of tools that enable organizations to monitor and track all important aspects of the new servicing strategy from Microsoft: [Windows as a Service](waas-overview.md).

 Update Compliance is a solution built within Operations Management Suite (OMS), a cloud-based monitoring and automation service which has a flexible servicing subscription based off data usage/retention. For more information about OMS, see [Operations Management Suite overview](http://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/).

-Update Compliance uses the Windows telemetry that is part of all Windows 10 devices. It collects system data including update installation progress, Windows Update for Business (WUfB) configuration data, and other update-specific information, and then sends this data privately to a secure cloud to be stored for analysis and usage within the solution. 
+Update Compliance uses the Windows telemetry that is part of all Windows 10 devices. It collects system data including update installation progress, Windows Update for Business (WUfB) configuration data, Windows Defender Antivirus data, and other update-specific information, and then sends this data privately to a secure cloud to be stored for analysis and usage within the solution. 

 Update Compliance provides the following:

- An overview of your organization’s devices that just works.
- Dedicated drill-downs for devices that might need attention.
- An inventory of devices, including the version of Windows they are running and their update status.
- An overview of WUfB deferral configurations (Windows 10 Anniversary Update [1607] and later).
- Powerful built-in [log analytics](https://www.microsoft.com/en-us/cloud-platform/insight-and-analytics?WT.srch=1&WT.mc_id=AID529558_SEM_%5B_uniqid%5D&utm_source=Bing&utm_medium=CPC&utm_term=log%20analytics&utm_campaign=Hybrid_Cloud_Management) to create useful custom queries.
- Cloud-connected access utilizing Windows 10 telemetry means no need for new complex, customized infrastructure.
+- Dedicated drill-downs for devices that might need attention
+- An inventory of devices, including the version of Windows they are running and their update status
+- The ability to track protection and threat status for Windows Defender Antivirus-enabled devices
+- An overview of WUfB deferral configurations (Windows 10 Anniversary Update [1607] and later)
+- Powerful built-in [log analytics](https://www.microsoft.com/en-us/cloud-platform/insight-and-analytics?WT.srch=1&WT.mc_id=AID529558_SEM_%5B_uniqid%5D&utm_source=Bing&utm_medium=CPC&utm_term=log%20analytics&utm_campaign=Hybrid_Cloud_Management) to create useful custom queries
+- Cloud-connected access utilizing Windows 10 telemetry means no need for new complex, customized infrastructure

-See the following topics in this guide for detailed information about configuring and use the Update Compliance solution:
+See the following topics in this guide for detailed information about configuring and using the Update Compliance solution:

 - [Get started with Update Compliance](update-compliance-get-started.md): How to add Update Compliance to your environment.
 - [Using Update Compliance](update-compliance-using.md): How to begin using Update Compliance.
@ -36,19 +37,20 @@ An overview of the processes used by the Update Compliance solution is provided

 ## Update Compliance architecture
 
-The Update Compliance architecture and data flow is summarized by the following five step process:
+The Update Compliance architecture and data flow is summarized by the following five-step process:

 **(1)** User computers send telemetry data to a secure Microsoft data center using the Microsoft Data Management Service.<BR>
 **(2)** Telemetry data is analyzed by the Update Compliance Data Service.<BR>
 **(3)** Telemetry data is pushed from the Update Compliance Data Service to your OMS workspace.<BR>
 **(4)** Telemetry data is available in the Update Compliance solution.<BR>
-**(5)** You are able to monitor and troubleshoot Windows updates on your network.<BR>
+**(5)** You are able to monitor and troubleshoot Windows updates and Windows Defender AV in your environment.<BR>

 These steps are illustrated in following diagram:

-![Update Compliance architecture](images/uc-01.png)
+![Update Compliance architecture](images/uc-01-wdav.png)

->This process assumes that Windows telemetry is enabled and devices are assigned your Commercial ID.
+>[!NOTE]
+>This process assumes that Windows telemetry is enabled and you [have assigned your Commercial ID to devices](update-compliance-get-started#deploy-your-commercial-id-to-your-windows-10-devices.



--- a/windows/deployment/update/update-compliance-using.md
+++ b/windows/deployment/update/update-compliance-using.md
@ -19,6 +19,7 @@ Update Compliance:
 - Provides a workflow that can be used to quickly identify which devices require attention. 
 - Enables you to track deployment compliance targets for updates.

+>[!NOTE]
 >Information is refreshed daily so that update progress can be monitored. Changes will be displayed about 24 hours after their occurrence, so you always have a recent snapshot of your devices.

 In OMS, the aspects of a solution's dashboard are usually divided into <I>blades</I>. Blades are a slice of information, typically with a summarization tile and an enumeration of the items that makes up that data. All data is presented through <I>queries</I>. <I>Perspectives</I> are also possible, wherein a given query has a unique view designed to display custom data. The terminology of blades, tiles, and perspectives will be used in the sections that follow.