deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 02:13:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'refs/remotes/origin/master' into vs-8094158

Browse Source
This commit is contained in:
LizRoss
2016-07-22 08:00:53 -07:00
parent 555df31f64 3ebc81de1f
commit 90044f1ea4
5 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
windows/keep-secure/assign-portal-access-windows-defender-advanced-threat-protection.md
View File

@ -16,7 +16,7 @@ author: mjcaparas
- Windows 10 Insider Preview Build 14332 or later
- Azure Active Directory
- Office 365
<!--Office 365-->
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
<span style="color:#ED1C24;">[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
@ -34,6 +34,13 @@ Users with read only access can log in, view all alerts, and related information
They will not be able to change alert states, submit files for deep analysis or perform any state changing operations.
Assigning read only access rights requires adding the users to the “Security Reader” AAD built-in role.
<!--
Your administrator can assign roles using the Office 365 portal, or in the Azure classic portal, or by using the AAD module for Windows PowerShell.
For more information, see [Assigning admin roles in Office 365](https://support.office.com/en-us/article/Assigning-admin-roles-in-Office-365-eac4d046-1afd-4f1a-85fc-8219c79e1504?ui=en-US&rs=en-US&ad=US) and [Assigning administrator roles in Azure Active Directory](https://azure.microsoft.com/en-us/documentation/articles/active-directory-assign-admin-roles/).
For more information, see [Assigning admin roles in Office 365](https://support.office.com/en-us/article/Assigning-admin-roles-in-Office-365-eac4d046-1afd-4f1a-85fc-8219c79e1504?ui=en-US&rs=en-US&ad=US) and [Assigning administrator roles in Azure Active Directory](https://azure.microsoft.com/en-us/documentation/articles/active-directory-assign-admin-roles/).-->
Use the following cmdlets to perform the security role assignment:
- Full access:<br>```Add-MsolRoleMember -RoleName "Security Reader" -RoleMemberEmailAddress “reader@Contoso.onmicrosoft.com”```
- Read only access:<br>```Add-MsolRoleMember -RoleName "Security Administrator" -RoleMemberEmailAddress "secadmin@Contoso.onmicrosoft.com"```
For more information see, [Manage Azure AD group and role membership](https://technet.microsoft.com/en-us/library/321d532e-407d-4e29-a00a-8afbe23008dd#BKMK_ManageGroups).

6
windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md
View File

@ -45,7 +45,7 @@ See the [View and organize the Windows Defender Advanced Threat Protection Alert
The **Latest ATP alerts** section includes the latest active alerts in your network. Each row includes an alert severity category and a short description of the alert. Click an alert to see its detailed view, or **Alerts queue** at the top of the list to go directly to the Alerts queue. See the [Investigate Windows Defender Advanced Threat Protection alerts](investigate-alerts-windows-defender-advanced-threat-protection.md) and [View and organize the Windows Defender Advanced Threat Protection Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md) topics for more information.
## Machines at risk
This tile shows you a list of machines with the highest number of active alerts. The total number of alerts for each machine is shown in a circle next to the machine name, and then further categorized by severity levels at the far end of the tile (hover over each severity bar to its label).
This tile shows you a list of machines with the highest number of active alerts. The total number of alerts for each machine is shown in a circle next to the machine name, and then further categorized by severity levels at the far end of the tile (hover over each severity bar to see its label).
![The Machines at risk tile shows a list of machines with the highest number of alerts, and a breakdown of the severity of the alerts](images/machines-at-risk.png)
@ -54,7 +54,7 @@ Click the name of the machine to see details about that machine. See the [Invest
You can also click **Machines view** at the top of the tile to go directly to the **Machines view**, sorted by the number of active alerts. See the [Investigate machines in the Windows Defender Advanced Threat Protection Machines view](investigate-machines-windows-defender-advanced-threat-protection.md) topic for more information.
## Status
The **Status** tile informs you if the service is active and running and the specific number of machines (endpoints) reporting to Windows Defender ATP.
The **Status** tile informs you if the service is active and running and the unique number of machines (endpoints) reporting over the past 30 days.
![The Status tile shows an overall indicator of the service and the total number of machines reporting to the service](images/status-tile.png)
@ -66,7 +66,7 @@ The **Machines reporting** tile shows a bar graph that represents the number of
## Machines with active malware detections
The **Machines with active malware detections** tile will only appear if your endpoints are using Windows Defender.
Active malware is defined as threats that are actively executing at the time of detection.
Active malware is defined as threats that were actively executing at the time of detection.
Hover over each bar to see the number of active malware detections (as **Malware detections**) and the number of endpoints with at least one active detection (as **Machines**) over the past 30 days.

BIN
windows/keep-secure/images/timeline.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 39 KiB

After

Width:  |  Height:  |  Size: 39 KiB

1
windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
View File

@ -106,7 +106,6 @@ Use the search bar to look for specific alerts or files associated with the mach
You can also filter by:
- Signed or unsigned files
- Detections mode: displays Windows ATP Alerts and detections
- Behaviors mode: displays "detections" and selected events of interest
- Verbose mode: displays "behaviors" (including "detections"), and all reported events

7
windows/keep-secure/vpn-profile-options.md
View File

@ -51,6 +51,13 @@ A VPN profile configured with LockDown secures the device to only allow network
- Only one VPN LockDown profile is allowed on a device.
> **Note:**  For inbox VPN, Lockdown VPN is only available for the Internet Key Exchange version 2 (IKEv2) tunnel type.
 
## Learn about VPN and the Conditional Access Framework in Azure Active Directory
- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 1)](https://blogs.technet.microsoft.com/tip_of_the_day/2016/03/12/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn/)
- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 2)](https://blogs.technet.microsoft.com/tip_of_the_day/2016/03/14/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn-part-2/)
- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 3)](https://blogs.technet.microsoft.com/tip_of_the_day/2016/03/15/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn-part-3/)
- [Tip of the Day: The Conditional Access Framework and Device Compliance for VPN (Part 4)](https://blogs.technet.microsoft.com/tip_of_the_day/2016/03/16/tip-of-the-day-the-conditional-access-framework-and-device-compliance-for-vpn-part-4/)
## Learn more
[VPNv2 configuration service provider (CSP) reference](http://go.microsoft.com/fwlink/p/?LinkId=617588)