From b9d2c85da0d3f33c4f61deb94d1febce9248f268 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Fri, 16 Oct 2020 16:15:21 -0700
Subject: [PATCH] flow

---
 .../deployment-phases.md                      |   2 +-
 .../deployment-strategy.md                    |  62 +++++++++---------
 .../images/onboarding-flow-diagram.png        | Bin 0 -> 11048 bytes
 .../microsoft-defender-atp/onboarding.md      |  15 +++++
 4 files changed, 47 insertions(+), 32 deletions(-)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/onboarding-flow-diagram.png

diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
index de3035470d..d7a6abadf1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
@@ -33,7 +33,7 @@ There are three phases in deploying Microsoft Defender ATP:
 |:-------|:-----|
 | ![Phase 1: Prepare](images/prepare.png)<br>[Phase 1: Prepare](prepare-deployment.md)| Learn about what you need to consider when deploying Microsoft Defender ATP: <br><br>- Stakeholders and sign-off <br> - Environment considerations <br>- Access <br> - Adoption order
 |  ![Phase 2: Setup](images/setup.png) <br>[Phase 2: Setup](production-deployment.md)|  Take the initial steps to access Microsoft Defender Security Center. You'll be guided on:<br><br>- Validating the licensing <br>  - Completing the setup wizard within the portal<br>- Network configuration|
-|  ![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them. You'll be guided on:<br><br>- Using Microsoft Endpoint Configuration Manager to onboard devices<br>- Configure capabilities 
+|  ![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them. 
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
index 918cc78035..e58ed6fb0a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
@@ -1,5 +1,5 @@
 ---
-title: Plan your Microsoft Defender ATP deployment strategy
+title: Plan your Microsoft Defender ATP deployment 
 description: Select the best Microsoft Defender ATP deployment strategy for your environment
 keywords: deploy, plan, deployment strategy, cloud native, management, on prem, evaluation, onboarding, local, group policy, gp, endpoint manager, mem
 search.product: eADQiWindows 10XVcnh
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Plan your Microsoft Defender ATP deployment strategy
+# Plan your Microsoft Defender ATP deployment 
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
@@ -27,51 +27,51 @@ ms.topic: article
 
 Depending on the requirements of your environment, we've put together material to help guide you through the various options you can adopt to deploy Microsoft Defender ATP. 
 
+This article provides an overview on the general steps you need to take to deploy Microsoft Defender ATP:
 
-You can deploy Microsoft Defender ATP using various management tools. In general the following management tools are supported:
+![Image of deployment flow](images/onboarding-flow-diagram.png)
 
-- Group policy
-- Microsoft Endpoint Configuration Manager
-- Mobile Device Management tools
-- Local script
 
-| Endpoint     | Deployment methods                       |
-|--------------|------------------------------------------|
-| **Windows**  |  Local script (up to 10 devices) <br>  Group Policy <br>  Microsoft Endpoint Manager <br>  Mobile Device Manager <br>   Microsoft Endpoint Configuration Manager <br>  Microsoft Endpoint Configuration Manager <br> VDI scripts   |
-| **macOS**    | Local scripts <br> Mobile Device Manager/Microsoft Intune <br> JAMF Pro <br>  |
-| **Linux Server** | Local script <br> Puppet <br> Ansible|
-| **iOS**      | App-based                                |
-| **Android**  | Microsoft Endpoint Manager               |
 
-## Microsoft Defender ATP deployment strategy
 
-Depending on your environment, some tools are better suited for certain architectures.
+## Step 1: Identify architecture
+We understand that every enterprise environment is unique, so we've provided several options to give you the flexibility in choosing how to deploy the service.
 
+Depending on your environment, some tools are better suited for certain architectures. 
+
+Use the following material to select the appropriate Microsoft Defender ATP architecture that best suites your organization.
 
 |**Item**|**Description**|
 |:-----|:-----|
 |[![Thumb image for Microsoft Defender ATP deployment strategy](images/mdatp-deployment-strategy.png)](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)<br/> [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)  \| [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx) | The architectural material helps you plan your deployment for the following architectures: <ul><li> Cloud-native </li><li> Co-management </li><li> On-premise</li><li>Evaluation and local onboarding</li>
 
 
-## Phased deployment approach
-Regardless of the deployment strategy you decide to implement, deploying Microsoft Defender ATP can be done in a phased approach. 
 
-Enterprises can deploy the service on a pilot collection, and then incrementally roll the service out to a larger set of devices.
-
-Adopting a phased approach helps reduce potential issues or conflicts that could arise while rolling the service out.
-
-|**Pilot and deployment phases**|**Description**|
-|:-----|:-----|
-Pilot and deployment planning | Phase 1: Identify 50 systems for pilot testing - Focus on the security team, IT team and maybe Helpdesk
-Full scale pilot | Phase 2: 100  systems <br> 	Phase 3: 150 systems <br> Phase 4: 500 systems <br> Phase 5: 1000 systems <br><br> Review and assess if there required tweaks to deployment. 
-Full deployment | Roll out service to the rest of environment in larger increments.
+## Step 2: Select deployment method
+Microsoft Defender ATP supports a variety of endpoints that you can onboard to the service. 
+Depending on the endpoint or your preferred deployment tool, select the method that best fits your requirements.
 
 
-### Troubleshoot deployment issues
-You might need to troubleshoot the Microsoft Defender ATP onboarding process if you encounter issues. The following links provide detailed steps to troublshoot potential issues.
+The following table lists the supported endpoints and the corresponding deployment tool that you can use so that you can plan the deployment appropriately.
+
+| Endpoint     | Deployment methods                       |
+|--------------|------------------------------------------|
+| **Windows**  |  Local script (up to 10 devices) <br>  Group Policy <br>  Microsoft Endpoint Manager <br>  Mobile Device Manager <br>   Microsoft Endpoint Configuration Manager <br> VDI scripts   |
+| **macOS**    | Local scripts <br> Mobile Device Manager/Microsoft Intune <br> JAMF Pro <br>  |
+| **Linux Server** | Local script <br> Puppet <br> Ansible|
+| **iOS**      | App-based                                |
+| **Android**  | Microsoft Endpoint Manager               |
+
+
+## Step 3: Configure capabilities
+After onboarding endpoints, configure the security capabilities in Microsoft Defender ATP so that you can maximize the robust security protection available in the suite.
+
+You'll be guided in configuring capabilities such as:
+
+- Endpoint detection and response
+- Next-generation protection
+- Attack surface reduction
 
-- [Troubleshoot Microsoft Defender ATP onboarding issues](troubleshoot-onboarding.md)
-- [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages.md)
 
 
   
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onboarding-flow-diagram.png b/windows/security/threat-protection/microsoft-defender-atp/images/onboarding-flow-diagram.png
new file mode 100644
index 0000000000000000000000000000000000000000..73e6c05da605a8841cb777f7227f9246ebe2ac1a
GIT binary patch
literal 11048
zcmds-bzIa<^zT;@5F`ZzBp+HtS~^5&1YAP8OFE=eq+430bP++iJEfGA&LyQ|myU(y
z&OXoY{(Jwr_n*73RoB_?e!pkV%$)N+pP8svY6^t-5Ah)o2%(aqtOf*vMGrp1?&5&I
zhi7R@z(05{ih6G$kO!=oKev=LSdgF**Ih|f4)-rU3Axzg-$@^GAP`1~lB|rDcjg}4
z`4x?AHUpAJsM9pT*5{*92zI57^^^dW=t5BXEojEz?n1D(S4QFQ!`_ChLKfW4re@yy
zq{6>)EE|I@cO#pXwEJ$`Xofl8TP~U{YP|EQe*yi-fcI@((2AUQPpnNa&YZX8w4H7z
z?{pUBLOwi6U!(3%P=K^{DgWr0x^z-wPGBH>I4Anxz?DMw-<O^i9t6>fa%%0D`S<^<
z+lOoY)9HxkB&6U4-LhEvuU)UVJtPwIs*DfD#e79-MTbSqgn9Le;n4s4+Y}E1iGQ!*
z*rD?N@As2@NJh*xu;Tx3Zp3+H1Yu(0e2GG9>Y{Gu%GyHPf)Eo|6ycGP(exOX@P8}p
zxnXBwQpRo4|JPGc;DulBx@&r;1Cko%f(>#cJ62{_W7iZgUQ2P_wX4CE{@f5@!sQ<w
zx5xet|LXVDHWFU9eVVfIw?@34J`kb>c{+hQ=rxgiU#A|#_kxw}U%wMe9Vm{eJ6{n=
zH@GtNO_CLGez|?#WKyz>2=tKNlL!)gOFZ?H_{)l3ke$^IUZ9{K@jWjgf!9v|4v7B}
zS%ToT!@g$c)C=LM5p)f+?V2dc%s;!Za3w<8pd$!<^u79!1zgLClRz)|Gmb{Mx=lSt
zDy}nv*kEWQgjlNm^i&A4v^kP1;<^&LCb181iZG~ivJGlGnKURUEv?NYmRkkS;3}2u
zx$KEw_KPxBm-A_kDam3FM+6k^x(wiwT4^IE*=oH86SNKd&qV_-e<P}N!DMOC6lFD$
zF<VLuU*zJX9)5fFdn^-?9C;TKh>TG<A7kKJ_FL`${yw2QB4<@RHwM%4k9UlbOjP7A
zS{!;??;GY-r`I#b{c{O!t?Epi0n+E)%*W^xPA!U$mv6`xsg1gF9ar<q+K;}h*6oN-
zUmA9w^`uk#laMApqFpr``I)8a;K16-Vbg!vQ?>uPY?5x^qBW|Z+`-w|{yM#6y3Uz_
zMJd|X@nBhPeC3^hO2R?bh+L<3--%2_`AI{x0*=Q@uEL~q8m*Z7-PF`(E>hA|&Pn8h
z>upaKXB2u6_7g0n^4i+)yu7^XTFJmGk$48_((Ap8Rhuynlk)>a^;BR@V;mx`A36u0
zn~u9D23gXu!9q{yI6%vuaB(dGPp9>#?LX51V?#tB!PR&$cje)8xwfZpPWj}-XHJ@w
zLYlNZaw!)E`^kHL{(EmTc$ERYUsd1C?IE<pgWmM{f;`^R<l^Eob##2Py2b_@J-!Sw
zYF~K)CnP*c-MAqxy{(H4xteosj#bGzoqrI|A8#SS^-D+iv5b2i6Vq%Au)Khsjp-bD
z{pkYxRowgdiwhqdI$6u8!k(*;eUkw{tt%>T-4DY~uW#GbF~MH);!EMQUSJz;J190d
z!oFAp1V}!%Vr7Djwzqe__xG&2FVaLoYNhOeyafq5P>4vzVIUBTjN~vPka*en$oX$g
zMr!;1>owcAZ^<$;GAmQ~hn0~XUqXsaTjXRbMC#{R9>a?t?CX}j5vE6cR_mWB>FZx#
zXLFjbzqK?|EFD2a*Y`H6V4Um86EhndTz0k0KgMLY<Pj#)G}FKT=PvS8-XF_RvfXiu
zpNS>VsKvmf?ok)dA~z=Pg{G$A+ha7sPDmy-y??&9J;j$YzZw1#l4J%R9>t5~HCrBH
ztMwf4s_Hu(xM%pXT%x$F%px$59;}rK<2g8dO)j&NO&fWOck|0%UFSsYoGTRB4>IWQ
zB`RVvd^4dU-As64HMLQ57#wbNbve~$-I-9i0)|*uSC`j6K?aw#(>G=m3N=GBP)LIX
z-(e?QWN7A9G<tG=uo_C~EF%cX$jE>i7-V#gLPdFf4}oJaw&j_6Uhvg=<#-rC$tj3E
zjVBjS4z@Hr&B)?2l>k-N&#mX?#(lcGRNmiAYcjM;%bT>f#JrJ=v_uN?FJDx6ljb`#
z`kirSO9d2SgTdgSo-|0oo12@1#(bEZnE2Y*C}xAYL3b58QJmlxY#+tTP*4=j-rNjM
zne^Q3u5fN|nJy*%#I2)WZ@P=;>RB}EadqwrS(3{nXgObr5%E8F*$(ygjO9@FH4>Pb
zoJ3x1<X}NUh?JvF9_&q=o_dZSSX9lpJ@l3>`%v1`qTtut&Kw12=XCNn59ny+nJXdA
zM){xNrR_WG&4$BElxcWYQWU|Y+TIz=K{Yis=^7e#Wr=%nAs!1YePF>uom$y=n_98*
zD0Ro5JRoK5)R&5)X^S%zcJ-PFMZ>*J>Y4{Hdx+5e#M0HxgiQviwX3}etKF0)T_px}
zN#9rHGLwE37k8z%9<%Q5@2{Y*QMPNYyVHElm)k|3o=~N-K%K$5e5UG_@$uvV^kTXA
zwbGUKqn3TV*Vb>QcN_@82p>;OO|8ZWFDQPB4+(noDLNXTR@9B9#BtBF$&)?fSM24b
zZ>EUrZHh<SPQ`VRefM&_Sw1*{k+$$EI%I5|_!w|_&_m<=4gTxf&$`yu_|#MiO<R+o
zYY)f0&=A})KQX(yIZYwPDDx=a{@vsRGIq5urKQ|D-OMlvFc9xHtv$M4hpk%(Y3b~R
zwA4PtHJ(qXQJ9;a_kEv$K+`iU&J5^NbDrHQn`HQzp3oZl0{1j`-{onol;3;tow?}+
zpXiIVyZZ{$@IpgfJSnLw<O_*_%kfbW2q(R`xVZQ6ulYFA3g2VnO{}!FHLEd{+SJxq
ze${8`wfNMf)!YQBpJVyzuE(1rh7<`L$~zTU-Y0968sGhn?)@11z=uPRr?p?!9wdQc
z+jii2KH$K(f8H|UvPn$w2K&{m=AgH9(&(TwSLw=Rkr($K8jHRYFp+*gRyKz&w|~0r
zw7NCL0%;d7&D9Mk4=WkI=iF%0M^x1jAw?KM-1lv7Z?71aUQ2%fhk=O@g2RwP8RStr
zq9rB;QDeYLxTDr)J$6kI6uN~KJegec#<sA#<^s3gZSb;~@A;b463UsObE?h%{6fZv
zv@Phmm8Q*`aqk-HYL1kV?GEq2rNF`=pXmi5EKJ(H$T#mhe$7*DC_-Bcax-v&-TYx)
zFgX=<_7yQ;|3>Py#W@;GF)8?T$34_pg#m>v<w1fpT4YPP0}?{a#7O`nY79ULWlJcb
zzh!seLT$~#`oZM(n{wpcBI4R?Y42CTSlXzAweWPn2Jx_cWQ_jhWb&3O9tT}<>^-qb
z`hf7Z>m_a}<Lm3Hi7^k9w6Pb&#P6DSLF&4@`c$F2thJS1TU+~MPL2&QU#>&BrF$u4
z;PM3SNPtH8%`U2Ynv7%@YtPR|TuYmbFC1O#Nw)e5p1?vucsV~FQ?F^GdHAq?@)Zt}
z=H)Yx#~IKsdsKanE-cL8W6Qnb>MpBw_)gr9z4J?MEjk3U=Azn!ZXN}a>&uNJ3E^nU
zsoHY)AR2}er<LKG2CPvTbjn&mZS8}>!9fD4$bvVzKkBIbKTs#sW-qbV1v!hAP-CLn
zJu?t&06alTSItZVEO3LU&+i`f(>y}K0?~Ks-S&tA&jsFU8hqyS*&`}7Yzon`=+V~h
zzB<G~^CL+oh4}@_v!WB~BQx|=FDFY3Y)gz)WmA-1Z<mCHVHcN{u7A;zO>rcUAh;@H
z;8{MfS+|MS(59$jC|#Ys%Kt%@k3>i8)ISLPz`r!&cQr$Hm2h)}=b7_yF<dz&HRimR
zA&Az4G9r?Lp?KV&&UvwCbTlc?o|%+_9*3UqJKB{n#@@izk>;w`&(H3v%z1Z7q3TS7
zU9kN04KARv(FI`&>Bp1@d3mfj46-R+uXjqo$^jqcVuKZ8Z%{=w)phV`-^%=+o0AI<
z2{hMrcWbH5Qq(;PVQ`U_1C>8XDlrbdn0<m&r_-UU)1&J{&&zxEC4rw8k{>JwTH=B)
z<}~TGuI%jXUH|?f)wH$J>j6=%$`J6?U(g8E(Xrty;p(5Bot-;LiaZSIJo1>NcS49J
zOyF+mgg+)eU4R(+)zdv~;YrN_R?au2H})^I2B7}T&&P(~HgFS=u1$@O-rrwn$>68k
zdBT6F?e`RoZqZTA&$}{P`kEY-kL~AUUTNkQU1wR#MG&1oYEg?ysrR0m{9d<D0Oe0j
zO?~s`O{8Cdqa)$moL^hVi@Y#Q^k3e-K0i%2?(^dNbq93tledP;7rUU@Ir<81&@bn)
z6=j~5^8CFY-Ulm2*+g_=p;IP7MkrLWx>U#dx;4GZF&9$Ab60nMCs8pp7*`IYLM>w|
z?@htL<@W5OH`6cZJ$Q5wqDWKWqC?Bm6(c>psPEs|jGI*yt*lsy7^G-Vy#6UDDEQ??
zTF|cdqi(_fNOjUcmh}s7=__nl?RR|K!cz--_UnCR=PZ#-G3af=GTL_M2dUL{(t&>=
zcJ_s%3)#`hsWE3D0J?7e`AVA-9m&B5lBX(zKQj2#{p3Ghmd#d?y^WPXg{YofjgVG%
z4jccBg*u2M<H>J9)ZP51M0S)!*p@v<vzt5>P9{wyGH$l@@}dMB9(^gExV>%Xzhkh-
zpNfDtc~z8`e|Y_=wyy5rDCb6^#PP>*#RAN5WxPKu3{0fS<g%sYnkUUSBaLg0H+lW>
zeb-xFJR-=Iz^feuZD$ZFBjJfN$_n*QX5e7jY3q-3<ccb!yrCfq0FR}_qO4I~VNp?T
zqbI3ehi^<lGar%{sb(*^FFF5nG~h^cwRKFtEkB>`r~L`;ftr0w9>qWcgXp`~(^Wq(
zy%V~-<+ylw@?ZAGc-e}%Z<53_2zw3b=pX{Ne+>?*?oo+(?tWZucZF$Dxs#A$5o6&N
zJ?29W;oS+U2w&n!Dzgj(ISbJiKu|Ve<D_=r9JF@VxI{d(?Q+YluVa1RdA#E~PRxbY
z=AzzXC+&xanD+s<5n#QaDm<Su#Q4cVni(X#+gBq`EzQh2#>ME0>-y%FJ0n!Ra8=h!
z>J~=PIZir7AnlG%O(7b%$m4<)Zc|XaL(wSw8P^T@L_EdUMjNGXle?UXb)L`eaQ^)$
z#``P(Q3-l#n|MXqy(P+id2yNH0TZ<7^AzoL0?4iPpY0Cp;J0w-tU_gQ@ftFp+WGiU
zgNR#DR@MvFja#h=Cm|rI9Fb0AGf>;e%E@6H7fDCz>=50ih#PS({N)>R6V`|Ck9w?t
zJl$e`w%h7f9>mE7elj*WHC0hrX@0&iq;@<uIalXw;p#eqthaM;_^Xv~87YHHx&?-&
zqdYjLQ$DEmO#PzwOGqVvU3NS9VoNRUxC|K;5w}o*ZKwpGbn=*BTxhTWjk}hPPHscP
zCrW3gKJh9U+?^+|Lr|I&ywk%IQ_GRcN~Df0@YmATwz9OFFXZGlR2~Lj=sJ_8Qi6IP
zJ6Z<U$^euPz1FYf`8FA0mLigP&|BtzFqsk9lZUxe`$sxte~d6GMRZmcorM26uay{B
zOKWkM=l>`yRQ54j@6L$C$J=?r#2*40Zz+2Q|Jy<eT9m^um+?2gI$BYc4U7Gk+c4H`
z@k}>+lR^0~@E_$OW(2#<&ON_!BP$z*VLNKGB^j+d-pgz-bHL4!<`qR0|JLCD7t{&`
z{I9R>c6N4tuo5j>yBpC7-r<O_=l{5Sczi7@BknNe?PX<#X)yQmhet$^O^O1GWEY9>
z!=BIDUpO^En=A1pZU;jyFE6?1A_W8lkQe^1$XR1pRZ5DA?$OcFxmul}t~dAhd;0qD
znG)}+^TYVb@x%U1O-01V6J<*H+%G99fl`_lS?YxkZ(!6EyeOI~@VhsTjuU7?0)oHQ
zgDkT$(J;pQQKnW_*bvMwCnqPH>lQimty=GWP&qm}x{DJ+MN2#21toYC{l1|=blO2k
zBx|VPY~D#2+;-49#y7yhfj}*vOsCW^m_@09i<^|<U2yQNJGXBsCWY44f~(bjRmPg~
zg1!gW*4Fw{^8F(R<>liGMx)XGlwpxCHOR50a)`;u$RLo2&Rh9ocuGkmL=mKS?<~1B
z{23cduBxmz<Th+{e^f}vGOMbk+sBFIaDV&uE$Ddo)K1(z33++>mC^o60==}6#YIqO
z6%b(G#ytP{?99T&g}0Pm@hnQA^!W6YiIzwJ$;in>pP+D$o7=FSWXd?vO4LT3x~o+!
zON>J2hPoz$<A%yR<=yAcpZzI=BM+ChCyF519*=k%FJApp7mqABKfeyd-1_)<>1Wuz
z@RRt?<zGGx(?p!~1QO_HQ1Uw=G6Mqx;DZP)(ecR%E1ZoS-^|zdVI`OSmW6u#Ge!tx
zb8AcK^8(_`!o!0C!YeLb<jAvsXZwhBtD7$D(<f^10LU=?6Pys4l72a^5p3oWl&qG2
z@w`!r6?O142pAH`yUEGdD(bWYPCSj!!QtT-P;%gE0h^)rJx^wG{C{YP?AIQgQ0}n8
ze&%uD_w@8IDrx-u!b}}Na~JYCBV%N2tSa9#87j^JZBn`sJ@!ccrIWT+&t4wb#-Nrz
zhGdIhL_~Bhznj|=;_~CA>Y6Ch$!*Mv;y(E?8=qHf?(c6Ha0d4}GK$Yc`nDiZ*B`U9
z;~VS2?7)mVusR1uRSch;3^(Pas)>X8x{}gSQ%8yYYHDmOudICE+A4MKFI8Pr^ADJG
z*48*lEEx9)We`4j@?;k8oAjr}pql{2q;G4??~_0`_x{GIE{=}ghSd8US<id%N=Ojo
z3`hL_t+YVM%IOCDfrW+jz1IgjM23KX0P^m2&fvg6`<A=8udlueC0Gk^IGs+;C%6>w
z38h;=7QRGN1;2zu?8wMSy%=J5rV4by??O3}Lq)db&*Gx<mc&Her!H@j5u)29Q}kP#
zo9|#8m<6`E$uT=STm9u(bp|aFu3EMPwN3<B2_;!9ha-yv+T_?REiL*jR^tm9Sy^Gg
zcQ6hSpF<X3UtfYI$ESjVU|=j99Joq%VS_eRGhklx^7ETddy+49Oi$}-K{N}wO<D<J
z6B3Hney$!Acs3bjWn{$oUe7nYErdJi@EA8!om~F;^8r+BtF@#TFJHct&2x5k)&Z4Z
zV{>zH%jC?=kJ&xXnyM;+ZI8s>hPNBlQ>7+tPP#;i>MANK<M#di{g@j?gohJI=LZHo
zS5b+XU09$$6C<TyhXzqkVEckA>@+o#L2Icz6X~7@6hSp1cPTcsd&*=4+QpterO*za
zZmg@S(sZ=5Q$~c4LDh_!y`eR8d#)QEoR>mrt@|G{GRC&?1N`Kw^UQZ1=6a6J&l~=1
zENf|zEQOEH&Dl=}lKJe+sU<41I0gBFPJ&7+Zq7ziQ&THL-9P;8#?TK{RaGb|UY2QA
zNZzqlLqJNZG;PAYQC_z0R^1%kl+n`F#gS`5o26b)SJ$0+C$ITcaXy2z5&efDAt6v7
zpB7`qq?A+-VOdJPoMFlnUtX$Eu6{6jL+4Ua9MT|4R5vAnNW-q4Jx+hN6J^_>ATJNg
zj*Z+`{jtqdHHUlq))S*$ItkBQCQf6Rczr7OYxA_nBR!+eJMLnx%RjM8iu{VF8|7bq
zN!%A)Ty~-AF#S`0y?){=FbP+JrW6R}1lE>K2dE^4c64-vF3LROM76(=SXUmWN(eBD
zy=Cj<B+o$}eaRl#I_xVC|6J)o>M26&B0}qmd+_%!3yadvnJSyAN)x8O1T;Dj)EYl`
zPV5qnz_Njjf{@a_>;l4c*Mt$wK&G;S$+|8lGc$JQ?4|6QQgz(@nhIITuLvS+i5!@Y
zdJ;=X>2GVjQ{|VAPSpso{zDym-SnKl?c$~@Fp)ymnY|OGPHo>C?{*|7$h-i)(>Hlu
zH%BN3CBY9{@@x`4;f6+SBM`m7o*JnEu)y>eE&15EX2{g}*qBHBtZUP)sJYW0!xNs#
zVk-~OQV>O`CXiC>eU;r~R7wKx$=bf}T2{YPrcWl1QEHQ(<f}`{Ml-ndubE#a23lHv
z`_e>M4|f9V6%$=&x%kb?ACRVUD<!$C^-)yU)-sXYl^v8~UWco*Okn$z&5=P5?hBJ!
z+t{cMht^e8B=W14?jL77QmKuLi%SiV)H@B1xJ!Ru4p{;JE_<oSqVXp<f<<Z8-HDl*
z`D140OA%ID(p38Ner&xo(kR(#Zv15zkv$-JoHEgorlx@eRYFrY)A+5Xh62RDudjab
zwiG-D*&y}cuxC`dLaBQGU3R^h1v!;o$!ZtcQjZ(uRA43D^FpxeWb7**xR=w~qUBa_
zi`@Rof#G-9&Dnw<aWu@-+Z#*|5}TpS--@lWT2%K-UY2r13t80_=*Xt4<OXk;XIKt6
zEyCfz>(!zsQ3dXirO%CwjJ`iygbk(?#EgI$@y=%Kk9CH(vVfS_!?SFtAF;P5bN8l4
z5mtw04PCzyaA*?C*S0o>O0L}8+!qGZoKys`va(?pmt?5`Mv_14>GbsU3uC{T>DyG*
z)OrZTlq1HrLOYk+H#ZA_pwCGMmI7db*}*W7o7)x>fcOLQG%#Pi$)4Rhl$wg_9muYQ
zJB^KvAX_K8n^@N&5D3gYrgkPqqry}yD6J$two^Rcvd|J8Dd9nb?d|Qy*eW(RH{09W
zA%I(+e<gX}@nw?ezAy)i(&%LQpSn-azkaB#)ei~^QuDP?OuADy7v~~UTyxen@IC6m
z0hzD{cv!XAFqrscWO_4R4hEY3#D0$A4>BqdcG%A{qDK*D_7;p?eVLV9y>zC=Wt4=3
zgdl>?n(Ld>@Z~v)b)8D(s6Xx<%n&{kq%tJnM{I2^e{qA|Uv+C(I=WbSxSPb%v2!91
zcObElmY^rT3Je-2!%Oc^t(*&;*-Org*)!)A5s3u;$Qj1X8P3OkBCAy|`(^3Co8<1D
zmF)M8hTMWeLUuuC$Hy3C!bJ2zaszd%42~C!B$4(Akc)dK@-~KZdi(m6wR|fWP3`TA
z@&f!?jK{~vWor()&}XBbTtZegZlcI$@pn*WLoO?4kPlo$RxZz|9htM0yPU`}oMG~9
zBYu}|U8UttDMHX0NU4^Z7Ezaj24rQMkQo+#D_gzIF$G7_Sch#+O30|vE$sQ%Zyp?^
z6x;%Pj3D_l-;etC(moHKQdr7Ax3IIb^MaR3uzA@&MQS84In}8AFe^2wKb<GtWC`lj
zwc50`wIz`r3O3;ikddXPNh}pDDRSvNChJrQ8V~N?0VF0G#tnElwMEv#Mv|V`Qg59_
zLbRQap7qzx3Df;3Mk<1zYi_Q2ZkTN!Kl7K)1_m^Cc6Q|z6<-M-dNsi_L)mcwQ8BhH
z5-TPB0a%cjm{_?bu87&k`sIgciFn5N&Xl*HB#qm8S={fGYfeS9y*>9%3D8=a?qYVk
zu=DcsaU~@sFSzCPR;m6^`-fM-T>Vt^^lBm#pGhCvMsWytHPANQcB~D3{tp2$v3-mZ
z)U|&K@o8r@tpLMmDjP*y{jQF}xe~FXdV}e)e8_VwIVhMXyaECioB_O4vR+=ofW0dX
z`I#yKI(BXxtrg!AmXss}Q)BSM^X?}mZ8oI|1~3hmlWlDPHDg<-%S#M#cw|$rnWYTb
zwORsY=5wYRd#0Mrytx1XZIZix|2pY$pUKHuf@HuMEgsaZp~lpgiGjB@w~l3(Z>eg<
z7l}@-U0d#B>n<X^l9F_1jlHWfj3j`^hJ2~r8hDssTI6yvz&3yvz@ce~6&5Y7H5S-_
zSP<HOcFR&v9%DBOwd^i7)|Y<X_1`9}+ZT>(Z{P`#N=(640|cYVWM^j=DCk#mF@wla
zQbI@+fdxX~<HwHy@Q;rIpflx-1iLi9DhZU50JE$-NQRPQ2ez5anb_Mu1`o&`-8|cH
z7pv)YuH?e<ZuPD2T#oc*BF*puaQ;(K6zW4mLzBF(lG6Q#V#q}#_7w;DN%jn4$e|(1
zjrD(1aVO|9?b|%{oXsoB4fUWPX<$AGUhyd45nX+M&f5L^R^wAffo;;I*(Bt09U$=o
ze*zYR^*un%v>2Dw#-R;WUt1R~Du~cdZnG#Q!L~s(EAv1RM05f;g?w;(x?~u{_ING!
zx)~0KhpQ_NTn$C_y;-kk?Mv6{t(~!urXqNrX4UE2Rj^QzRA<U&5+IrsrJ7$R{QT=H
z!<IxY6M>WBkqt+XzCqmDD)}x2u;f8y3?)w?U>E>H8h(C$6GKC4dk7%MJ%P{9X97;s
zPUy|`^z<wQM1vu({O{kZ&kXeSwVL3iKzJzvxM=6+*90yktOF#M(3cO`t<aF^8c<$g
zVWAiw-`6~fH8QKsoR%mE1iuM$7GTnu*%-0A`|?~*BUN~!wad%%`tqb6@z&g&Y1@wv
z1^@I!7+RVs?!{f`M6wa#9RS)nTY6WafD&g%M`6GkyNz^_2#Yab6Na=N?c4?&V2JdV
zfNp#jao+W8@;z9Qdy>TwG14Fic<)57t5t$teSYH&KuzYvNX$)I*iR`@)MFP?;o;%q
zX=xAkP$WJvzOa@SBUF6XhLfFLbfJCh-%Ei!&it8S`xCDR#q@Qu7yN>Pmfm}3-V%j{
zQqJn%>~ek-KJ@V4+0k|_?V2pIKC1m(rpOQ_%hkfRoiy$HqPi;f@J}1PA6-;Q8+cB2
zqsooX#`=2kl_j<_s6L)Vw_DiRac=jL<9<U&ki~5PJ0?~S-fX3(r%x!dz>FNsc^<AP
zP|OKGefs0Yix*H786{5cGxpOZC3mD8fZK1peH#F+p|+Z-!ZWR-gcA1yysZ0GQy#BS
zO)-=K_fM6XOmP!k;uyk?!9clggtQ(!^g~A-UpB|xPLM^BZPcQ#$Tz-0nQQ9mbifQ4
zJ^Yid+9nMxoqnq;ID6vr4HdA-Q+bJK1S076kzNVq;lZb*RDqF=2@__Gy|GO%wKS;_
zSCtf=72Unv-B^2zNDE&8)h*r!u;mI`Kc}eEXlM)P!<kEqMTdpgN2<ceR}(glOaV()
z#}~(2a=eKJYWGjF3JiSx{8qtuz$u%+>5Q7CUT;wGcJ6s9NZQ>`DCk-((8aKwFQ~ht
zqVPgH%?OBydOU0*=@|dIh`6AyE()#*iHL4{pKd-eTH(tA$=>(nrn?v@56Pa2r=}iS
z>+gEm<ju=A@CymyM0ApRG~a#(_6(PqcPlFRfCf;13<wL7t(s3&)YK%te?_(>Nw2QI
zmdt_&q=1o8$e-=H-@ktsNRZ1#?L2tYm7M@H1n6&<1M~X;;{dh7+}IhQ>aYSQc}GV_
zmj**1k}!KblakWp2WCTarncNcVv&K8?;Yu1WF_aRyU*WWixGLvW7J5la}#;=bI-Ha
z1N**FEt%?Ld#y6#Mt8ht$D(#movSX^qhTCWbaY|;YwxFao)#x}k++&}@2{_~7q}Be
z<Q_NbeO2u7hWz2?2M}LWR0R1F=lUmxPy=G>>G>duWf_!(kIpQ{gLI^a{xP~_d^AEH
zU&+<E<*v`^%tjsH^}0_r<(|2}Cakp#@EwTEktzt!rrd{x?^%?>Dfx55zij4YIJD$w
zt&y!(bX~A0-3MC9?cjHl8w}o_SkIy4?(XhgYovayQP&tR2J}ptYy~m^px&?1%vUo5
zHF2V%<uK(hfB)~6u|4yf(q&xzX@NFHy-%R6-^5;9M4iq6y~k2dtr15J=Bpi>sw(VU
zbYVR=KTk_87d&V!FyF?aq)&4?{zDV;Ze#>1LK~mdh6hCkD{znle@t*cgz>9?0}A$j
zjf;qbn493Nu>;_0v)bu!D@eB7T2v%ipR$j@qY*FMkB^0++>xs#U%z%}T$=KJME=N2
z&A<nF0*Fzs$h(oWPc^0T$EdZ_Iyz*4Dgu(Kqst1=3u<K6tY;i*Q*8OK11t@`2C@~k
zRZXm>ahP;@v;hstsu4&9V|xOO2N$#`mQK3`>!U%S?NdP3F##Opyf~l|fcn7H)D&`k
zeLeg4Vcz#ISj2j1HPi&4oB>JiyV0hBfx(lFROicHguJ=U7AHAoSR7x|d|+yUPIb5J
zN{_?^yFaW4wt_dH!i*CuYis$P^-oHl&{Fs^V45}d{sa9==3!8o5giTt0u(hMLKv3`
z7plBbP>5JtHM$uWO!l!^v2_sZk{X;;g4L-2F$4$!SAo)OY;3?vBR9w5_e2u!I~d93
z_^y_V-4V794&(GO8#}n<R=h_n7G-M`i9x{qO$K%+TcN3LWNYt5zLUirM7K1tj+PY{
z>u%qF<L;_Sjt$BPTPgFPs;Vlyd<VfkpjwfDvTOEuGKnQG^N^1Y%#ScGhMeEq2#1sZ
z@)jquIY5Y?|NfMe$^$AY?AtJ7ioGoNL!o46?kI$dg+-@E)?d%2WzQzQe-#r9&Boz9
zqQI7{ml(;CE4nt73lin~z|Js~DT=kE*XGE4nQU9O=IG#Xhs4B|Bl^DZyQdV7*Vy{7
z4}KX9WR&J}D9=CpX}Q%cBp*A}2Exg&%Hk}_s6O__X{x7e-MaD95?$CrBzH~S+(umn
zwAnxe)J@#+{Rci=o$jW8omGNK12E~=n%G?xy>76#ul}glGDaRaRCvHrn@j#?aJy<w
zy-XlKpo`}3Qr138ITT3%p6xP~FPkcQ!oPOnyL@!PW%R+%*LTTX3`m33&43d)$e-)z
z=*ahTUCR1O&^uO0EzK|q03{L(Vkv=fnT|nhkFpQhp31-#z;~b=6+4Ra@|s>ex5osv
zl@s5u9Qch*O*J^il}9rhN48isa=sPbhB`Xw%VDzP!WA9~oy&?BEYA(^U~2Hw4PeB9
zH+cN&AvhlZfE1{)AY^UT7q%#Gpm<+Mf6*7zccTc^y?FVFGk;=nX8Yd=?;kB$8xaw)
ze1@u_VYRTZm=*ndhFZ0DiGIq*XQo@WJ)DXeHH2~ZB+b`X9JVe040+`uUM*U2k>dl2
zSl!+vtkZ0-Cw=4_y<FL!sRNR?g)u=uIN2T_PpK_W{_w_#P?B%B5}l)K$To8-|5lh?
zxh$v6XrRA1hzCj?J2|iTdO-^{%JYl^?E`$|<do}yNq4V7y1TccJIS*xC@4r?x0%hj
z9XIW0zVU<7W9VdOYIW4h)AJ!WIaO19MB&4n5I_stKvlXwG{`+97XY`mHYqIZnYi_S
zWL9#^pFtia=&Rnw7B&)iZ&`r#asC7*^Vj-f!Znnxz{F%=Q#bqbXAN)^BzN)*I<c`w
zU3F48(_FINl<pzX<po<*D8#;FAsx{gNFqxkAQU$;tJduV5`7631B1>Y5F7n_rIn(#
z#vOzVz&^{go|OjSC3#o!t&G736KC9@*9cY>o>SND@kgD35$1ip)BL)R%02~9JKCRA
zeKT-^8S;vu2QxD&PNEpI{|*if$*V?u-u<XvE6r#8cm#b6)-RxZOyPI5F>ElKK5?m{
zcoOg}!;6EQ-$?!MD(I4p7^>z_e5e1->HkopNJLW2Fb)n5m{=}H>#B-LmW9SoGwRUJ
zRVOu2Ba8K#X*V#Szei)-SPL<mz1^5Ik{r?C6c>k%IaY$<{e(H7b6zJkZ<0WLq6sAm
zB#c`98_IjZ8OYRod}{q~F!dBn<JF(Bt^1^@VxT;qn9v5{b=sk}xEK!3S8CnGfW0E%
zO16BXVjzz20Y$y1NB*Un+Mz8jX=)~jlSu}56Gl7v{^z8nHtp(v=Q2e*{@<O;G-8Dq
mw)%@MuKjm}^Zx10Eq4Yx!D%k-QE<u?q9ms#Tl(De{r>{8Z=@~&

literal 0
HcmV?d00001

diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md
index 6ac048cf9d..e5dcea3322 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md
@@ -59,6 +59,21 @@ To deploy Microsoft Defender ATP, you'll need to onboard devices to the service.
 
 Depending on the architecture of your environment, you'll need to use the appropriate management tool that best suites your requirements. 
 
+
+## Onboarding options and tools
+Understand the various onboarding options and tools that Microsoft Defender ATP provides, so you can decide what is best for your environment.
+
+
+
+It's important to know what onboarding options and tools ae
+
+
+Every enterprise environement is unique and may require different tools and ways to onboard endpoints. 
+ 
+
+
+
+
 After onboarding the devices, you'll then configure the various capabilities such as endpoint detection and response, next-generation protection, and attack surface reduction.