flow

windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md

@@ -33,7 +33,7 @@ There are three phases in deploying Microsoft Defender ATP:
 |:-------|:-----|
 | ![Phase 1: Prepare](images/prepare.png)<br>[Phase 1: Prepare](prepare-deployment.md)| Learn about what you need to consider when deploying Microsoft Defender ATP: <br><br>- Stakeholders and sign-off <br> - Environment considerations <br>- Access <br> - Adoption order
 |  ![Phase 2: Setup](images/setup.png) <br>[Phase 2: Setup](production-deployment.md)|  Take the initial steps to access Microsoft Defender Security Center. You'll be guided on:<br><br>- Validating the licensing <br>  - Completing the setup wizard within the portal<br>- Network configuration|
-|  ![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them. You'll be guided on:<br><br>- Using Microsoft Endpoint Configuration Manager to onboard devices<br>- Configure capabilities 
+|  ![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them. 
 
 
 

windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md

@@ -1,5 +1,5 @@
 ---
-title: Plan your Microsoft Defender ATP deployment strategy
+title: Plan your Microsoft Defender ATP deployment 
 description: Select the best Microsoft Defender ATP deployment strategy for your environment
 keywords: deploy, plan, deployment strategy, cloud native, management, on prem, evaluation, onboarding, local, group policy, gp, endpoint manager, mem
 search.product: eADQiWindows 10XVcnh
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Plan your Microsoft Defender ATP deployment strategy
+# Plan your Microsoft Defender ATP deployment 
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
@@ -27,51 +27,51 @@ ms.topic: article
 
 Depending on the requirements of your environment, we've put together material to help guide you through the various options you can adopt to deploy Microsoft Defender ATP. 
 
+This article provides an overview on the general steps you need to take to deploy Microsoft Defender ATP:
 
-You can deploy Microsoft Defender ATP using various management tools. In general the following management tools are supported:
+![Image of deployment flow](images/onboarding-flow-diagram.png)
 
-- Group policy
-- Microsoft Endpoint Configuration Manager
-- Mobile Device Management tools
-- Local script
 
-| Endpoint     | Deployment methods                       |
-|--------------|------------------------------------------|
-| **Windows**  |  Local script (up to 10 devices) <br>  Group Policy <br>  Microsoft Endpoint Manager <br>  Mobile Device Manager <br>   Microsoft Endpoint Configuration Manager <br>  Microsoft Endpoint Configuration Manager <br> VDI scripts   |
-| **macOS**    | Local scripts <br> Mobile Device Manager/Microsoft Intune <br> JAMF Pro <br>  |
-| **Linux Server** | Local script <br> Puppet <br> Ansible|
-| **iOS**      | App-based                                |
-| **Android**  | Microsoft Endpoint Manager               |
 
-## Microsoft Defender ATP deployment strategy
 
-Depending on your environment, some tools are better suited for certain architectures.
+## Step 1: Identify architecture
+We understand that every enterprise environment is unique, so we've provided several options to give you the flexibility in choosing how to deploy the service.
 
+Depending on your environment, some tools are better suited for certain architectures. 
+
+Use the following material to select the appropriate Microsoft Defender ATP architecture that best suites your organization.
 
 |**Item**|**Description**|
 |:-----|:-----|
 |[![Thumb image for Microsoft Defender ATP deployment strategy](images/mdatp-deployment-strategy.png)](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)<br/> [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf)  \| [Visio](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx) | The architectural material helps you plan your deployment for the following architectures: <ul><li> Cloud-native </li><li> Co-management </li><li> On-premise</li><li>Evaluation and local onboarding</li>
 
 
-## Phased deployment approach
-Regardless of the deployment strategy you decide to implement, deploying Microsoft Defender ATP can be done in a phased approach. 
 
-Enterprises can deploy the service on a pilot collection, and then incrementally roll the service out to a larger set of devices.
+## Step 2: Select deployment method
-
+Microsoft Defender ATP supports a variety of endpoints that you can onboard to the service. 
-Adopting a phased approach helps reduce potential issues or conflicts that could arise while rolling the service out.
+Depending on the endpoint or your preferred deployment tool, select the method that best fits your requirements.
-
-|**Pilot and deployment phases**|**Description**|
-|:-----|:-----|
-Pilot and deployment planning | Phase 1: Identify 50 systems for pilot testing - Focus on the security team, IT team and maybe Helpdesk
-Full scale pilot | Phase 2: 100  systems <br> 	Phase 3: 150 systems <br> Phase 4: 500 systems <br> Phase 5: 1000 systems <br><br> Review and assess if there required tweaks to deployment. 
-Full deployment | Roll out service to the rest of environment in larger increments.
 
 
-### Troubleshoot deployment issues
+The following table lists the supported endpoints and the corresponding deployment tool that you can use so that you can plan the deployment appropriately.
-You might need to troubleshoot the Microsoft Defender ATP onboarding process if you encounter issues. The following links provide detailed steps to troublshoot potential issues.
+
+| Endpoint     | Deployment methods                       |
+|--------------|------------------------------------------|
+| **Windows**  |  Local script (up to 10 devices) <br>  Group Policy <br>  Microsoft Endpoint Manager <br>  Mobile Device Manager <br>   Microsoft Endpoint Configuration Manager <br> VDI scripts   |
+| **macOS**    | Local scripts <br> Mobile Device Manager/Microsoft Intune <br> JAMF Pro <br>  |
+| **Linux Server** | Local script <br> Puppet <br> Ansible|
+| **iOS**      | App-based                                |
+| **Android**  | Microsoft Endpoint Manager               |
+
+
+## Step 3: Configure capabilities
+After onboarding endpoints, configure the security capabilities in Microsoft Defender ATP so that you can maximize the robust security protection available in the suite.
+
+You'll be guided in configuring capabilities such as:
+
+- Endpoint detection and response
+- Next-generation protection
+- Attack surface reduction
 
-- [Troubleshoot Microsoft Defender ATP onboarding issues](troubleshoot-onboarding.md)
-- [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages.md)
 
 
   

windows/security/threat-protection/microsoft-defender-atp/onboarding.md

@@ -59,6 +59,21 @@ To deploy Microsoft Defender ATP, you'll need to onboard devices to the service.
 
 Depending on the architecture of your environment, you'll need to use the appropriate management tool that best suites your requirements. 
 
+
+## Onboarding options and tools
+Understand the various onboarding options and tools that Microsoft Defender ATP provides, so you can decide what is best for your environment.
+
+
+
+It's important to know what onboarding options and tools ae
+
+
+Every enterprise environement is unique and may require different tools and ways to onboard endpoints. 
+ 
+
+
+
+
 After onboarding the devices, you'll then configure the various capabilities such as endpoint detection and response, next-generation protection, and attack surface reduction.