From bf379de727b64e9888153c7156cb54e55fe56ddd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dani=20Halfin=20=F0=9F=93=AC=F0=9F=94=A8?= Date: Thu, 10 Jan 2019 00:36:57 +0000 Subject: [PATCH] Merged PR 13708: Non-ent 1809 endpoints --- windows/privacy/TOC.md | 1 + ...-endpoints-1803-non-enterprise-editions.md | 19 +++++++++++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/windows/privacy/TOC.md b/windows/privacy/TOC.md index d581476641..35561d07af 100644 --- a/windows/privacy/TOC.md +++ b/windows/privacy/TOC.md @@ -22,4 +22,5 @@ ### [Connection endpoints for Windows 10, version 1809](manage-windows-1809-endpoints.md) ### [Windows 10, version 1709, connection endpoints for non-Enterprise editions](windows-endpoints-1709-non-enterprise-editions.md) ### [Windows 10, version 1803, connection endpoints for non-Enterprise editions](windows-endpoints-1803-non-enterprise-editions.md) +### [Windows 10, version 1809, connection endpoints for non-Enterprise editions](windows-endpoints-1809-non-enterprise-editions.md) ## [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md) diff --git a/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md index 76098f6d9e..39343b19d9 100644 --- a/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md +++ b/windows/privacy/windows-endpoints-1803-non-enterprise-editions.md @@ -49,13 +49,14 @@ We used the following methodology to derive these network endpoints: | cy2.licensing.md.mp.microsoft.com.akadns.net | HTTPS | Used to communicate with Microsoft Store. | | cy2.settings.data.microsoft.com.akadns.net | HTTPS | Used to communicate with Microsoft Store. | | displaycatalog.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store. | -|dm3p.wns.notify.windows.com.akadns.net | HTTPS | Used for the Windows Push Notification Services (WNS). | +| dm3p.wns.notify.windows.com.akadns.net | HTTPS | Used for the Windows Push Notification Services (WNS). | | fe2.update.microsoft.com* | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. | | fe3.delivery.dsp.mp.microsoft.com.nsatc.net | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. | | fe3.delivery.mp.microsoft.com | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. | | g.live.com/odclientsettings/Prod | HTTPS | Used by OneDrive for Business to download and verify app updates. | | g.msn.com.nsatc.net | HTTPS | Used to retrieve Windows Spotlight metadata. | | geo-prod.dodsp.mp.microsoft.com.nsatc.net | HTTPS | Enables connections to Windows Update. | +| ip5.afdorigin-prod-am02.afdogw.com | HTTPS | Used to serve office 365 experimentation traffic. | | ipv4.login.msa.akadns6.net | HTTPS | Used for Microsoft accounts to sign in. | | licensing.mp.microsoft.com/v7.0/licenses/content | HTTPS | Used for online activation and some app licensing. | | location-inference-westus.cloudapp.net | HTTPS | Used for location data. | @@ -64,21 +65,24 @@ We used the following methodology to derive these network endpoints: | ocos-office365-s2s.msedge.net* | HTTPS | Used to connect to the Office 365 portal's shared infrastructure. | | ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. | | oneclient.sfx.ms* | HTTPS | Used by OneDrive for Business to download and verify app updates. | +| onecollector.cloudapp.aria.akadns.net | HTTPS | Office Telemetry | +| prod.nexusrules.live.com.akadns.net | HTTPS | Office Telemetry | | query.prod.cms.rt.microsoft.com* | HTTPS | Used to retrieve Windows Spotlight metadata. | | ris.api.iris.microsoft.com* | HTTPS | Used to retrieve Windows Spotlight metadata. | | settings.data.microsoft.com/settings/v2.0/* | HTTPS | Used for Windows apps to dynamically update their configuration. | | settings-win.data.microsoft.com/settings/* | HTTPS | Used as a way for apps to dynamically update their configuration.  | +| share.microsoft.com/windows-app-web-link | HTTPS | Traffic related to Books app | | sls.update.microsoft.com* | HTTPS | Enables connections to Windows Update. | | storecatalogrevocation.storequality.microsoft.com* | HTTPS | Used to revoke licenses for malicious apps on the Microsoft Store. | | storeedgefd.dsx.mp.microsoft.com* | HTTPS | Used to communicate with Microsoft Store. | | tile-service.weather.microsoft.com* | HTTP | Used to download updates to the Weather app Live Tile. | | tsfe.trafficshaping.dsp.mp.microsoft.com | HTTPS | Used for content regulation. | -| ip5.afdorigin-prod-am02.afdogw.com | HTTPS | Used to serve office 365 experimentation traffic. | +| us.configsvc1.live.com.akadns.net | HTTPS | Microsoft Office configuration related traffic | | watson.telemetry.microsoft.com/Telemetry.Request | HTTPS | Used by Windows Error Reporting. | +| wd-prod-cp-us-east-2-fe.eastus.cloudapp.azure.com | HTTPS | Azure front end traffic | ## Windows 10 Pro - | **Destination** | **Protocol** | **Description** | | --- | --- | --- | | *.e-msedge.net | HTTPS | Used by OfficeHub to get the metadata of Office apps. | @@ -93,11 +97,13 @@ We used the following methodology to derive these network endpoints: | cy2.settings.data.microsoft.com.akadns.net | HTTPS | Used to communicate with Microsoft Store. | | dm3p.wns.notify.windows.com.akadns.net | HTTPS | Used for the Windows Push Notification Services (WNS) | | fe3.delivery.dsp.mp.microsoft.com.nsatc.net | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. | +| flightingservicewus.cloudapp.net | HTTPS | Insider Program | | g.msn.com.nsatc.net | HTTPS | Used to retrieve Windows Spotlight metadata. | | ipv4.login.msa.akadns6.net | HTTPS | Used for Microsoft accounts to sign in. | | location-inference-westus.cloudapp.net | HTTPS | Used for location data. | | modern.watson.data.microsoft.com.akadns.net | HTTPS | Used by Windows Error Reporting. | | ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. | +| onecollector.cloudapp.aria.akadns.net | HTTPS | Office Telemetry | | ris.api.iris.microsoft.com.akadns.net | HTTPS | Used to retrieve Windows Spotlight metadata. | | tile-service.weather.microsoft.com/* | HTTP | Used to download updates to the Weather app Live Tile. | | tsfe.trafficshaping.dsp.mp.microsoft.com | HTTPS | Used for content regulation. | @@ -119,6 +125,7 @@ We used the following methodology to derive these network endpoints: | au.download.windowsupdate.com* | HTTP | Enables connections to Windows Update. | | cdn.onenote.net/livetile/* | HTTPS | Used for OneNote Live Tile. | | client-office365-tas.msedge.net/* | HTTPS | Used to connect to the Office 365 portal’s shared infrastructure, including Office Online. | +| cloudtile.photos.microsoft.com.akadns.net | HTTPS | Photos App in MS Store | config.edge.skype.com/* | HTTPS | Used to retrieve Skype configuration values.  | | ctldl.windowsupdate.com/* | HTTP | Used to download certificates that are publicly known to be fraudulent. | | cy2.displaycatalog.md.mp.microsoft.com.akadns.net | HTTPS | Used to communicate with Microsoft Store. | @@ -130,6 +137,7 @@ We used the following methodology to derive these network endpoints: | fe2.update.microsoft.com/* | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. | | fe3.delivery.dsp.mp.microsoft.com.nsatc.net | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. | | fe3.delivery.mp.microsoft.com/* | HTTPS | Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. | +| flightingservicewus.cloudapp.net | HTTPS | Insider Program | | g.live.com/odclientsettings/* | HTTPS | Used by OneDrive for Business to download and verify app updates. | | g.msn.com.nsatc.net | HTTPS | Used to retrieve Windows Spotlight metadata. | | ipv4.login.msa.akadns6.net | HTTPS | Used for Microsoft accounts to sign in. | @@ -139,11 +147,14 @@ We used the following methodology to derive these network endpoints: | ocos-office365-s2s.msedge.net/* | HTTPS | Used to connect to the Office 365 portal's shared infrastructure. | | ocsp.digicert.com* | HTTP | CRL and OCSP checks to the issuing certificate authorities. | | oneclient.sfx.ms/* | HTTPS | Used by OneDrive for Business to download and verify app updates. | +| onecollector.cloudapp.aria.akadns.net | HTTPS | Office telemetry | | settings-win.data.microsoft.com/settings/* | HTTPS | Used as a way for apps to dynamically update their configuration. | +| share.microsoft.com/windows-app-web-link | HTTPS | Traffic related to Books app | | sls.update.microsoft.com/* | HTTPS | Enables connections to Windows Update. | | storecatalogrevocation.storequality.microsoft.com/* | HTTPS | Used to revoke licenses for malicious apps on the Microsoft Store. | | tile-service.weather.microsoft.com/* | HTTP | Used to download updates to the Weather app Live Tile. | | tsfe.trafficshaping.dsp.mp.microsoft.com | HTTPS | Used for content regulation. | | vip5.afdorigin-prod-ch02.afdogw.com | HTTPS | Used to serve office 365 experimentation traffic. | | watson.telemetry.microsoft.com/Telemetry.Request | HTTPS | Used by Windows Error Reporting. | -| bing.com/* | HTTPS | Used for updates for Cortana, apps, and Live Tiles. | +| wd-prod-cp-us-west-3-fe.westus.cloudapp.azure.com | HTTPS | Azure front end traffic | +| www.bing.com/* | HTTPS | Used for updates for Cortana, apps, and Live Tiles. |