Merge pull request #6630 from MicrosoftDocs/v-jmathew-6020449

Updated-6020449

windows/security/apps.md

@@ -4,9 +4,6 @@ description: Get an overview of application security in Windows 10 and Windows 1
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dansimp
 ms.collection: M365-security-compliance
 ms.prod: m365-security

windows/security/cloud.md

@@ -5,15 +5,10 @@ ms.reviewer:
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp 
-audience: ITPro
 ms.topic: conceptual
 ms.date: 09/20/2021
 ms.localizationpriority: medium
 ms.custom: 
-f1.keywords: NOCSH 
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 search.appverid: MET150 
 ms.collection: M365-security-compliance
 ms.prod: m365-security

windows/security/cryptography-certificate-mgmt.md

@@ -5,7 +5,6 @@ search.appverid: MET150
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp 
-audience: ITPro
 ms.topic: conceptual
 ms.date: 09/07/2021
 ms.prod: m365-security
@@ -14,7 +13,6 @@ ms.localizationpriority: medium
 ms.collection: 
 ms.custom: 
 ms.reviewer: skhadeer, raverma
-f1.keywords: NOCSH 
 ---
 
 # Cryptography and Certificate Management

windows/security/encryption-data-protection.md

@@ -5,7 +5,6 @@ search.appverid: MET150
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp 
-audience: ITPro
 ms.topic: conceptual
 ms.date: 09/08/2021
 ms.prod: m365-security
@@ -14,7 +13,6 @@ ms.localizationpriority: medium
 ms.collection: 
 ms.custom: 
 ms.reviewer: deepakm, rafals  
-f1.keywords: NOCSH  
 ---
 
 # Encryption and data protection in Windows client

windows/security/hardware.md

@@ -4,9 +4,6 @@ description: Get an overview of hardware security in Windows 11 and Windows 10
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dansimp
 ms.collection: M365-security-compliance
 ms.prod: m365-security

windows/security/identity.md

@@ -4,9 +4,6 @@ description: Get an overview of identity security in Windows 11 and Windows 10
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dansimp
 ms.collection: M365-security-compliance
 ms.prod: m365-security

windows/security/operating-system.md

@@ -5,9 +5,6 @@ ms.reviewer:
 ms.topic: article
 manager: dansimp
 ms.author: deniseb
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: denisebmsft
 ms.collection: M365-security-compliance
 ms.prod: m365-security

windows/security/security-foundations.md

@@ -5,9 +5,6 @@ ms.reviewer:
 ms.topic: article
 manager: dansimp
 ms.author: deniseb
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: denisebmsft
 ms.collection: M365-security-compliance
 ms.prod: m365-security

windows/security/threat-protection/block-untrusted-fonts-in-enterprise.md

@@ -1,14 +1,9 @@
 ---
 title: Block untrusted fonts in an enterprise (Windows 10)
 description: To help protect your company from attacks which may originate from untrusted or attacker controlled font files, we've created the Blocking Untrusted Fonts feature.
-ms.assetid: a3354c8e-4208-4be6-bc19-56a572c361b4
 ms.reviewer: 
 manager: dansimp
-keywords: font blocking, untrusted font blocking, block fonts, untrusted fonts
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.pagetype: security
-ms.sitesec: library
 author: dansimp
 ms.author: dansimp
 ms.date: 08/14/2017

windows/security/threat-protection/fips-140-validation.md

@@ -2,7 +2,6 @@
 title: Federal Information Processing Standard (FIPS) 140 Validation
 description: Learn how Microsoft products and cryptographic modules follow the U.S. Federal government standard FIPS 140.
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp

windows/security/threat-protection/get-support-for-security-baselines.md

@@ -1,14 +1,11 @@
 ---
 title: Get support
 description: Frequently asked question about how to get support for Windows baselines, the Security Compliance Toolkit (SCT), and related topics in your organization.
-keywords: virtualization, security, malware
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dulcemontemayor
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 06/25/2018

windows/security/threat-protection/index.md

@@ -1,17 +1,12 @@
 ---
 title: Windows threat protection
 description: Describes the security capabilities in Windows client focused on threat protection
-keywords: threat protection, Microsoft Defender Antivirus, attack surface reduction, next-generation protection, endpoint detection and response, automated investigation and response, microsoft threat experts, Microsoft Secure Score for Devices, advanced hunting, cyber threat hunting, web threat protection
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.author: dansimp
 author: dansimp
 ms.localizationpriority: medium
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.technology: windows-sec

windows/security/threat-protection/mbsa-removal-and-guidance.md

@@ -1,9 +1,7 @@
 ---
 title: Guide to removing Microsoft Baseline Security Analyzer (MBSA)
 description: This article documents the removal of Microsoft Baseline Security Analyzer (MBSA) and provides alternative solutions.
-keywords: MBSA, security, removal
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dansimp

windows/security/threat-protection/msft-security-dev-lifecycle.md

@@ -2,7 +2,6 @@
 title: Microsoft Security Development Lifecycle
 description: Download the Microsoft Security Development Lifecycle white paper which covers a security assurance process focused on software development.
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp

windows/security/threat-protection/override-mitigation-options-for-app-related-security-policies.md

@@ -3,11 +3,7 @@ manager: dansimp
 ms.author: dansimp
 title: Override Process Mitigation Options (Windows 10)
 description: How to use Group Policy to override individual Process Mitigation Options settings and to help enforce specific app-related security policies.
-keywords: Process Mitigation Options, Mitigation Options, Group Policy Mitigation Options
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.pagetype: security
-ms.sitesec: library
 author: dulcemontemayor
 ms.localizationpriority: medium
 ms.technology: windows-sec

windows/security/threat-protection/overview-of-threat-mitigations-in-windows-10.md

@@ -2,9 +2,6 @@
 title: Mitigate threats by using Windows 10 security features (Windows 10)
 description: An overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 ms.reviewer: 

windows/security/threat-protection/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md

@@ -1,15 +1,10 @@
 ---
 title: Control the health of Windows 10-based devices (Windows 10)
 description: This article details an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows 10-based devices.
-ms.assetid: 45DB1C41-C35D-43C9-A274-3AD5F31FE873
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
-keywords: security, BYOD, malware, device health attestation, mobile
 ms.prod: m365-security
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: security, devices
 author: dulcemontemayor
 ms.date: 10/13/2017
 ms.localizationpriority: medium

windows/security/threat-protection/use-windows-event-forwarding-to-assist-in-intrusion-detection.md

@@ -1,14 +1,10 @@
 ---
 title: Use Windows Event Forwarding to help with intrusion detection (Windows 10)
 description: Learn about an approach to collect events from devices in your organization. This article talks about events in both normal operations and when an intrusion is suspected.
-ms.assetid: 733263E5-7FD1-45D2-914A-184B9E3E6A3F
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dulcemontemayor
 ms.date: 02/28/2019
 ms.localizationpriority: medium

windows/security/threat-protection/windows-firewall/create-an-outbound-program-or-service-rule.md

@@ -1,17 +1,12 @@
 ---
 title: Create an Outbound Program or Service Rule (Windows)
 description: Use the Windows Defender Firewall with Advanced Security node in the Group Policy Management console to create firewall rules.
-ms.assetid: f71db4fb-0228-4df2-a95d-b9c056aa9311
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021

windows/security/threat-protection/windows-firewall/create-inbound-rules-to-support-rpc.md

@@ -1,17 +1,12 @@
 ---
 title: Create Inbound Rules to Support RPC (Windows)
 description: Learn how to allow RPC network traffic by using the Group Policy Management MMC snap-in to create rules in Windows Defender Firewall with Advanced Security.
-ms.assetid: 0b001c2c-12c1-4a30-bb99-0c034d7e6150
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021

windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md

@@ -1,17 +1,12 @@
 ---
 title: Create Windows Firewall rules in Intune (Windows)
 description: Learn how to use Intune to create rules in Windows Defender Firewall with Advanced Security. Start by creating a profile in Device Configuration in Intune.
-ms.assetid: 47057d90-b053-48a3-b881-4f2458d3e431
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.technology: windows-sec

windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md

@@ -1,17 +1,12 @@
 ---
 title: Create WMI Filters for the GPO (Windows)
 description: Learn how to use WMI filters on a GPO to make sure that each GPO for a group can only be applied to devices running the correct version of Windows.
-ms.assetid: b1a6d93d-a3c8-4e61-a388-4a3323f0e74e
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021

windows/security/threat-protection/windows-firewall/designing-a-windows-firewall-with-advanced-security-strategy.md

@@ -1,17 +1,12 @@
 ---
 title: Designing a Windows Defender Firewall Strategy (Windows)
 description: Answer the question in this article to design an effective Windows Defender Firewall with Advanced Security Strategy.
-ms.assetid: 6d98b184-33d6-43a5-9418-4f24905cfd71
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021

windows/security/threat-protection/windows-firewall/determining-the-trusted-state-of-your-devices.md

@@ -1,17 +1,12 @@
 ---
 title: Determining the Trusted State of Your Devices (Windows)
 description: Learn how to define the trusted state of devices in your enterprise to help design your strategy for using Windows Defender Firewall with Advanced Security.
-ms.assetid: 3e77f0d0-43aa-47dd-8518-41ccdab2f2b2
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021
@@ -25,7 +20,7 @@ ms.technology: windows-sec
 -   Windows 11
 -   Windows Server 2016 and above
 
-After obtaining information about the devices that are currently part of the IT infrastructure, you must determine at what point a device is considered trusted. The term *trusted* can mean different things to different people. Therefore, you must communicate a firm definition for it to all stakeholders in the project. Failure to do this can lead to problems with the security of the trusted environment, because the overall security cannot exceed the level of security set by the least secure client that achieves trusted status.
+After obtaining information about the devices that are currently part of the IT infrastructure, you must determine at what point a device is considered trusted. The term *trusted* can mean different things to different people. Therefore, you must communicate a firm definition for it to all stakeholders in the project. Failure to do this can lead to problems with the security of the trusted environment, because the overall security can't exceed the level of security set by the least secure client that achieves trusted status.
 
 >**Note:**  In this context, the term *trust* has nothing to do with an Active Directory trust relationship between domains. The trusted state of your devices just indicates the level of risk that you believe the device brings to the network. Trusted devices bring little risk whereas untrusted devices can potentially bring great risk.
 
@@ -46,9 +41,9 @@ The remainder of this section defines these states and how to determine which de
 
 ### Trusted state
 
-Classifying a device as trusted means that the device's security risks are managed, but it does not imply that it is perfectly secure or invulnerable. The responsibility for this managed state falls to the IT and security administrators, in addition to the users who are responsible for the configuration of the device. A trusted device that is poorly managed will likely become a point of weakness for the network.
+Classifying a device as trusted means that the device's security risks are managed, but it doesn't imply that it's perfectly secure or invulnerable. The responsibility for this managed state falls to the IT and security administrators, in addition to the users who are responsible for the configuration of the device. A trusted device that is poorly managed will likely become a point of weakness for the network.
 
-When a device is considered trusted, other trusted devices can reasonably assume that the device will not initiate a malicious act. For example, trusted devices can expect that other trusted devices will not run a virus that attacks them, because all trusted devices are required to use mechanisms (such as antivirus software) to mitigate the threat of viruses.
+When a device is considered trusted, other trusted devices can reasonably assume that the device won't initiate a malicious act. For example, trusted devices can expect that other trusted devices won't run a virus that attacks them, because all trusted devices are required to use mechanisms (such as antivirus software) to mitigate the threat of viruses.
 
 Spend some time defining the goals and technology requirements that your organization considers appropriate as the minimum configuration for a device to obtain trusted status.
 
@@ -68,49 +63,49 @@ A possible list of technology requirements might include the following:
 
 -   **Password requirements.** Trusted clients must use strong passwords.
 
-It is important to understand that the trusted state is not constant; it is a transient state that is subject to changing security standards and compliance with those standards. New threats and new defenses emerge constantly. For this reason, the organization's management systems must continually check the trusted devices to ensure ongoing compliance. Additionally, the management systems must be able to issue updates or configuration changes if they are required to help maintain the trusted status.
+It's important to understand that the trusted state isn't constant; it's a transient state that is subject to changing security standards and compliance with those standards. New threats and new defenses emerge constantly. For this reason, the organization's management systems must continually check the trusted devices to ensure ongoing compliance. Additionally, the management systems must be able to issue updates or configuration changes if they're required to help maintain the trusted status.
 
-A device that continues to meet all these security requirements can be considered trusted. However it is possible that most devices that were identified in the discovery process discussed earlier do not meet these requirements. Therefore, you must identify which devices can be trusted and which ones cannot. To help with this process, you use the intermediate *trustworthy* state. The remainder of this section discusses the different states and their implications.
+A device that continues to meet all these security requirements can be considered trusted. However it's possible that most devices that were identified in the discovery process discussed earlier don't meet these requirements. Therefore, you must identify which devices can be trusted and which ones can't. To help with this process, you use the intermediate *trustworthy* state. The remainder of this section discusses the different states and their implications.
 
 ### Trustworthy state
 
-It is useful to identify as soon as possible those devices in your current infrastructure that can achieve a trusted state. A *trustworthy state* can be assigned to indicate that the current device can physically achieve the trusted state with required software and configuration changes.
+It's useful to identify as soon as possible those devices in your current infrastructure that can achieve a trusted state. A *trustworthy state* can be assigned to indicate that the current device can physically achieve the trusted state with required software and configuration changes.
 
 For each device that is assigned a trustworthy status, make an accompanying configuration note that states what is required to enable the device to achieve trusted status. This information is especially important to both the project design team (to estimate the costs of adding the device to the solution) and the support staff (to enable them to apply the required configuration).
 
 Generally, trustworthy devices fall into one of the following two groups:
 
--   **Configuration required.** The current hardware, operating system, and software enable the device to achieve a trustworthy state. However, additional configuration changes are required. For example, if the organization requires a secure file system before a device can be considered trusted, a device that uses a FAT32-formatted hard disk does not meet this requirement.
+-   **Configuration required.** The current hardware, operating system, and software enable the device to achieve a trustworthy state. However, additional configuration changes are required. For example, if the organization requires a secure file system before a device can be considered trusted, a device that uses a FAT32-formatted hard disk doesn't meet this requirement.
 
 -   **Upgrade required.** These devices require upgrades before they can be considered trusted. The following list provides some examples of the type of upgrade these devices might require:
 
-    -   **Operating system upgrade required.** If the device's current operating system cannot support the security needs of the organization, an upgrade would be required before the device could achieve a trusted state.
+    -   **Operating system upgrade required.** If the device's current operating system can't support the security needs of the organization, an upgrade would be required before the device could achieve a trusted state.
 
-    -   **Software required.** A device that is missing a required security application, such as an antivirus scanner or a management client, cannot be considered trusted until these applications are installed and active.
+    -   **Software required.** A device that is missing a required security application, such as an antivirus scanner or a management client, can't be considered trusted until these applications are installed and active.
 
     -   **Hardware upgrade required.** In some cases, a device might require a specific hardware upgrade before it can achieve trusted status. This type of device usually needs an operating system upgrade or additional software that forces the required hardware upgrade. For example, security software might require additional hard disk space on the device.
 
-    -   **Device replacement required.** This category is reserved for devices that cannot support the security requirements of the solution because their hardware cannot support the minimum acceptable configuration. For example, a device that cannot run a secure operating system because it has an old processor (such as a 100-megahertz \[MHz\] x86-based device).
+    -   **Device replacement required.** This category is reserved for devices that can't support the security requirements of the solution because their hardware can't support the minimum acceptable configuration. For example, a device that can't run a secure operating system because it has an old processor (such as a 100-megahertz \[MHz\] x86-based device).
 
 Use these groups to assign costs for implementing the solution on the devices that require upgrades.
 
 ### Known, untrusted state
 
-During the process of categorizing an organization's devices, you will identify some devices that cannot achieve trusted status for specific well-understood and well-defined reasons. These reasons might include the following types:
+During the process of categorizing an organization's devices, you'll identify some devices that can't achieve trusted status for specific well-understood and well-defined reasons. These reasons might include the following types:
 
--   **Financial.** The funding is not available to upgrade the hardware or software for this device.
+-   **Financial.** The funding isn't available to upgrade the hardware or software for this device.
 
--   **Political.** The device must remain in an untrusted state because of a political or business situation that does not enable it to comply with the stated minimum security requirements of the organization. It is highly recommended that you contact the business owner or independent software vendor (ISV) for the device to discuss the added value of server and domain isolation.
+-   **Political.** The device must remain in an untrusted state because of a political or business situation that doesn't enable it to comply with the stated minimum security requirements of the organization. It's highly recommended that you contact the business owner or independent software vendor (ISV) for the device to discuss the added value of server and domain isolation.
 
 -   **Functional.** The device must run a nonsecure operating system or must operate in a nonsecure manner to perform its role. For example, the device might be required to run an older operating system because a specific line of business application will only work on that operating system.
 
 There can be multiple functional reasons for a device to remain in the known untrusted state. The following list includes several examples of functional reasons that can lead to a classification of this state:
 
--   **Devices that run unsupported versions of Windows.** This includes Windows XP, Windows Millennium Edition, Windows 98, Windows 95, or Windows NT. Devices that run these versions of the Windows operating system cannot be classified as trustworthy because these operating systems do not support the required security infrastructure. For example, although Windows NT does support a basic security infrastructure, it does not support “deny” ACLs on local resources, any way to ensure the confidentiality and integrity of network communications, smart cards for strong authentication, or centralized management of device configurations (although limited central management of user configurations is supported).
+-   **Devices that run unsupported versions of Windows.** This includes Windows XP, Windows Millennium Edition, Windows 98, Windows 95, or Windows NT. Devices that run these versions of the Windows operating system can't be classified as trustworthy because these operating systems don't support the required security infrastructure. For example, although Windows NT does support a basic security infrastructure, it doesn't support “deny” ACLs on local resources, any way to ensure the confidentiality and integrity of network communications, smart cards for strong authentication, or centralized management of device configurations (although limited central management of user configurations is supported).
 
--   **Stand-alone devices.** Devices running any version of Windows that are configured as stand-alone devices or as members of a workgroup usually cannot achieve a trustworthy state. Although these devices fully support the minimum required basic security infrastructure, the required security management capabilities are unlikely to be available when the device is not a part of a trusted domain.
+-   **Stand-alone devices.** Devices running any version of Windows that are configured as stand-alone devices or as members of a workgroup usually can't achieve a trustworthy state. Although these devices fully support the minimum required basic security infrastructure, the required security management capabilities are unlikely to be available when the device isn't a part of a trusted domain.
 
--   **Devices in an untrusted domain.** A device that is a member of a domain that is not trusted by an organization's IT department cannot be classified as trusted. An untrusted domain is a domain that cannot provide the required security capabilities to its members. Although the operating systems of devices that are members of this untrusted domain might fully support the minimum required basic security infrastructure, the required security management capabilities cannot be fully guaranteed when devices are not in a trusted domain.
+-   **Devices in an untrusted domain.** A device that is a member of a domain that isn't trusted by an organization's IT department can't be classified as trusted. An untrusted domain is a domain that can't provide the required security capabilities to its members. Although the operating systems of devices that are members of this untrusted domain might fully support the minimum required basic security infrastructure, the required security management capabilities can't be fully guaranteed when devices aren't in a trusted domain.
 
 ### Unknown, untrusted state
 
@@ -129,20 +124,20 @@ The final step in this part of the process is to record the approximate cost of
 
 -   What is the projected cost or impact of making the proposed changes to enable the device to achieve a trusted state?
 
-By answering these questions, you can quickly determine the level of effort and approximate cost of bringing a particular device or group of devices into the scope of the project. It is important to remember that the state of a device is transitive, and that by performing the listed remedial actions you can change the state of a device from untrusted to trusted. After you decide whether to place a device in a trusted state, you are ready to begin planning and designing the isolation groups, which the next section [Planning Domain Isolation Zones](planning-domain-isolation-zones.md) discusses.
+By answering these questions, you can quickly determine the level of effort and approximate cost of bringing a particular device or group of devices into the scope of the project. It's important to remember that the state of a device is transitive, and that by performing the listed remedial actions you can change the state of a device from untrusted to trusted. After you decide whether to place a device in a trusted state, you're ready to begin planning and designing the isolation groups, which the next section [Planning Domain Isolation Zones](planning-domain-isolation-zones.md) discusses.
 
 The following table is an example of a data sheet that you could use to help capture the current state of a device and what would be required for the device to achieve a trusted state.
 
 | Device name | Hardware reqs met | Software reqs met | Configuration required | Details | Projected cost |
 | - | - | - | - | - | - |
-| CLIENT001 | No| No| Upgrade hardware and software.| Current operating system is Windows XP. Old hardware is not compatible with newer versions of Windows.| $??| 
+| CLIENT001 | No| No| Upgrade hardware and software.| Current operating system is Windows XP. Old hardware isn't compatible with newer versions of Windows.| $??| 
 | SERVER001 | Yes| No| Join trusted domain and upgrade from Windows Server 2003 to Windows Server 2012.| No antivirus software present.| $??| 
 
 In the previous table, the device CLIENT001 is currently "known, untrusted" because its hardware must be upgraded. However, it could be considered trustworthy if the required upgrades are possible. However, if many devices require the same upgrades, the overall cost of the solution would be much higher.
 
 The device SERVER001 is "trustworthy" because it meets the hardware requirements but its operating system must be upgraded. It also requires antivirus software. The projected cost is the amount of effort that is required to upgrade the operating system and install antivirus software, along with their purchase costs.
 
-With the other information that you have gathered in this section, this information will be the foundation of the efforts performed later in the [Planning Domain Isolation Zones](planning-domain-isolation-zones.md) section.
+With the other information that you've gathered in this section, this information will be the foundation of the efforts performed later in the [Planning Domain Isolation Zones](planning-domain-isolation-zones.md) section.
 
 The costs identified in this section only capture the projected cost of the device upgrades. Many additional design, support, test, and training costs should be accounted for in the overall project plan.
 

windows/security/threat-protection/windows-firewall/documenting-the-zones.md

@@ -1,17 +1,12 @@
 ---
 title: Documenting the Zones (Windows)
 description: Learn how to document the zone placement of devices in your design for Windows Defender Firewall with Advanced Security.
-ms.assetid: ebd7a650-4d36-42d4-aac0-428617f5a32d
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021

windows/security/threat-protection/windows-firewall/domain-isolation-policy-design-example.md

@@ -1,17 +1,12 @@
 ---
 title: Domain Isolation Policy Design Example (Windows)
 description: This example uses a fictitious company to illustrate domain isolation policy design in Windows Defender Firewall with Advanced Security.
-ms.assetid: 704dcf58-286f-41aa-80af-c81720aa7fc5
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021

windows/security/threat-protection/windows-firewall/domain-isolation-policy-design.md

@@ -1,17 +1,12 @@
 ---
 title: Domain Isolation Policy Design (Windows)
 description: Learn how to design a domain isolation policy, based on which devices accept only connections from authenticated members of the same isolated domain.
-ms.assetid: 7475084e-f231-473a-9357-5e1d39861d66
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021

windows/security/threat-protection/windows-firewall/enable-predefined-inbound-rules.md

@@ -1,17 +1,12 @@
 ---
 title: Enable Predefined Inbound Rules (Windows)
 description: Learn the rules for Windows Defender Firewall with Advanced Security for common networking roles and functions.
-ms.assetid: a4fff086-ae81-4c09-b828-18c6c9a937a7
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021

windows/security/threat-protection/windows-firewall/enable-predefined-outbound-rules.md

@@ -1,17 +1,12 @@
 ---
 title: Enable Predefined Outbound Rules (Windows)
 description: Learn to deploy predefined firewall rules that block outbound network traffic for common network functions in Windows Defender Firewall with Advanced Security.
-ms.assetid: 71cc4157-a1ed-41d9-91e4-b3140c67c1be
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/07/2021

windows/security/threat-protection/windows-firewall/encryption-zone-gpos.md

@@ -1,17 +1,12 @@
 ---
 title: Encryption Zone GPOs (Windows)
 description: Learn how to add a device to an encryption zone by adding the device account to the encryption zone group in Windows Defender Firewall with Advanced Security.
-ms.assetid: eeb973dd-83a5-4381-9af9-65c43c98c29b
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021
@@ -27,6 +22,6 @@ ms.technology: windows-sec
 
 Handle encryption zones in a similar manner to the boundary zones. A device is added to an encryption zone by adding the device account to the encryption zone group. Woodgrove Bank has a single service that must be protected, and the devices that are running that service are added to the group CG\_DOMISO\_Encryption. This group is granted Read and Apply Group Policy permissions in on the GPO described in this section.
 
-The GPO is only for server versions of Windows. Client devices are not expected to participate in the encryption zone. If the need for one occurs, either create a new GPO for that version of Windows, or expand the WMI filter attached to one of the existing encryption zone GPOs to make it apply to the client version of Windows.
+The GPO is only for server versions of Windows. Client devices aren't expected to participate in the encryption zone. If the need for one occurs, either create a new GPO for that version of Windows, or expand the WMI filter attached to one of the existing encryption zone GPOs to make it apply to the client version of Windows.
 
 -   [GPO\_DOMISO\_Encryption](gpo-domiso-encryption.md)

windows/security/threat-protection/windows-firewall/encryption-zone.md

@@ -1,17 +1,12 @@
 ---
 title: Encryption Zone (Windows)
 description: Learn how to create an encryption zone to contain devices that host very sensitive data and require that the sensitive network traffic be encrypted.
-ms.assetid: 55a025ce-357f-4d1b-b2ae-6ee32c9abe13
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md

@@ -1,17 +1,12 @@
 ---
 title: Evaluating Windows Defender Firewall with Advanced Security Design Examples (Windows)
 description: Evaluating Windows Defender Firewall with Advanced Security Design Examples
-ms.assetid: a591389b-18fa-4a39-ba07-b6fb61961cbd
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/exempt-icmp-from-authentication.md

@@ -1,17 +1,12 @@
 ---
 title: Exempt ICMP from Authentication (Windows)
 description: Learn how to add exemptions for any network traffic that uses the ICMP protocol in Windows Defender Firewall with Advanced Security.
-ms.assetid: c086c715-8d0c-4eb5-9ea7-2f7635a55548
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/exemption-list.md

@@ -1,17 +1,12 @@
 ---
 title: Exemption List (Windows)
 description: Learn about reasons to add devices to an exemption list in Windows Defender Firewall with Advanced Security and the trade-offs of having too many exemptions.
-ms.assetid: a05e65b4-b48d-44b1-a7f1-3a8ea9c19ed8
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/filter-origin-documentation.md

@@ -4,8 +4,6 @@ description: Filter origin documentation audit log improvements
 ms.reviewer: 
 ms.author: v-bshilpa
 ms.prod: m365-security
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: normal
 author: Benny-54
 manager: dansimp

windows/security/threat-protection/windows-firewall/firewall-gpos.md

@@ -1,17 +1,12 @@
 ---
 title: Firewall GPOs (Windows)
 description: In this example, a Group Policy Object is linked to the domain container because the domain controllers are not part of the isolated domain.
-ms.assetid: 720645fb-a01f-491e-8d05-c9c6d5e28033
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/firewall-policy-design-example.md

@@ -1,17 +1,12 @@
 ---
 title: Basic Firewall Policy Design Example (Windows)
 description: This example features a fictitious company and illustrates firewall policy design for Windows Defender Firewall with Advanced Security.
-ms.assetid: 0dc3bcfe-7a4d-4a15-93a9-64b13bd775a7
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/firewall-settings-lost-on-upgrade.md

@@ -4,8 +4,6 @@ description: Firewall settings lost on upgrade
 ms.reviewer: 
 ms.author: v-bshilpa
 ms.prod: m365-security
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: Benny-54
 manager: dansimp

windows/security/threat-protection/windows-firewall/gathering-information-about-your-active-directory-deployment.md

@@ -1,17 +1,12 @@
 ---
 title: Gathering Information about Your Active Directory Deployment (Windows)
 description: Learn about gathering Active Directory information, including domain layout, organizational unit architecture, and site topology, for your firewall deployment.
-ms.assetid: b591b85b-12ac-4329-a47e-bc1b03e66eb0
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/gathering-information-about-your-current-network-infrastructure.md

@@ -1,17 +1,12 @@
 ---
 title: Gathering Info about Your Network Infrastructure (Windows)
 description: Learn how to gather info about your network infrastructure so that you can effectively plan for Windows Defender Firewall with Advanced Security deployment.
-ms.assetid: f98d2b17-e71d-4ffc-b076-118b4d4782f9
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/gathering-information-about-your-devices.md

@@ -1,17 +1,12 @@
 ---
 title: Gathering Information about Your Devices (Windows)
 description: Learn what information to gather about the devices in your enterprise to plan your Windows Defender Firewall with Advanced Security deployment.
-ms.assetid: 7f7cd3b9-de8e-4fbf-89c6-3d1a47bc2beb
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md

@@ -1,17 +1,12 @@
 ---
 title: Gathering Other Relevant Information (Windows)
 description: Learn about additional information you may need to gather to deploy Windows Defender Firewall with Advanced Security policies in your organization.
-ms.assetid: 87ccca07-4346-496b-876d-cdde57d0ce17
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/gathering-the-information-you-need.md

@@ -1,17 +1,12 @@
 ---
 title: Gathering the Information You Need (Windows)
 description: Collect and analyze information about your network, directory services, and devices to prepare for Windows Defender Firewall with Advanced Security deployment.
-ms.assetid: 545fef02-5725-4b1e-b67a-a32d94c27d15
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/gpo-domiso-boundary.md

@@ -1,17 +1,12 @@
 ---
 title: GPO\_DOMISO\_Boundary (Windows)
 description: This example GPO supports devices that are not part of the isolated domain to access specific servers that must be available to those untrusted devices.
-ms.assetid: ead3a510-c329-4c2a-9ad2-46a3b4975cfd
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/gpo-domiso-encryption.md

@@ -1,18 +1,13 @@
 ---
 title: GPO\_DOMISO\_Encryption\_WS2008 (Windows)
 description: This example GPO supports the ability for servers that contain sensitive data to require encryption for all connection requests.
-ms.assetid: 84375480-af6a-4c79-aafe-0a37115a7446
 ms.reviewer: 
 ms.author: dansimp
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 ms.date: 09/08/2021
 ms.technology: windows-sec

windows/security/threat-protection/windows-firewall/gpo-domiso-firewall.md

@@ -1,17 +1,12 @@
 ---
 title: GPO\_DOMISO\_Firewall (Windows)
 description: Learn about the settings and rules in this example GPO, which is authored by using the Group Policy editing tools.
-ms.assetid: 318467d2-5698-4c5d-8000-7f56f5314c42
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-clients.md

@@ -1,17 +1,12 @@
 ---
 title: GPO\_DOMISO\_IsolatedDomain\_Clients (Windows)
 description: Author this GPO by using the Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools.
-ms.assetid: 73cd9e25-f2f1-4ef6-b0d1-d36209518cd9
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/gpo-domiso-isolateddomain-servers.md

@@ -1,17 +1,12 @@
 ---
 title: GPO\_DOMISO\_IsolatedDomain\_Servers (Windows)
 description: Author this GPO by using the Windows Defender Firewall with Advanced Security interface in the Group Policy editing tools.
-ms.assetid: 33aed8f3-fdc3-4f96-985c-e9d2720015d3
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/identifying-your-windows-firewall-with-advanced-security-deployment-goals.md

@@ -1,17 +1,12 @@
 ---
 title: Identify implementation goals for Windows Defender Firewall with Advanced Security Deployment (Windows)
 description: Identifying Your Windows Defender Firewall with Advanced Security (WFAS) implementation goals
-ms.assetid: 598cf45e-2e1c-4947-970f-361dfa264bba
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/implementing-your-windows-firewall-with-advanced-security-design-plan.md

@@ -1,17 +1,12 @@
 ---
 title: Implementing Your Windows Defender Firewall with Advanced Security Design Plan (Windows)
 description: Implementing Your Windows Defender Firewall with Advanced Security Design Plan
-ms.assetid: 15f609d5-5e4e-4a71-9eff-493a2e3e40f9
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/isolated-domain-gpos.md

@@ -1,17 +1,12 @@
 ---
 title: Isolated Domain GPOs (Windows)
 description: Learn about GPOs for isolated domains in this example configuration of Windows Defender Firewall with Advanced Security.
-ms.assetid: e254ce4a-18c6-4868-8179-4078d9de215f
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/isolated-domain.md

@@ -1,17 +1,12 @@
 ---
 title: Isolated Domain (Windows)
 description: Learn about the isolated domain, which is the primary zone for trusted devices, which use connection security and firewall rules to control communication.
-ms.assetid: d6fa8d67-0078-49f6-9bcc-db1f24816c5e
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/isolating-apps-on-your-network.md

@@ -2,13 +2,9 @@
 title: Isolating Microsoft Store Apps on Your Network (Windows)
 description: Learn how to customize your firewall configuration to isolate the network access of the new Microsoft Store apps that run on devices added to your network.
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/link-the-gpo-to-the-domain.md

@@ -1,17 +1,12 @@
 ---
 title: Link the GPO to the Domain (Windows)
 description: Learn how to link a GPO to the Active Directory container for the target devices, after you configure it in Windows Defender Firewall with Advanced Security.
-ms.assetid: 746d4553-b1a6-4954-9770-a948926b1165
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md

@@ -1,17 +1,12 @@
 ---
 title: Mapping your implementation goals to a Windows Firewall with Advanced Security design (Windows)
 description: Mapping your implementation goals to a Windows Firewall with Advanced Security design
-ms.assetid: 7e68c59e-ba40-49c4-8e47-5de5d6b5eb22
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/modify-gpo-filters-to-apply-to-a-different-zone-or-version-of-windows.md

@@ -1,17 +1,12 @@
 ---
 title: Modify GPO Filters (Windows)
 description: Learn how to modify GPO filters to apply to a different zone or version of windows in Windows Defender Firewall with Advanced Security.
-ms.assetid: 24ede9ca-a501-4025-9020-1129e2cdde80
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-ip-security-policies.md

@@ -1,17 +1,12 @@
 ---
 title: Open the Group Policy Management Console to IP Security Policies (Windows)
 description: Learn how to open the Group Policy Management Console to IP Security Policies to configure GPOs for earlier versions of the Windows operating system.
-ms.assetid: 235f73e4-37b7-40f4-a35e-3e7238bbef43
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md

@@ -1,17 +1,12 @@
 ---
 title: Group Policy Management of Windows Firewall with Advanced Security (Windows)
 description: Group Policy Management of Windows Firewall with Advanced Security
-ms.assetid: 28afab36-8768-4938-9ff2-9d6dab702e98
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall.md

@@ -1,17 +1,12 @@
 ---
 title: Group Policy Management of Windows Defender Firewall (Windows)
 description: Group Policy Management of Windows Defender Firewall with Advanced Security
-ms.assetid: 5090b2c8-e038-4905-b238-19ecf8227760
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/open-windows-firewall-with-advanced-security.md

@@ -1,17 +1,12 @@
 ---
 title: Open Windows Defender Firewall with Advanced Security (Windows)
 description: Learn how to open the Windows Defender Firewall with Advanced Security console. You must be a member of the Administrators group.
-ms.assetid: 788faff2-0f50-4e43-91f2-3e2595c0b6a1
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-certificate-based-authentication.md

@@ -1,17 +1,12 @@
 ---
 title: Planning Certificate-based Authentication (Windows)
 description: Learn how a device unable to join an Active Directory domain can still participate in an isolated domain by using certificate-based authentication.
-ms.assetid: a55344e6-d0df-4ad5-a6f5-67ccb6397dec
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-domain-isolation-zones.md

@@ -1,17 +1,12 @@
 ---
 title: Planning Domain Isolation Zones (Windows)
 description: Learn how to use information you have gathered to make decisions about isolation zones for your environment in Windows Defender Firewall with Advanced Security.
-ms.assetid: 70bc7c52-91f0-4a0d-a64a-69d3ea1c6d05
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-gpo-deployment.md

@@ -1,17 +1,12 @@
 ---
 title: Planning GPO Deployment (Windows)
 description: Learn how to use security group filtering and WMI filtering to provide the most flexible options for applying GPOs to devices in Active Directory.
-ms.assetid: b38adfb1-1371-4227-a887-e6d118809de1
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-group-policy-deployment-for-your-isolation-zones.md

@@ -1,17 +1,12 @@
 ---
 title: Planning Group Policy Deployment for Your Isolation Zones (Windows)
 description: Learn how to plan a group policy deployment for your isolation zones after you determine the best logical design for your isolation environment.
-ms.assetid: ea7c0acd-af28-4347-9d4a-4801b470557c
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-isolation-groups-for-the-zones.md

@@ -1,17 +1,12 @@
 ---
 title: Planning Isolation Groups for the Zones (Windows)
 description: Learn about planning isolation groups for the zones in Microsoft Firewall, including information on universal groups and GPOs.
-ms.assetid: be4b662d-c1ce-441e-b462-b140469a5695
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-network-access-groups.md

@@ -1,17 +1,12 @@
 ---
 title: Planning Network Access Groups (Windows)
 description: Learn how to implement a network access group for users and devices that can access an isolated server in Windows Defender Firewall with Advanced Security.
-ms.assetid: 56ea1717-1731-4a5d-b277-5a73eb86feb0
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-server-isolation-zones.md

@@ -1,17 +1,12 @@
 ---
 title: Planning Server Isolation Zones (Windows)
 description: Learn how to restrict access to a server to approved users by using a server isolation zone in Windows Defender Firewall with Advanced Security.
-ms.assetid: 5f63c929-589e-4b64-82ea-515d62765b7b
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy.md

@@ -1,17 +1,12 @@
 ---
 title: Planning Settings for a Basic Firewall Policy (Windows)
 description: Learn how to design a basic policy for Windows Defender Firewall with Advanced Security, the settings and rules that enforce your requirements on devices.
-ms.assetid: 4c90df5a-3cbc-4b85-924b-537c2422d735
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-the-gpos.md

@@ -1,17 +1,12 @@
 ---
 title: Planning the GPOs (Windows)
 description: Learn about planning Group Policy Objects for your isolation zones in Windows Defender Firewall with Advanced Security, after you design the zone layout.
-ms.assetid: 11949ca3-a11c-4a16-b297-0862432eb5b4
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-to-deploy-windows-firewall-with-advanced-security.md

@@ -1,17 +1,12 @@
 ---
 title: Plan to Deploy Windows Defender Firewall with Advanced Security (Windows)
 description: Use the design information in this article to plan for the deployment of Windows Defender Firewall with Advanced Security in your organization.
-ms.assetid: 891a30c9-dbf5-4a88-a279-00662b9da48e
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/planning-your-windows-firewall-with-advanced-security-design.md

@@ -1,17 +1,12 @@
 ---
 title: Planning Your Windows Defender Firewall with Advanced Security Design (Windows)
 description: After you gather the relevant information, select the design or combination of designs for Windows Defender Firewall with Advanced Security in your environment.
-ms.assetid: f3ac3d49-ef4c-4f3c-a16c-e107284e169f
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/procedures-used-in-this-guide.md

@@ -1,17 +1,12 @@
 ---
 title: Procedures Used in This Guide (Windows)
 description: Refer to this summary of procedures for Windows Defender Firewall with Advanced Security from checklists in this guide.
-ms.assetid: 45c0f549-e4d8-45a3-a600-63e2a449e178
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/protect-devices-from-unwanted-network-traffic.md

@@ -1,17 +1,12 @@
 ---
 title: Protect devices from unwanted network traffic (Windows)
 description: Learn how running a host-based firewall on every device in your organization can help protect against attacks as part of a defense-in-depth security strategy.
-ms.assetid: 307d2b38-e8c4-4358-ae16-f2143af965dc
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 01/18/2022

windows/security/threat-protection/windows-firewall/quarantine.md

@@ -4,14 +4,9 @@ description: Quarantine behavior is explained in detail.
 ms.author: v-bshilpa
 author: Benny-54
 manager: dansimp
-ms.assetid: 
 ms.reviewer: 
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: normal
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/require-encryption-when-accessing-sensitive-network-resources.md

@@ -1,17 +1,12 @@
 ---
 title: Require Encryption When Accessing Sensitive Network Resources (Windows)
 description: Windows Defender Firewall with Advanced Security allows you to require that all network traffic in an isolated domain be encrypted.
-ms.assetid: da980d30-a68b-4e2a-ba63-94726355ce6f
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/restrict-access-to-only-specified-users-or-devices.md

@@ -1,17 +1,12 @@
 ---
 title: Restrict Access to Only Specified Users or Devices (Windows)
 description: Restrict access to devices and users that are members of domain groups authorized to access that device using Windows Defender Firewall with Advanced Security.
-ms.assetid: a6106a07-f9e5-430f-8dbd-06d3bf7406df
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/restrict-access-to-only-trusted-devices.md

@@ -1,17 +1,12 @@
 ---
 title: Restrict access to only trusted devices (Windows)
 description: Windows Defender Firewall with Advanced Security enables you to isolate devices you trust and restrict access of untrusted devices to trusted devices.
-ms.assetid: bc1f49a4-7d54-4857-8af9-b7c79f47273b
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/restrict-server-access-to-members-of-a-group-only.md

@@ -1,17 +1,12 @@
 ---
 title: Restrict Server Access to Members of a Group Only (Windows)
 description: Create a firewall rule to access isolated servers running Windows Server 2008 or later and restrict server access to members of a group.
-ms.assetid: ea51c55b-e1ed-44b4-82e3-3c4287a8628b
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/securing-end-to-end-ipsec-connections-by-using-ikev2.md

@@ -2,13 +2,9 @@
 title: Securing End-to-End IPsec Connections by Using IKEv2 in Windows Server 2012 (Windows)
 description: Securing End-to-End IPsec Connections by Using IKEv2 in Windows Server 2012
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/server-isolation-gpos.md

@@ -1,17 +1,12 @@
 ---
 title: Server Isolation GPOs (Windows)
 description: Learn about required GPOs for isolation zones and how many server isolation zones you need in Windows Defender Firewall with Advanced Security.
-ms.assetid: c97b1f2f-51d8-4596-b38a-8a3f6f706be4
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/server-isolation-policy-design-example.md

@@ -1,17 +1,12 @@
 ---
 title: Server Isolation Policy Design Example (Windows)
 description: Learn about server isolation policy design in Windows Defender Firewall with Advanced Security by referring to this example of a fictitious company.
-ms.assetid: 337e5f6b-1ec5-4b83-bee5-d0aea1fa5fc6
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/server-isolation-policy-design.md

@@ -1,17 +1,12 @@
 ---
 title: Server Isolation Policy Design (Windows)
 description: Learn about server isolation policy design, where you assign servers to a zone that allows access only to members of an approved network access group.
-ms.assetid: f93f65cd-b863-461e-ab5d-a620fd962c9a
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/troubleshooting-uwp-firewall.md

@@ -4,8 +4,6 @@ description: Troubleshooting UWP App Connectivity Issues in Windows Firewall
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp

windows/security/threat-protection/windows-firewall/turn-on-windows-firewall-and-configure-default-behavior.md

@@ -1,17 +1,12 @@
 ---
 title: Turn on Windows Defender Firewall with Advanced Security and Configure Default Behavior (Windows)
 description: Turn on Windows Defender Firewall with Advanced Security and Configure Default Behavior
-ms.assetid: 3c3fe832-ea81-4227-98d7-857a3129db74
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/understanding-the-windows-firewall-with-advanced-security-design-process.md

@@ -2,13 +2,9 @@
 title: Understand WFAS Deployment (Windows)
 description: Resources for helping you understand the Windows Defender Firewall with Advanced Security (WFAS) Design Process
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md

@@ -1,17 +1,12 @@
 ---
 title: Verify That Network Traffic Is Authenticated (Windows)
 description: Learn how to confirm that network traffic is being protected by IPsec authentication after you configure your domain isolation rule to require authentication.
-ms.assetid: cc1fb973-aedf-4074-ad4a-7376b24f03d2
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-administration-with-windows-powershell.md

@@ -2,13 +2,9 @@
 title: Windows Defender Firewall with Advanced Security Administration with Windows PowerShell (Windows)
 description: Windows Defender Firewall with Advanced Security Administration with Windows PowerShell
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md

@@ -1,17 +1,12 @@
 ---
 title: Windows Defender Firewall with Advanced Security deployment overview (Windows)
 description: Use this guide to deploy Windows Defender Firewall with Advanced Security for your enterprise to help protect devices and data that they share across a network.
-ms.assetid: 56b51b97-1c38-481e-bbda-540f1216ad56
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-design-guide.md

@@ -1,17 +1,12 @@
 ---
 title: Windows Defender Firewall with Advanced Security design guide (Windows)
 description: Learn about common goals for using Windows Defender Firewall with Advanced Security to choose or create a design for deploying the firewall in your enterprise.
-ms.assetid: 5c631389-f232-4b95-9e48-ec02b8677d51
 ms.reviewer: 
 ms.author: dansimp
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md

@@ -2,14 +2,10 @@
 title: Windows Defender Firewall with Advanced Security (Windows)
 description: Learn overview information about the Windows Defender Firewall with Advanced Security (WFAS) and Internet Protocol security (IPsec) features.
 ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.localizationpriority: medium
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 09/08/2021

windows/security/threat-protection/windows-platform-common-criteria.md

@@ -2,7 +2,6 @@
 title: Common Criteria Certifications
 description: This topic details how Microsoft supports the Common Criteria certification program.
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp

windows/security/threat-protection/windows-sandbox/windows-sandbox-architecture.md

@@ -2,7 +2,6 @@
 title: Windows Sandbox architecture
 description: Windows Sandbox architecture
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp

windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md

@@ -2,7 +2,6 @@
 title: Windows Sandbox configuration
 description: Windows Sandbox configuration
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp

windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md

@@ -2,7 +2,6 @@
 title: Windows Sandbox
 description: Windows Sandbox overview
 ms.prod: m365-security
-audience: ITPro
 author: dansimp
 ms.author: dansimp
 manager: dansimp

windows/security/threat-protection/windows-security-configuration-framework/get-support-for-security-baselines.md

@@ -1,14 +1,11 @@
 ---
 title: Get support for security baselines
 description: Find answers to frequently asked question on how to get support for baselines, the Security Compliance Toolkit (SCT), and related topics.
-keywords: virtualization, security, malware
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 02/14/2022

windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md

@@ -1,14 +1,11 @@
 ---
 title: Microsoft Security Compliance Toolkit 1.0 Guide
 description: This article describes how to use Security Compliance Toolkit 1.0 in your organization
-keywords: virtualization, security, malware
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 02/14/2022

windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md

@@ -1,14 +1,11 @@
 ---
 title: Security baselines guide
 description: Learn how to use security baselines in your organization.
-keywords: virtualization, security, malware
 ms.prod: m365-security
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dansimp
 manager: dansimp
-audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
 ms.date: 01/26/2022

windows/security/trusted-boot.md

@@ -5,7 +5,6 @@ search.appverid: MET150
 author: denisebmsft
 ms.author: deniseb
 manager: dansimp 
-audience: ITPro
 ms.topic: conceptual
 ms.date: 09/21/2021
 ms.prod: m365-security
@@ -14,7 +13,6 @@ ms.localizationpriority: medium
 ms.collection: 
 ms.custom: 
 ms.reviewer: jsuther  
-f1.keywords: NOCSH  
 ---
 
 # Secure Boot and Trusted Boot

windows/security/zero-trust-windows-device-health.md

@@ -5,9 +5,6 @@ ms.reviewer:
 ms.topic: article
 manager: dansimp
 ms.author: dansimp
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 author: dansimp
 ms.collection: M365-security-compliance
 ms.custom: intro-overview