diff --git a/devices/surface-hub/images/whats-new-video-thumbnail.PNG b/devices/surface-hub/images/whats-new-video-thumbnail.PNG new file mode 100644 index 0000000000..44cbffcbb3 Binary files /dev/null and b/devices/surface-hub/images/whats-new-video-thumbnail.PNG differ diff --git a/devices/surface-hub/surfacehub-whats-new-1703.md b/devices/surface-hub/surfacehub-whats-new-1703.md index bc149a2338..7d770e3856 100644 --- a/devices/surface-hub/surfacehub-whats-new-1703.md +++ b/devices/surface-hub/surfacehub-whats-new-1703.md @@ -15,11 +15,9 @@ ms.localizationpriority: medium Watch Surface Hub engineer Jordan Marchese present updates to Microsoft Surface Hub with Windows 10, version 1703 (Creators Update). - + Link to Surface Hub video on Youtube -Windows 10, version 1703 (also called the Creators Update), introduces the following changes for Microsoft Surface Hub: +Windows 10, version 1703 (also called the Creators Update), introduces the following changes for Microsoft Surface Hub. ## New settings @@ -40,7 +38,7 @@ Settings have been added to mobile device management (MDM) and configuration ser Plus settings based on the new [NetworkQoSPolicy CSP](https://msdn.microsoft.com/en-us/windows/hardware/commercialize/customize/mdm/networkqospolicy-csp) and [NetworkProxy CSP](https://msdn.microsoft.com/en-us/windows/hardware/commercialize/customize/mdm/networkproxy-csp).
-## Provizioning wizard +## Provisioning wizard An easy-to-use wizard helps you quickly create provisioning packages that you can apply to multiple Surface Hub devices, and includes bulk join to Azure Active Directory. [Learn how to create a provisioning package for Surface Hub.](provisioning-packages-for-certificates-surface-hub.md) diff --git a/education/trial-in-a-box/index.md b/education/trial-in-a-box/index.md index 70ca0dfbc2..2dbb835a36 100644 --- a/education/trial-in-a-box/index.md +++ b/education/trial-in-a-box/index.md @@ -24,6 +24,8 @@ ms.date: 12/11/2017
--> +Welcome to Microsoft Education Trial in a Box. We built this trial to make it easy to try our latest classroom technologies. We have two scenarios for you to try: one for educators and one for IT. We recommend starting with Educators. To begin, click **Get started** below. +
| ![Get started for Educators](images/teacher_rotated_resized.png) | ![Get started for IT Admins](images/itadmin_rotated_resized.png) | diff --git a/windows/access-protection/hello-for-business/hello-adequate-domain-controllers.md b/windows/access-protection/hello-for-business/hello-adequate-domain-controllers.md index 1f5c6f440f..9efe9705c4 100644 --- a/windows/access-protection/hello-for-business/hello-adequate-domain-controllers.md +++ b/windows/access-protection/hello-for-business/hello-adequate-domain-controllers.md @@ -79,7 +79,7 @@ Add the number of authentications for each domain controller for the median time Review the distribution of authentication. Hopefully, none of these are above 70 percent. It's always good to reserve some capacity for the unexpected. Also, the primary purposes of a domain controller is to provide authentication and handle Active Directory operations. Identify domain controllers with lower distributions of authentication as potential candidates for the initial domain controller upgrades in conjunction with a reasonable distribution of clients provisioned for Windows Hello for Business. ## Monitoring Authentication -Using the same methods previously described above, monitor the Kerberos authentication after upgrading a domain controller and your first phase of Windows Hello for Business deployments. Make note of the delta of authentication before and after upgrading the domain controller to Windows Server 2016. This delta is representative of authentication resulting from the first phase of your Windows Hello for Busines clients. This gives you a baseline for your environment to where you can form a statement such as +Using the same methods previously described above, monitor the Kerberos authentication after upgrading a domain controller and your first phase of Windows Hello for Business deployments. Make note of the delta of authentication before and after upgrading the domain controller to Windows Server 2016. This delta is representative of authentication resulting from the first phase of your Windows Hello for Business clients. This gives you a baseline for your environment to where you can form a statement such as ```"Every n Windows Hello for Business clients results in x percentage of key-trust authentication."``` diff --git a/windows/access-protection/hello-for-business/hello-biometrics-in-enterprise.md b/windows/access-protection/hello-for-business/hello-biometrics-in-enterprise.md index 6dac872525..e33c9a15e7 100644 --- a/windows/access-protection/hello-for-business/hello-biometrics-in-enterprise.md +++ b/windows/access-protection/hello-for-business/hello-biometrics-in-enterprise.md @@ -50,22 +50,18 @@ We’ve been working with the device manufacturers to help ensure a high-level o - **False Reject Rate (FRR).** Represents the instances a biometric identification solution fails to verify an authorized person correctly. Usually represented as a percentage, the sum of the True Accept Rate and False Reject Rate is 1. Can be with or without anti-spoofing or liveness detection. ### Fingerprint sensor requirements -To allow fingerprint matching, you must have devices with fingerprint sensors and software. Fingerprint sensors, or sensors that use an employee’s unique fingerprint as an alternative log on option, can be touch sensors (large area or small area) or swipe sensors. Each type of sensor has its own set of detailed requirements that must be implemented by the manufacturer, but all of the sensors must include anti-spoofing measures (required) and a way to configure them (optional). +To allow fingerprint matching, you must have devices with fingerprint sensors and software. Fingerprint sensors, or sensors that use an employee’s unique fingerprint as an alternative log on option, can be touch sensors (large area or small area) or swipe sensors. Each type of sensor has its own set of detailed requirements that must be implemented by the manufacturer, but all of the sensors must include anti-spoofing measures (required). **Acceptable performance range for small to large size touch sensors** - False Accept Rate (FAR): <0.001 – 0.002% -- False Reject Rate (FRR) without Anti-spoofing or liveness detection: <5% - - Effective, real world FRR with Anti-spoofing or liveness detection: <10% **Acceptable performance range for swipe sensors** - False Accept Rate (FAR): <0.002% -- False Reject Rate (FRR) without Anti-spoofing or liveness detection: <5% - - Effective, real world FRR with Anti-spoofing or liveness detection: <10% ### Facial recognition sensors diff --git a/windows/access-protection/hello-for-business/hello-features.md b/windows/access-protection/hello-for-business/hello-features.md index e89b3407a1..5c6fcc07d2 100644 --- a/windows/access-protection/hello-for-business/hello-features.md +++ b/windows/access-protection/hello-for-business/hello-features.md @@ -73,7 +73,7 @@ For this policy setting, the **type** and **scenario** attribute values are stat |Health|2304| |Uncategorized|7936| -The **rssiMin** attribute value signal strength needed for the device to be considered "in-range". The default value of **-10** enables a user to move about an average size office or cubicle without triggering Windows to lock the device. The **rssiMaxDelta** has a default value of **-10**, which instruct Windows 10 to lock the device once the signal strength weakens by more than measurement of 10. +The **rssiMin** attribute value signal indicates the strength needed for the device to be considered "in-range". The default value of **-10** enables a user to move about an average size office or cubicle without triggering Windows to lock the device. The **rssiMaxDelta** has a default value of **-10**, which instruct Windows 10 to lock the device once the signal strength weakens by more than measurement of 10. RSSI measurements are relative and lower as the bluetooth signals between the two paired devices reduces. Therefore a measurement of 0 is stronger than -10, which is stronger than -60, which is an indicator the devices are moving further apart from each other. diff --git a/windows/access-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md b/windows/access-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md index 844f97af64..57a3df8925 100644 --- a/windows/access-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md +++ b/windows/access-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md @@ -41,7 +41,7 @@ Begin configuring device registration to support Hybrid Windows Hello for Busine To do this, follow the **Configure device settings** steps under [Setting up Azure AD Join in your organization](https://azure.microsoft.com/en-us/documentation/articles/active-directory-azureadjoin-setup/) -## Configure Active Directory to support Azure device syncrhonization +## Configure Active Directory to support Azure device synchronization Azure Active Directory is now configured for device registration. Next, you need to configure the on-premises Active Directory to support synchronizing hybrid Azure AD joined devices. Begin with upgrading the Active Directory Schema diff --git a/windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md index 116f576b83..1a68cfc212 100644 --- a/windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md +++ b/windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md @@ -35,7 +35,7 @@ See the Enterprise Mobility and Security blog post [Important changes to Microso >[!TIP] >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working: >- Cloud-delivered protection ->- Fast learning (including Black at first sight) +>- Fast learning (including Block at first sight) >- Potentially unwanted application blocking ## Allow connections to the Windows Defender Antivirus cloud diff --git a/windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md index a5b99ca287..6323444135 100644 --- a/windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md +++ b/windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md @@ -31,7 +31,7 @@ If you're an enterprise security administrator, and you want to determine how we >[!TIP] >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work: >- Cloud-delivered protection ->- Fast learning (including Black at first sight) +>- Fast learning (including Block at first sight) >- Potentially unwanted application blocking diff --git a/windows/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md index 430f6c2ae2..3b17d0a161 100644 --- a/windows/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md +++ b/windows/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md @@ -37,7 +37,7 @@ The tables list: >[!TIP] >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working: >- Cloud-delivered protection ->- Fast learning (including Black at first sight) +>- Fast learning (including Block at first sight) >- Potentially unwanted application blocking diff --git a/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md b/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md index 6aeb1bf74e..c2a9edb814 100644 --- a/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md +++ b/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md @@ -46,7 +46,7 @@ Some of the highlights of Windows Defender AV include: >[!TIP] >You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work: >- Cloud-delivered protection ->- Fast learning (including Black at first sight) +>- Fast learning (including Block at first sight) >- Potentially unwanted application blocking ## What's new in Windows 10, version 1703 diff --git a/windows/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md index 9469fbc10a..28e6945c58 100644 --- a/windows/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md @@ -46,7 +46,7 @@ Parameter | Type | Description Comment | String | Comment to associate with the action. **Required**. ScanType| ScanType | Defines the type of the Scan. **Required**. -**ScanType** controls the type of isolation to perform and can be one of the following: +**ScanType** controls the type of scan to perform and can be one of the following: - **Quick** – Perform quick scan on the machine - **Full** – Perform full scan on the machine diff --git a/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md index 1a7b7ba0b7..772ad2e7b0 100644 --- a/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md +++ b/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md @@ -95,5 +95,5 @@ You can review the Windows event log to see events that are created when Network Topic | Description ---|--- -[Evaluate Network protection](evaluate-network-protection.md) | Undertake aa quick scenario that demonstrate how the feature works, and what events would typically be created. -[Enable Network protection](enable-network-protection.md) | Use Group Policy, PowerShell, or MDM CSPs to enable and manage the Network protection feature in your network. \ No newline at end of file +[Evaluate Network protection](evaluate-network-protection.md) | Undertake a quick scenario that demonstrate how the feature works, and what events would typically be created. +[Enable Network protection](enable-network-protection.md) | Use Group Policy, PowerShell, or MDM CSPs to enable and manage the Network protection feature in your network.