From e9727b77912e7eec69471e3bce72a7efa97f4bbd Mon Sep 17 00:00:00 2001 From: jobarner <38857023+jobarner@users.noreply.github.com> Date: Sun, 24 Nov 2019 16:15:45 +0200 Subject: [PATCH 1/4] Clarify VDI scenarios --- .../configure-endpoints-vdi.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md index b268c9db63..361fa008f4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md @@ -31,14 +31,16 @@ ms.date: 04/24/2018 Microsoft Defender ATP supports non-persistent VDI session onboarding. There might be associated challenges when onboarding VDIs. The following are typical challenges for this scenario: +- Instant early onboarding of a short-lived sessions, which must be onboarded to Microsoft Defender ATP prior to the actual provisioning. +- Machine name are typically reused for new sessions. -- Instant early onboarding of a short living session - - A session should be onboarded to Microsoft Defender ATP prior to the actual provisioning. +VDI machines can appear in MDATP portal as either: -- Machine name persistence - - The machine names are typically reused for new sessions. One may ask to have them as a single machine entry while others may prefer to have multiple entries per machine name. +- Single entry for each machine. +Note that in this case, the machine name must be configured when the session is created, for example using an unattended answer file. +- Multiple entries for each machine - one for each session. -You can onboard VDI machines using a single entry or multiple entries for each machine. The following steps will guide you through onboarding VDI machines and will highlight steps for single and multiple entries. +The following steps will guide you through onboarding VDI machines and will highlight steps for single and multiple entries. >[!WARNING] > For environments where there are low resource configurations, the VDI boot proceedure might slow the Microsoft Defender ATP sensor onboarding. From 1121a15e681a88b8d479bfb76dd54b76b9b12af8 Mon Sep 17 00:00:00 2001 From: jobarner <38857023+jobarner@users.noreply.github.com> Date: Sun, 24 Nov 2019 16:29:37 +0200 Subject: [PATCH 2/4] Improve phrasing more, also fix typo --- .../microsoft-defender-atp/configure-endpoints-vdi.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md index 361fa008f4..9f1634e869 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md @@ -37,13 +37,13 @@ Microsoft Defender ATP supports non-persistent VDI session onboarding. There mig VDI machines can appear in MDATP portal as either: - Single entry for each machine. -Note that in this case, the machine name must be configured when the session is created, for example using an unattended answer file. +Note that in this case, the *same* machine name must be configured when the session is created, for example using an unattended answer file. - Multiple entries for each machine - one for each session. The following steps will guide you through onboarding VDI machines and will highlight steps for single and multiple entries. >[!WARNING] -> For environments where there are low resource configurations, the VDI boot proceedure might slow the Microsoft Defender ATP sensor onboarding. +> For environments where there are low resource configurations, the VDI boot procedure might slow the Microsoft Defender ATP sensor onboarding. 1. Open the VDI configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/): From 34d912f67ef65511a5ce9e7a2d4c4cd61fcf9bb9 Mon Sep 17 00:00:00 2001 From: jobarner <38857023+jobarner@users.noreply.github.com> Date: Mon, 25 Nov 2019 13:06:26 +0200 Subject: [PATCH 3/4] Fix phrasing following PR comment --- .../microsoft-defender-atp/configure-endpoints-vdi.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md index 9f1634e869..1ec1a8e920 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md @@ -32,7 +32,7 @@ ms.date: 04/24/2018 Microsoft Defender ATP supports non-persistent VDI session onboarding. There might be associated challenges when onboarding VDIs. The following are typical challenges for this scenario: - Instant early onboarding of a short-lived sessions, which must be onboarded to Microsoft Defender ATP prior to the actual provisioning. -- Machine name are typically reused for new sessions. +- The machine name is typically reused for new sessions. VDI machines can appear in MDATP portal as either: From 6c06b13cc6a967e5433763155a6be0ab5da6acc4 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Mon, 25 Nov 2019 14:39:33 -0800 Subject: [PATCH 4/4] Update configure-endpoints-vdi.md --- .../microsoft-defender-atp/configure-endpoints-vdi.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md index 1ec1a8e920..5a8e0475ca 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md @@ -34,7 +34,7 @@ Microsoft Defender ATP supports non-persistent VDI session onboarding. There mig - Instant early onboarding of a short-lived sessions, which must be onboarded to Microsoft Defender ATP prior to the actual provisioning. - The machine name is typically reused for new sessions. -VDI machines can appear in MDATP portal as either: +VDI machines can appear in Microsoft Defender ATP portal as either: - Single entry for each machine. Note that in this case, the *same* machine name must be configured when the session is created, for example using an unattended answer file.