Merge remote-tracking branch 'origin/master' into atp-email-notifications

windows/security/identity-protection/hello-for-business/hello-cert-trust-deploy-mfa.md

@@ -25,7 +25,7 @@ On-premises deployments must use the On-premises Azure MFA Server using the AD F
 
 ## Prerequisites
 
-The Azure MFA Server and User Portal servers have several perquisites and must have connectivity to the Internet.
+The Azure MFA Server and User Portal servers have several prerequisites and must have connectivity to the Internet.
 
 ### Primary MFA Server
 
@@ -540,4 +540,4 @@ The Multi-Factor Authentication server communicates with the Azure MFA cloud ser
 2. [Validate and Configure Public Key Infrastructure](hello-cert-trust-validate-pki.md)
 3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-cert-trust-adfs.md)
 4. [Validate and Deploy Multifactor Authentication Services (MFA)](hello-cert-trust-validate-deploy-mfa.md)
-5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md)
+5. [Configure Windows Hello for Business Policy settings](hello-cert-trust-policy-settings.md)

windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md

@@ -67,8 +67,7 @@ Feature | Windows 8.1 (Group Policy) | Windows 10, version 1607 (Group Policy) |
 ---|---|---|---|---|---|---
 Cloud-protection service label | Microsoft Advanced Protection Service | Microsoft Advanced Protection Service | Cloud-based Protection | NA | Cloud protection service | Microsoft Advanced Protection Service
 Reporting level (MAPS membership level) | Basic, Advanced | Advanced | Advanced | Dependent on Windows version | Dependent on Windows version | Dependent on Windows version
-Block at first sight availability | No | Yes | Yes | Not configurable | Configurable | No
-Cloud block timeout period | No | No | Configurable | Not configurable | Configurable | No
+Cloud block timeout period | No | No | Configurable | Not configurable | Configurable | Configurable
  
 You can also [configure Windows Defender AV to automatically receive new protection updates based on reports from our cloud service](manage-event-based-updates-windows-defender-antivirus.md#cloud-report-updates).
 
@@ -81,4 +80,4 @@ You can also [configure Windows Defender AV to automatically receive new protect
 [Specify the cloud-delivered protection level](specify-cloud-protection-level-windows-defender-antivirus.md) | You can specify the level of protection offered by the cloud with Group Policy and System Center Configuration Manager. The protection level will affect the amount of information shared with the cloud and how aggressively new files are blocked.
 [Configure and validate network connections for Windows Defender Antivirus](configure-network-connections-windows-defender-antivirus.md) | There are certain Microsoft URLs that your network and endpoints must be able to connect to for cloud-delivered protection to work effectively. This topic lists the URLs that should be allowed via firewall or network filtering rules, and instructions for confirming your network is properly enrolled in cloud-delivered protection.
 [Configure the Block at First Sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) | The Block at First Sight feature can block new malware within seconds, without having to wait hours for a traditional signature. You can enable and configure it with System Center Configuration Manager and Group Policy.
-[Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. You can configure the amount of time the file will be prevented from running with System Center Configuration Manager and Group Policy.
+[Configure the cloud block timeout period](configure-cloud-block-timeout-period-windows-defender-antivirus.md) | Windows Defender Antivirus can block suspicious files from running while it queries our cloud-delivered protection service. You can configure the amount of time the file will be prevented from running with System Center Configuration Manager and Group Policy.

windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md

@@ -9,7 +9,7 @@ ms.sitesec: library
 ms.pagetype: security
 author: mjcaparas
 localizationpriority: high
-ms.date: 05/03/2018
+ms.date: 05/08/2018
 ---
 
 # Onboard servers to the Windows Defender ATP service
@@ -71,8 +71,8 @@ Once completed, you should see onboarded servers in the portal within an hour.
 - Each Windows server must be able to connect to the Internet using HTTPS. This connection can be direct, using a proxy, or through the [OMS Gateway](https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-oms-gateway).
 - If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that the following URLs are white-listed to permit communication with Windows Defender ATP service:
 
-|    Agent Resource    |    Ports    |
-|------------------------------------|-------------|
+Agent Resource    |    Ports 
+:---|:---
 |    *.oms.opinsights.azure.com    |    443    |
 |    *.blob.core.windows.net    |    443    |
 |    *.azure-automation.net    |    443    |
@@ -81,6 +81,10 @@ Once completed, you should see onboarded servers in the portal within an hour.
 |    winatp-gw-eus.microsoft.com    |    443    |
 |    winatp-gw-neu.microsoft.com    |    443    |
 |    winatp-gw-weu.microsoft.com    |    443    |
+|winatp-gw-uks.microsoft.com | 443 |
+|winatp-gw-ukw.microsoft.com | 443 | 
+| winatp-gw-aus.microsoft.com | 443| 
+| winatp-gw-aue.microsoft.com |443 | 
 
 ## Onboard Windows Server, version 1803
 You’ll be able to onboard in the same method available for Windows 10 client machines. For more information, see  [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md). Support for Windows Server, version 1803 provides deeper insight into activities happening on the server, coverage for kernel and memory attack detection, and enables response actions on Windows Server endpoint as well.