Updated Protocols and description for 1909 endpoints

windows/privacy/manage-windows-1909-endpoints.md

@@ -52,7 +52,7 @@ The following methodology was used to derive these network endpoints:
 |Apps|||[Learn how to turn off traffic to the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-windowsstore)|
 ||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|tile-service.weather.microsoft.com|
 |||HTTP|tile-service.weather.microsoft.com/en-us/livetile/preinstall|
-||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTP|cdn.onenote.net/*|
+||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|cdn.onenote.net/*|
 ||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLS v1.2|evoke-windowsservices-tas.msedge.net
 |Certificates|The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to turn off traffic to this endpoint, but it is not recommended because as root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses. Additionally, it is used to download certificates that are publicly known to be fraudulent. These settings are critical for both Windows security and the overall security of the Internet. We do not recommend blocking this endpoint. If traffic to this endpoint is turned off, Windows no longer automatically downloads certificates known to be fraudulent, which increases the attack vector on the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)|
 |||HTTP|ctldl.windowsupdate.com|
@@ -70,7 +70,7 @@ The following methodology was used to derive these network endpoints:
 |||HTTPS|*licensing.mp.microsoft.com|
 |||HTTPS|licensing.mp.microsoft.com/v7.0/licenses/content|
 |Location|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-priv-location)|
-||The following endpoints are used for location data. If you turn off traffic for this endpoint, apps cannot use location data.|HTTP|inference.location.live.net|
+||The following endpoints are used for location data. If you turn off traffic for this endpoint, apps cannot use location data.|TLS v1.2|inference.location.live.net|
 |Maps|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-offlinemaps)|
 ||The following endpoints are used to check for updates to maps that have been downloaded for offline use. If you turn off traffic for this endpoint, offline maps will not be updated.|HTTP|*maps.windows.com|
 || The following endpoints are used to check for updates to maps that have been downloaded for offline use.|HTTP|fs.microsoft.com*|
@@ -81,16 +81,16 @@ The following methodology was used to derive these network endpoints:
 |Microsoft forward link redirection service (FWLink)|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. If you disable this endpoint, Windows Defender won't be able to update its malware definitions; links from Windows and other Microsoft products to the Web won't work; and PowerShell updateable Help won't update. To disable the traffic, instead disable the traffic that's getting forwarded.|HTTPS|go.microsoft.com|
 |Microsoft Store|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
 ||The following endpoints are used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them|TLS v1.2|1storecatalogrevocation.storequality.microsoft.com|
-|||HTTP|storecatalogrevocation.storequality.microsoft.com|
+|||HTTPS|storecatalogrevocation.storequality.microsoft.com|
 ||The following endpoint is used to get Microsoft Store analytics.|HTTPS|manage.devcenter.microsoft.com|
 ||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps cannot be installed or updated from the Microsoft Store.|HTTPS|displaycatalog.mp.microsoft.com/*|
-|||HTTP|pti.store.microsoft.com/*|
+|||HTTPS|pti.store.microsoft.com/*|
 |Network Connection Status Indicator (NCSI)|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-ncsi)|
 ||Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet. If you turn off traffic for this endpoint, NCSI won't be able to determine if the device is connected to the Internet and the network status tray icon will show a warning.|HTTP|www.msftconnecttest.com*|
 |Office|The following endpoints are used to connect to the Office 365 portal's shared infrastructure, including Office in a browser. For more info, see Office 365 URLs and IP address ranges. You can turn this off by removing all Microsoft Office apps and the Mail and Calendar apps. If you turn off traffic for these endpoints, users won't be able to save documents to the cloud or see their recently used documents.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
-|||HTTP|v10.events.data.microsoft.com/onecollector/1.0/|
+|||HTTP/ TLS v1.2|v10.events.data.microsoft.com/onecollector/1.0/|
 |||TLS v1.2|*.blob.core.windows.net|
-|||HTTPS|officehomeblobs.blob.core.windows.net|
+|||HTTP|officehomeblobs.blob.core.windows.net|
 ||The following endpoints are used by Microsoft OfficeHub to get the metadata of Microsoft Office apps |TLS v1.2|c-ring.msedge.net|
 |OneDrive|The following endpoints are related to OneDrive. If you turn off traffic for these endpoints, anything that relies on g.live.com to get updated URL information will no longer work.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-onedrive)|
 |||TLS v1.2|*g.live.com|
@@ -102,22 +102,22 @@ The following methodology was used to derive these network endpoints:
 |||HTTPS|*.pipe.aria.microsoft.com|
 |||HTTP/TLS v1.2|config.edge.skype.com|
 |Teams|The following endpoint is used for Microsoft Teams application.||[Learn how to turn off traffic to all of the following endpoint(s).]( manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
-|||HTTP|config.teams.microsoft.com|
+|||HTTPS|config.teams.microsoft.com|
 |Windows Defender|The following endpoint is used for Windows Defender when Cloud-based Protection is enabled. If you turn off traffic for this endpoint, the device will not use Cloud-based Protection.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender)|
-|||HTTPS|wdcp.microsoft.com|
+|||HTTPS/TLS v1.2|wdcp.microsoft.com|
-||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications will not appear.|HTTPS|*smartscreen-prod.microsoft.com|
+||The following endpoints are used for Windows Defender SmartScreen reporting and notifications. If you turn off traffic for these endpoints, SmartScreen notifications will not appear.|HTTPS/TLS v1.2|*smartscreen-prod.microsoft.com|
-|||HTTP|checkappexec.microsoft.com|
+|||HTTPS|checkappexec.microsoft.com|
 |Windows Spotlight|The following endpoints are used to retrieve Windows Spotlight metadata that describes content, such as references to image locations, as well as suggested apps, Microsoft account notifications, and Windows tips. If you turn off traffic for these endpoints, Windows Spotlight will still try to deliver new lock screen images and updated content but it will fail; suggested apps, Microsoft account notifications, and Windows tips will not be downloaded. For more information, see Windows Spotlight.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-spotlight)|
-|||TLS v1.2|arc.msn.com|
+|||HTTPS/TLS v1.2|arc.msn.com|
 |||HTTPS|ris.api.iris.microsoft.com|
 |Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads will not be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network will not use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
-|||TLS v1.2|*.prod.do.dsp.mp.microsoft.com|
+|||HTTPS/TLS v1.2|*.prod.do.dsp.mp.microsoft.com|
 |||HTTP|emdl.ws.microsoft.com|
 ||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device will not be able to download updates for the operating system.|HTTP|*.dl.delivery.mp.microsoft.com|
 |||HTTP|*.windowsupdate.com|
-||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|HTTPS|*.delivery.mp.microsoft.com|
+||The following endpoints enable connections to Windows Update, Microsoft Update, and the online services of the Store. If you turn off traffic for these endpoints, the device will not be able to connect to Windows Update and Microsoft Update to help keep the device secure. Also, the device will not be able to acquire and update apps from the Store. These are dependent on also enabling "Device authentication" and "Microsoft Account" endpoints.|HTTP|*.delivery.mp.microsoft.com|
-|||HTTPSS|*.update.microsoft.com|
+|||HTTPS/TLS v1.2|*.update.microsoft.com|
-||The following endpoint is used for content regulation. If you turn off traffic for this endpoint, the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly.|HTTP|tsfe.trafficshaping.dsp.mp.microsoft.com|
+||The following endpoint is used for content regulation. If you turn off traffic for this endpoint, the Windows Update Agent will be unable to contact the endpoint and fallback behavior will be used. This may result in content being either incorrectly.|HTTPS/TLS v1.2|tsfe.trafficshaping.dsp.mp.microsoft.com|
 ## Other Windows 10 editions
 
 To view endpoints for other versions of Windows 10 Enterprise, see:

windows/privacy/windows-endpoints-1909-non-enterprise-editions.md

@@ -42,160 +42,162 @@ The following methodology was used to derive the network endpoints:
 
 | **Destination** | **Protocol** | **Description** |
 | --- | --- | --- |
-|*.delivery.mp.microsoft.com|HTTP|Used to download operating system patches, updates, and apps from Microsoft
+|arc.msn.com|HTTP/TLS v1.2|Windows Spotlight  
-|*.prod.do.dsp.mp.microsoft.com|TLSv1.2|Windows Update
+|api.asm.skype.com|TLS v1.2|Used to retrieve Skype configuration values
-|*.smartscreen-prod.microsoft.com|HTTP|Used for Windows Defender SmartScreen reporting and notifications
+|browser.pipe.aria.microsoft.com|HTTPS|Used to retrieve Skype configuration values
-|*.update.microsoft.com|HTTP|Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store
-|*.windowsupdate.com|HTTP|Used to download operating system patches and updates
-|*dl.delivery.mp.microsoft.com|HTTP|Used to download operating system patches, updates, and apps from Microsoft
-|arc.msn.com|TLSv1.2|Windows Spotlight
-|config.edge.skype.com|TLSv1.2|Used to retrieve Skype configuration values
-|config.teams.microsoft.com|HTTP|Used for Microsoft Teams application
 |ctldl.windowsupdate.com/*|HTTP|Certificate Trust List
-|displaycatalog.mp.microsoft.com/*|TLSv1.2|Used to communicate with Microsoft Store
+|client.wns.windows.com|HTTP|Used for the Windows Push Notification Service(WNS)
-|dmd.metaservices.microsoft.com|HTTP|Device Authentication
+|config.edge.skype.com|HTTP/TLS v1.2|Used to retrieve Skype configuration values
-|evoke-windowsservices-tas.msedge.net|TLSv1.2|Used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser
+|dmd.metaservices.microsoft.com|HTTP|Device metadata
-|g.live.com|HTTP|OneDrive
+|config.teams.microsoft.com|HTTPS|Used for Microsoft Teams application
+|*dl.delivery.mp.microsoft.com|HTTP|Used to download operating system patches, updates, and apps from Microsoft Store
+|*.tlu.dl.delivery.mp.microsoft.com|HTTP|Used to download operating system patches, updates, and apps from Microsoft Store
+|displaycatalog.mp.microsoft.com/*|HTTP/TLS v1.2|Used to communicate with Microsoft Store
+|evoke-windowsservices-tas.msedge.net|HTTP/TLS v1.2|Used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser
+|fe2cr.update.microsoft.com|HTTPS/TLS v1.2|Enables connections to Windows Update, Microsoft Update, and the online services of the Store
+|fe3cr.delivery.mp.microsoft.com|HTTPS/TLS v1.2|Used to download operating system patches, updates, and apps from Microsoft Store
 |go.microsoft.com|HTTP|Windows Defender and/or Microsoft forward link redirection service (FWLink)
-|img-prod-cms-rt-microsoft-com.akamaized.net|HTTP|Used to communicate with Microsoft Store
+|g.live.com|HTTP|OneDrive
-|licensing.mp.microsoft.com|TLSv1.2|Licensing
+|checkappexec.microsoft.com|HTTPS|Used for Windows Defender Smartscreen reporting and notifications
-|login.live.com|TLSv1.2|Device Authentication
-|logincdn.msauth.net|HTTP|Used for Microsoft accounts to sign-in
-|manage.devcenter.microsoft.com|TLSv1.2|Microsoft Store analytics
-|maps.windows.com|TLSv1.2|Used to check for updates to maps that have been downloaded for offline use
-|ocsp.digicert.com|HTTP|Used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available
-|oneclient.sfx.ms|HTTP|Used by OneDrive for Business to download and verify app updates
-|ris.api.iris.microsoft.com|HTTP|Used to retrieve Windows Spotlight metadata that describes content
-|settings-win.data.microsoft.com|TLSv1.2|Used for Windows apps to dynamically update their configuration
-|api.asm.skype.com|TLSv1.2|Used to retrieve Skype configuration values
-|browser.pipe.aria.microsoft.com|HTTP|Used to retrieve Skype configuration values
-|client.wns.windows.com|HTTP|Used for the Windows Push Notification Services (WNS)
-|fe3cr.delivery.mp.microsoft.com||Used to download operating system patches, updates, and apps from Microsoft Store
-|checkappexec.microsoft.com|HTTP|Used for Windows Defender Smartscreen reporting and notifications
 |emdl.ws.microsoft.com|HTTP|Windows Update
-|inference.location.live.net|TLSv1.2|Used for Location Data
+|*.prod.do.dsp.mp.microsoft.com|HTTP/TLS v1.2|Windows Update
+|*.au.download.windowsupdate.com|HTTP|Windows Update
+|download.windowsupdate.com|HTTP|Windows Update
+|inference.location.live.net|TLS v1.2|Used for Location Data
 |iecvlist.microsoft.com|HTTP|This endpoint is related to Microsoft Edge
+|login.live.com|HTTPS/TLS v1.2|Device Authentication
+|logincdn.msauth.net|HTTPS|OneDrive
+|licensing.mp.microsoft.com|HTTP/TLS v1.2|Licensing
+|maps.windows.com|TLS v1.2|Used to check for updates to maps that have been downloaded for offline use
 |mobile.pipe.aria.microsoft.com|HTTP|Office Telemetry
 |nav.smartscreen.microsoft.com|HTTP|Used for Windows Defender SmartScreen reporting and notifications
 |outlook.office365.com|HTTP|Used to connect to the Microsoft 365 admin center's shared infrastructure, including Office in a browser
+|ocsp.digicert.com|HTTP|Used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available
+|oneclient.sfx.ms|HTTPS|Used by OneDrive for Business to download and verify app updates
 |pti.store.microsoft.com/*|HTTP|Used to communicate with Microsoft Store
-|*.blob.core.windows.net|HTTP|Windows Telemetry
+|img-prod-cms-rt-microsoft-com.akamaized.net|HTTP|Used to communicate with Microsoft Store
-|storage.live.com|TLSv1.2|OneDrive
+|manage.devcenter.microsoft.com|HTTP/TLS v1.2|Used to get Microsoft Store analytics
-|skydrivesync.policies.live.net|TLSv1.2|OneDrive
+|ris.api.iris.microsoft.com|HTTPS|Used to retrieve Windows Spotlight metadata that describes content
+|settings-win.data.microsoft.com|HTTPS/TLS v1.2|Used for Windows apps to dynamically update their configuration
+|smartscreen-prod.microsoft.com|HTTP|Used for Windows Defender SmartScreen reporting and notifications
+|*.blob.core.windows.net|HTTP/TLS v1.2|Windows Telemetry
+|storage.live.com|HTTP/TLS v1.2|OneDrive
+|skydrivesync.policies.live.net|TLS v1.2|OneDrive
+|slscr.update.microsoft.com|HTTPS/TLS V1.2|Windows Update
 |tile-service.weather.microsoft.com|HTTP|Used for the Weather app
 |tsfe.trafficshaping.dsp.mp.microsoft.com|HTTP|This endpoint is used for content regulation
-|watson.telemetry.microsoft.com*|HTTP/TLSv1.2|Diagnostic Data
+|watson.telemetry.microsoft.com*|HTTPS/TLS v1.2|Diagnostic Data
-|10.events.data.microsoft.com/onecollector/1.0/|HTTP|Microsoft Office
+|v10.events.data.microsoft.com/onecollector/1.0/|HTTPS|Microsoft Office
-|v10.events.data.microsoft.com|TLSv1.2|Used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service
+|v10.events.data.microsoft.com|HTTPS/TLS v1.2|Used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service
-|www.bing.com|HTTP/TLSv1.2|Used for Cortana and Live Tiles
+|www.bing.com|HTTPS/TLS v1.2|Cortana and Live Tiles
 |www.msftconnecttest.com|HTTP|Network Connection Status Indicator (NCSI)
-|wdcp.microsoft.com|HTTP|Used for Windows Defender when Cloud-based Protection is enabled
+|wdcp.microsoft.com|HTTPS|Used for Windows Defender when Cloud-based Protection is enabled
 
 ## Windows 10 Pro
 
 | **Destination** | **Protocol** | **Description** |
 | --- | --- | --- |
-|*.prod.do.dsp.mp.microsoft.com|HTTP/TLSv1.2|Windows Update
+|*.prod.do.dsp.mp.microsoft.com|HTTP/TLS v1.2|Windows Update
 |api.onedrive.com|HTTP|One Drive
 |smartscreen-prod.microsoft.com|HTTP|Used for Windows Defender SmartScreen reporting and notifications
-|nav.smartscreen.microsoft.com|HTTP|Windows Defender
+|nav.smartscreen.microsoft.com|HTTPS/TLS v1.2|Windows Defender
 |*.update.microsoft.com|HTTP|Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store  
-|browser.pipe.aria.microsoft.com|HTTP|Used to retrieve Skype configuration values
+|browser.pipe.aria.microsoft.com|HTTPS|Used to retrieve Skype configuration values
 |*.windowsupdate.com|HTTP|Used to download operating system patches and updates
-|*.wns.windows.com|TLSv1.2|Used for the Windows Push Notification Services (WNS)
+|*.wns.windows.com|TLS v1.2|Used for the Windows Push Notification Services (WNS)
 |*dl.delivery.mp.microsoft.com|HTTP|Used to download operating system patches, updates, and apps from Microsoft Store
-|c-ring.msedge.net|TLSv1.2|Cortana and Live Tiles
+|c-ring.msedge.net|TLS v1.2|Cortana and Live Tiles
-|a-ring.msedge.net|TLSv1.2|Cortana and Live Tiles
+|a-ring.msedge.net|TLS v1.2|Cortana and Live Tiles
-|*storecatalogrevocation.storequality.microsoft.com|TLSv1.2|Used to revoke licenses for malicious apps on the Microsoft Store
+|*storecatalogrevocation.storequality.microsoft.com|HTTP/TLS v1.2|Used to revoke licenses for malicious apps on the Microsoft Store
-|arc.msn.com|TLSv1.2|Windows Spotlight
+|arc.msn.com|HTTP/TLS v1.2|Windows Spotlight
-|*.blob.core.windows.net|HTTP|Windows Telemetry
+|*.blob.core.windows.net|HTTP/TLS v1.2|Windows Telemetry
-|cdn.onenote.net|HTTP|OneNote Live Tile
+|cdn.onenote.net|HTTPS/TLS v1.2|OneNote Live Tile
-|checkappexec.microsoft.com|HTTP|Used for Windows Defender SmartScreen reporting and notifications
+|checkappexec.microsoft.com|HTTPS|Used for Windows Defender SmartScreen reporting and notifications
-|config.edge.skype.com|TLSv1.2|Used to retrieve Skype configuration values
+|config.edge.skype.com|HTTP/TLS v1.2|Used to retrieve Skype configuration values
-|config.teams.microsoft.com|HTTP|Used for Microsoft Teams application
+|config.teams.microsoft.com|HTTPS|Used for Microsoft Teams application
-|ctldl.windowsupdate.com||Used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available
+|ctldl.windowsupdate.com|HTTP|Used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available
-|displaycatalog.mp.microsoft.com*|TLSv1.2|Microsoft Store
+|displaycatalog.mp.microsoft.com*|HTTP/TLS v1.2|Microsoft Store
 |emdl.ws.microsoft.com|HTTP|Windows Update
-|fe2cr.update.microsoft.com|HTTP|Windows Update
+|fe2cr.update.microsoft.com|HTTPS/TLS v1.2|Windows Update
-|fe3cr.delivery.mp.microsoft.com|HTTP|Windows Update
+|fe3cr.delivery.mp.microsoft.com|HTTPS/TLS v1.2|Windows Update
-|slscr.update.microsoft.com|HTTP|Windows Update
+|slscr.update.microsoft.com|HTTPS/TLS v1.2|Windows Update
-|evoke-windowsservices-tas.msedge.net|TLSv1.2|Used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser
+|evoke-windowsservices-tas.msedge.net|HTTPS/TLS v1.2|Used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser
-|fp.msedge.net|TLSv1.2|Cortana and Live Tiles
+|fp.msedge.net|HTTPS/TLS v1.2|Cortana and Live Tiles
-|fp-vp.azureedge.net|TLSv1.2|Cortana and Live Tiles
+|fp-vp.azureedge.net|TLS v1.2|Cortana and Live Tiles
-|g.live.com|TLSv1.2|OneDrive
+|g.live.com|TLS v1.2|OneDrive
 |go.microsoft.com|HTTP|Windows Defender and/or Microsoft forward link redirection service (FWLink)
 |iecvlist.microsoft.com|HTTP|Microsoft Edge
-|inference.location.live.net|TLSv1.2|Used for Location Data
+|inference.location.live.net|TLS v1.2|Used for Location Data
 |img-prod-cms-rt-microsoft-com.akamaized.net|HTTP|Used to communicate with Microsoft Store
-|licensing.mp.microsoft.com*|TLSv1.2|Licensing
+|licensing.mp.microsoft.com*|HTTP/TLS v1.2|Licensing
-|login.live.com|TLSv1.2|Device Authentication
+|login.live.com|HTTPS/TLS v1.2|Device Authentication
-|logincdn.msauth.net|HTTP|Used for Microsoft accounts to sign in
+|logincdn.msauth.net|HTTPS|Used for Microsoft accounts to sign in
-|manage.devcenter.microsoft.com|TLSv1.2|Microsoft Store analytics
+|manage.devcenter.microsoft.com|HTTP/TLS v1.2|Microsoft Store analytics
-|maps.windows.com|TLSv1.2|Related to Maps application
+|maps.windows.com|TLS v1.2|Related to Maps application
 |ocsp.digicert.com|HTTP|Used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available
 |ocsp.msocsp.com|HTTP|Used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available
-|oneclient.sfx.ms|HTTP|Used by OneDrive for Business to download and verify app updates
+|oneclient.sfx.ms|HTTPS|Used by OneDrive for Business to download and verify app updates
-|mobile.pipe.aria.microsoft.com||Office Telemetry
+|mobile.pipe.aria.microsoft.com|HTTP|Office Telemetry
 |pti.store.microsoft.com/*|HTTP|Used to communicate with Microsoft Store
-|ris.api.iris.microsoft.com|TLSv1.2|Windows Spotlight
+|ris.api.iris.microsoft.com|TLS v1.2|Windows Spotlight
-|settings-win.data.microsoft.com|HTTP/TLSv1.2|Used for Windows apps to dynamically update their configuration
+|settings-win.data.microsoft.com|HTTPS/TLS v1.2|Used for Windows apps to dynamically update their configuration
 |spo-ring.msedge.net|TLSv1.2|Cortana and Live Tiles
-|telecommand.telemetry.microsoft.com|TLSv1.2|Used by Windows Error Reporting ||tile-service.weather.microsoft.com|HTTP|Used for the Weather app
+|telecommand.telemetry.microsoft.com|TLS v1.2|Used by Windows Error Reporting ||tile-service.weather.microsoft.com|HTTP|Used for the Weather app
-|tsfe.trafficshaping.dsp.mp.microsoft.com|HTTP|Used for content regulation
+|tsfe.trafficshaping.dsp.mp.microsoft.com|HTTPS|Used for content regulation
-|v10.events.data.microsoft.com/onecollector/1.0/|HTTP/TLSv1.2|Diagnostic Data
+|v10.events.data.microsoft.com/onecollector/1.0/|HTTPS/TLS v1.2|Diagnostic Data
-|v10.events.data.microsoft.com|HTTP/TLSv1.2|Used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service
+|v10.events.data.microsoft.com|HTTPS/TLS v1.2|Used by the Connected User Experiences and Telemetry component and connects to the Microsoft Data Management service
-|watson.telemetry.microsoft.com*|HTTP/TLSv1.2|Used by Windows Error Reporting
+|watson.telemetry.microsoft.com*|HTTPS/TLS v1.2|Used by Windows Error Reporting
-|wdcp.microsoft.com|HTTP|Used for Windows Defender when Cloud-based Protection is enabled
+|wdcp.microsoft.com|HTTPS|Used for Windows Defender when Cloud-based Protection is enabled
-|www.bing.com|HTTP/TLSv1.2|Cortana and Live Tiles
+|www.bing.com|HTTPS/TLS v1.2|Cortana and Live Tiles
 |www.msftconnecttest.com|HTTP|Network Connection Status Indicator (NCSI)
 |outlook.office365.com|HTTP|Microsoft Office
-|storage.live.com|TLSv1.2/HTTP|One Drive
+|storage.live.com|HTTP/TLS v1.2|One Drive
-|skydrivesync.policies.live.net|TLSv1.2|One Drive
+|skydrivesync.policies.live.net|TLS v1.2|One Drive
 
 ## Windows 10 Education
 
 | **Destination** | **Protocol** | **Description** |
 | --- | --- | --- |
-|arc.msn.com|HTTPS/TLSv1.2|Windows Spotlight
+|arc.msn.com|HTTPS/TLS v1.2|Windows Spotlight
 |*.dl.delivery.mp.microsoft.com|HTTP|Used to download operating system patches, updates, and apps from Microsoft
-|client.wns.windows.com|TLSv1.2|Used for the Windows Push Notification Services (WNS)
+|client.wns.windows.com|TLS v1.2|Used for the Windows Push Notification Services (WNS)
-|*storecatalogrevocation.storequality.microsoft.com|TLSv1.2|Used to revoke licenses for malicious apps on the Microsoft Store
+|*storecatalogrevocation.storequality.microsoft.com|TLS v1.2|Used to revoke licenses for malicious apps on the Microsoft Store
 |ctldl.windowsupdate.com|HTTP|Certificate Trust List
 |dmd.metaservices.microsoft.com|HTTP|Device metadata
-|Inference.location.live.net|TLSv1.2|Location
+|Inference.location.live.net|TLS v1.2|Location
-|oneclient.sfx.ms|HTTP|OneDrive
+|oneclient.sfx.ms|HTTPS|OneDrive
-|storage.live.com|TLSv1.2|One Drive
+|storage.live.com|HTTP/TLS v1.2|One Drive
-|skydrivesync.policies.live.net|TLSv1.2|OneDrive
+|skydrivesync.policies.live.net|TLS v1.2|OneDrive
-|slscr.update.microsoft.com|HTTP/TLSv1.2|Windows Update
+|slscr.update.microsoft.com|HTTPS/TLS v1.2|Windows Update
-|fe2cr.update.microsoft.com|HTTP/TLSv1.2|Windows Update
+|fe2cr.update.microsoft.com|HTTPS/TLS v1.2|Windows Update
-|fe3cr.delivery.mp.microsoft.com|HTTP/TLSv1.2|Windows Update
+|fe3cr.delivery.mp.microsoft.com|HTTPS/TLS v1.2|Windows Update
-|tsfe.trafficshaping.dsp.mp.microsoft.com|HTTP/TLSv1.2|Windows Update
+|tsfe.trafficshaping.dsp.mp.microsoft.com|HTTP/TLS v1.2|Windows Update
 |officehomeblobs.blob.core.windows.net|HTTP|Windows Telemetry
-|displaycatalog.mp.microsoft.com/*|HTTP/TLSv1.2|Microsoft Store
+|displaycatalog.mp.microsoft.com/*|HTTP/TLS v1.2|Microsoft Store
 |img-prod-cms-rt-microsoft-com.akamaized.net|HTTP|Used to communicate with Microsoft Store
-|config.teams.microsoft.com|HTTP|Teams
+|config.teams.microsoft.com|HTTPS|Teams
-|api.asm.skype.com|TLSv1.2|Used to retrieve Skype configuration values
+|api.asm.skype.com|TLS v1.2|Used to retrieve Skype configuration values
-|config.edge.skype.com|HTTP/TLSv1.2|Used to retrieve Skype configuration values
+|config.edge.skype.com|HTTP/TLS v1.2|Used to retrieve Skype configuration values
-|logincdn.msauth.net|HTTP|OneDrive
+|logincdn.msauth.net|HTTPS|OneDrive
 |iecvlist.microsoft.com|HTTP|Microsoft Edge
 |download.windowsupdate.com|HTTP|Windows Update
-|checkappexec.microsoft.com|HTTP|Windows Defender
+|checkappexec.microsoft.com|HTTPS|Windows Defender
 |pti.store.microsoft.com/*|HTTP|Microsoft Store
 |emdl.ws.microsoft.com|HTTP|Windows Update
-|evoke-windowsservices-tas.msedge.net|TLSv1.2|Photos app
+|evoke-windowsservices-tas.msedge.net|HTTPS/TLS v1.2|Photos app
-|g.live.com|TLSv1.2|OneDrive
+|g.live.com|TLS v1.2|OneDrive
 |go.microsoft.com|HTTP|Windows Defender
-|licensing.mp.microsoft.com|HTTP|Licensing
+|licensing.mp.microsoft.com|HTTP/TLS v1.2|Licensing
-|login.live.com|TLSv1.2|Device Authentication
+|login.live.com|HTTPS/TLS v1.2|Device Authentication
-|manage.devcenter.microsoft.com|TLSv1.2|Microsoft Store analytics
+|manage.devcenter.microsoft.com|TLS v1.2|Microsoft Store analytics
 |ocsp.digicert.com|HTTP|CRL and OCSP checks to the issuing certificate authorities
-|ris.api.iris.microsoft.com|TLSv1.2|Windows spotlight
+|ris.api.iris.microsoft.com|TLS v1.2|Windows spotlight
-|telecommand.telemetry.microsoft.com|TLSv1.2|Used by Windows Error Reporting  
+|telecommand.telemetry.microsoft.com|TLS v1.2|Used by Windows Error Reporting  
 |tile-service.weather.microsoft.com|HTTP|Used to download updates to the Weather app Live Tile
-|v10.events.data.microsoft.com|TLSv1.2|Diagnostic Data
+|v10.events.data.microsoft.com|HTTPS/TLS v1.2|Diagnostic Data
-|V10.events.data.microsoft.com/onecollector/1.0/|HTTP|Diagnostic Data
+|V10.events.data.microsoft.com/onecollector/1.0/|HTTPS|Diagnostic Data
-|Watson.telemetry.microsoft.com/telemetry.request|HTTP|Diagnostic Data
+|Watson.telemetry.microsoft.com/telemetry.request|HTTPS|Diagnostic Data
-|watson.telemetry.microsoft.com|HTTP|Diagnostic Data
+|watson.telemetry.microsoft.com|HTTPS|Diagnostic Data
 |outlook.office365.com|HTTP|Microsoft Office
-|www.bing.com|TLSv1.2|Used for updates for Cortana, apps, and Live Tiles
+|www.bing.com|TLS v1.2|Used for updates for Cortana, apps, and Live Tiles
 |www.msftconnecttest.com|HTTP|Network Connection (NCSI)