Merge branch 'master' into tvm-updates

2025-05-18 08:17:23 +00:00 · 2020-12-03 14:22:47 -08:00 · 2020-12-03 14:22:47 -08:00 · da5c2bb75d
commit da5c2bb75d
parent d607871269 ce28e27183
11 changed files with 38 additions and 28 deletions
--- a/windows/client-management/change-default-removal-policy-external-storage-media.md
+++ b/windows/client-management/change-default-removal-policy-external-storage-media.md
@ -4,10 +4,11 @@ description: In Windows 10, version 1809, the default removal policy for externa
 ms.prod: w10
 author: Teresa-Motiv
 ms.author: v-tea
-ms.date: 12/13/2019
+ms.date: 11/25/2020
 ms.topic: article
 ms.custom: 
 - CI 111493
+- CI 125140
 - CSSTroubleshooting
 audience: ITPro
 ms.localizationpriority: medium
@ -44,6 +45,13 @@ To change the policy for an external storage device:
  
   ![In Disk Management, right-click the device and click Properties.](./images/change-def-rem-policy-1.png)
  
-6. Select **Policies**, and then select the policy you want to use.
+6. Select **Policies**.
+  
+   > [!NOTE]  
+   > Some recent versions of Windows may use a different arrangement of tabs in the disk properties dialog box.  
+   >  
+   > If you do not see the **Policies** tab, select **Hardware**, select the removable drive from the **All disk drives** list, and then select **Properties**. The **Policies** tab should now be available.
+  
+7. Select the policy that you want to use.
  
   ![Policy options for disk management](./images/change-def-rem-policy-2.png)
--- a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
@ -27,46 +27,50 @@ ms.topic: article
 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)


-
-Microsoft Defender for Endpoint has the capabilities to effectively protect your enterprise from cyber threats.
-
 Learn how to deploy Microsoft Defender for Endpoint so that your enterprise can take advantage of preventative protection, post-breach detection, automated investigation, and response. 


-This solution provides guidance on the three phases of deployment. Each section corresponds to a separate article in this solution.
+This guide helps you work across stakeholders to prepare your environment and then onboard devices in a methodical way, moving from evaluation, to a meaningful pilot, to full deployment.
+
+Each section corresponds to a separate article in this solution.
+
+![Image of deployment phases](images/deployment-guide-phases.png)
+
+
+
+|Phase | Description | 
+|:-------|:-----|
+| [Phase 1: Prepare](prepare-deployment.md)| Learn about what you need to consider when deploying Defender for Endpoint such as stakeholder approvals, environment considerations, access permissions, and adoption order of capabilities. 
+| [Phase 2: Setup](production-deployment.md)|  Get guidance on the initial steps you need to take so that you can access the portal such as validating licensing, completing the setup wizard, and network configuration. 
+| [Phase 3: Onboard](onboarding.md) | Learn how to make use of deployment rings, supported onboarding tools based on the type of endpoint, and configuring available capabilities. 
+
+
+After you've completed this guide, you'll be setup with the right access permissions, your endpoints will be onboarded and reporting sensor data to the service, and capabilities such as next-generation protection and attack surface reduction will be in place.
+

-![Image of deployment phases](images/deployment-phases.png)

 Regardless of the environment architecture and method of deployment you choose outlined in the [Plan deployment](deployment-strategy.md) guidance, this guide is going to support you in onboarding endpoints. 


-## Prepare
-Learn about what you need to consider when deploying Defender for Endpoint such as stakeholder approvals, environment considerations, access permissions, and adoption order of capabilities. 

-## Setup
-Get guidance on the initial steps you need to take so that you can access the portal such as validating licensing, completing the setup wizard, and network configuration. 

-## Onboard
-Learn how to make use of deployment rings, supported onboarding tools based on the type of endpoint, and configuring available capabilities.
+
+


 ## Key capabilities

-This solution provides the following key capabilities:
+While Microsoft Defender for Endpoint provides many capabilities, the primary purpose of this deployment guide is to get you started by onboarding devices. In addition to onboarding, this guidance gets you started with the following capabilities.
+
+

 Capability | Description 
 :---|:---
-Eliminate risks and reduce your attack surface| Use attack surface reduction to minimize the areas where your organization could be vulnerable to threats.
-Block sophisticated threats and malware | Defend against never-before-seen polymorphic and metamorphic malware and fileless and file-based threats with next-generation protection.
-Remediation at scale with automation | Automatically investigate alerts and remediate complex threats in minutes. Apply best practices and intelligent decision-making algorithms to determine whether a threat is active and what action to take.
-Discover vulnerabilities and misconfigurations in real time | Bring security and IT together with Microsoft Threat & Vulnerability Management to quickly discover, prioritize, and remediate vulnerabilities and misconfigurations.
-Get expert-level threat monitoring and analysis | Empower your security operations centers with Microsoft Threat Experts. Get deep knowledge, advanced threat monitoring, analysis, and support to identify critical threats in your unique environment.
-Detect and respond to advanced attacks with behavioral monitoring | Spot attacks and zero-day exploits using advanced behavioral analytics and machine learning.
-Cross-platform support | Microsoft Defender for Endpoint provides security for non-Windows platforms including Mac, Linux servers, and Android.
-Evaluate capabilities | Fully evaluate our capabilities with a few simple clicks in the Microsoft Defender for Endpoint evaluation lab.
-Streamline and integrate via APIs | Integrate Microsoft Defender for Endpoint with your security solutions and streamline and automate security workflows with rich APIs.
-Simplify endpoint security management | Use a single pane of glass for all endpoint security actions, such as endpoint configuration, deployment, and management with Microsoft Endpoint Manager.
+Endpoint detection and response | Endpoint detection and response capabilities are put in place to detect, investigate, and respond to intrusion attempts and active breaches.
+Next-generation protection | To further reinforce the security perimeter of your network, Microsoft Defender for Endpoint uses next-generation protection designed to catch all types of emerging threats.
+Attack surface reduction |  Provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitation.

+All these capabilities are available for Microsoft Defender for Endpoint license holders. For more information, see [Licensing requirements](minimum-requirements.md#licensing-requirements).

 ## Scope

--- a/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
@ -32,7 +32,7 @@ Plan your Microsoft Defender for Endpoint deployment so that you can maximize th
 This solution provides guidance on how to identify your environment architecture, select the type of deployment tool that best fits your needs, and guidance on how to configure capabilities.


-![Image of deployment flow](images/plan-deployment.png)
+![Image of deployment flow](images/deployment-guide-plan.png)


 ## Step 1: Identify architecture
--- a/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf
+++ b/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.pdf
--- a/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx
+++ b/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-deployment-strategy.vsdx
--- a/windows/security/threat-protection/microsoft-defender-atp/images/deployment-guide-phases.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/deployment-guide-phases.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/deployment-guide-plan.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/deployment-guide-plan.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/deployment-phases.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/deployment-phases.png
--- a/windows/security/threat-protection/microsoft-defender-atp/images/plan-deployment.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/plan-deployment.png
--- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
@ -44,7 +44,7 @@ Microsoft Defender for Endpoint requires one of the following Microsoft Volume L

 > [!NOTE]
 > Eligible Licensed Users may use Microsoft Defender for Endpoint on up to five concurrent devices.
-> Microsoft Defender for Endpoint is also available for purchase from a Cloud Solution Provider (CSP). When purchased via a CSP, it does not require Microsoft Volume Licensing offers listed.
+> Microsoft Defender for Endpoint is also available for purchase from a Cloud Solution Provider (CSP). 

 Microsoft Defender for Endpoint, on Windows Server, requires one of the following licensing options:

--- a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md
@ -49,12 +49,10 @@ Microsoft Defender for Endpoint seamlessly integrates with existing security sol
 Logo |Partner name   | Description 
 :---|:---|:---
 ![Image of AttackIQ logo](images/attackiq-logo.png)| [AttackIQ Platform](https://go.microsoft.com/fwlink/?linkid=2103502) | AttackIQ Platform validates Defender for Endpoint is configured properly by launching continuous attacks safely on production assets
-
 ![Image of Azure Sentinel logo](images/sentinel-logo.png)| [AzureSentinel](https://go.microsoft.com/fwlink/?linkid=2135705) | Stream alerts from Microsoft Defender for Endpoint into Azure Sentinel 
 ![Image of Cymulate logo](images/cymulate-logo.png) | [Cymulate](https://go.microsoft.com/fwlink/?linkid=2135574)| Correlate Defender for Endpoint findings with simulated attacks to validate accurate detection and effective response actions
 ![Image of Elastic security logo](images/elastic-security-logo.png) | [Elastic Security](https://go.microsoft.com/fwlink/?linkid=2139303) | Elastic Security is a free and open solution for preventing, detecting, and responding to threats
 ![Image of IBM QRadar logo](images/ibm-qradar-logo.png) | [IBM QRadar](https://go.microsoft.com/fwlink/?linkid=2113903) | Configure IBM QRadar to collect detections from Defender for Endpoint 
-
 ![Image of Micro Focus ArcSight logo](images/arcsight-logo.png) | [Micro Focus ArcSight](https://go.microsoft.com/fwlink/?linkid=2113548) | Use Micro Focus ArcSight to pull Defender for Endpoint detections
 ![Image of RSA NetWitness logo](images/rsa-netwitness-logo.png) | [RSA NetWitness](https://go.microsoft.com/fwlink/?linkid=2118566) | Stream Defender for Endpoint Alerts to RSA NetWitness leveraging Microsoft Graph Security API
 ![Image of SafeBreach logo](images/safebreach-logo.png) | [SafeBreach](https://go.microsoft.com/fwlink/?linkid=2114114)| Gain visibility into Defender for Endpoint security events that are automatically correlated with SafeBreach simulations