From e446212d1a2ba18a4eaebfc6e66c07974a76b425 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Thu, 3 Aug 2017 12:25:02 -0700
Subject: [PATCH] update content

---
 ...ows-defender-advanced-threat-protection.md | 30 ++++++++++++-------
 1 file changed, 19 insertions(+), 11 deletions(-)

diff --git a/windows/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md
index 3aba69d26a..d7d9111019 100644
--- a/windows/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md
@@ -21,23 +21,31 @@ localizationpriority: high
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
-## Onboard server endpoints
+Windows Defender ATP extends support to also include the Windows Server operating system, providing advanced attack detection and investigation capabilities, seamlessly through the Windows Defender Security Center console.
+
 Windows Defender ATP supports the onboarding of the following servers:
 - Windows Server 2012 R2
 - Windows Server 2016
 
-You'll need to do a one-time set up to onboard supported servers so that they can report sensor data to Windows Defender ATP. In general you'll need to:
+To onboard your servers to Windows Defender ATP, you’ll need to:
 
-- Set up the environment from the Windows Defender ATP portal
-- Download the Microsoft Monitoring Agent (MMA) setup file
-- Install the agent on the server using the method you choose
-- Configure the agent with your **Workspace ID** and **Primary key**
-- Configure proxy settings
+- Turn on server monitoring from the Windows Defender Security Center portal.
+- If you're already leveraging System Center Operations Manager (SCOM) or Operations Management Suite (OMS), simply attach the Microsoft Monitoring Agent (MMA) to report to your Windows Defender ATP workspace through [Multi Homing support](https://blogs.technet.microsoft.com/msoms/2016/05/26/oms-log-analytics-agent-multi-homing-support/). Otherwise, install and configure MMA to report sensor data to Windows Defender ATP as instructed below.
 
-**System requirements and required configuration** [EFRAT, PLEASE CHECK THE FOLLOWIN PRE-REQS AND LET ME KNOW IF THERE ARE THINGS I NEED TO ADD OR REMOVE. THANK YOU!]
-- Each server must be able to connect to the Internet using HTTPS or to the OMS Gateway. This connection can be direct, using a proxy, or through the OMS Gateway.
-- The agent needs to use TCP port 443 for various resources
-- Ensure that you adhere to the network requirements as stated in the Log Analytics service
+**System requirements and required configuration** 
+- Each Windows server must be able to connect to the Internet using HTTPS. This connection can be direct, using a proxy, or through the [OMS Gateway](https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-oms-gateway).
+- If a proxy or firewall is blocking all traffic by default and allowing only specific domains through or HTTPS scanning (SSL inspection) is enabled, make sure that the following URLs are white-listed to permit communication with Windows Defender ATP service:
+
+|    Agent Resource    |    Ports    |
+|------------------------------------|-------------|
+|    *.oms.opinsights.azure.com    |    443    |
+|    *.blob.core.windows.net    |    443    |
+|    *.azure-automation.net    |    443    |
+|    *.ods.opinsights.azure.com    |    443    |
+|    winatp-gw-cus.microsoft.com     |    443    |
+|    winatp-gw-eus.microsoft.com    |    443    |
+|    winatp-gw-neu.microsoft.com    |    443    |
+|    winatp-gw-weu.microsoft.com    |    443    |
 
 
 ### Step 1: Set up the environment from the Windows Defender ATP portal