Merge pull request #3742 from j0rt3g4/Issue#3499

Adding note to be explicit on issue #3499

windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md

@@ -509,7 +509,7 @@ For your reference, below is a comprehensive list of the AD DS devices, containe
 >[!div class="nextstepaction"]
 [Configure Windows Hello for Business settings](hello-hybrid-cert-whfb-settings.md)
 
-<br><br>
+<br>
 
 <hr>
 

windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md

@@ -46,108 +46,18 @@ See [Enable cloud-delivered protection](enable-cloud-protection-windows-defender
 
 After you've enabled the service, you may need to configure your network or firewall to allow connections between it and your endpoints.
 
-The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an **allow** rule specifically for them:
+As a cloud service, it is required that computers have access to the internet and that the ATP machine learning services are reachable. The following table lists the services and their associated URLs. You should ensure there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them:
 
-<table  style="vertical-align:top">
-<tr style="vertical-align:top">
-<th >Service</th>
-<th>Description</th>
-<th>URL</th>
-</tr>
-<tr style="vertical-align:top">
-<td>
- Windows Defender Antivirus cloud-delivered protection service, also referred to as Microsoft Active Protection Service (MAPS)
-</td>
-<td>
- Used by Windows Defender Antivirus to provide cloud-delivered protection
-</td>
-<td>
-*.wdcp.microsoft.com<br />
-*.wdcpalt.microsoft.com<br />
-*.wd.microsoft.com
-</td>
-</tr>
-<tr style="vertical-align:top">
-<td>
-Microsoft Update Service (MU)
-</td>
-<td>
-Security intelligence and product updates
-</td>
-<td>
-*.update.microsoft.com
-</td>
-</tr>
-<tr style="vertical-align:top">
-<td>
- Security intelligence updates alternate download location (ADL)
-</td>
-<td>
- Alternate location for Windows Defender Antivirus Security intelligence updates if the installed Security intelligence falls out of date (7 or more days behind)
-</td>
-<td>
-*.download.microsoft.com
-</td>
-</tr>
-<tr style="vertical-align:top">
-<td>
- Malware submission storage 
-</td>
-<td>
- Upload location for files submitted to Microsoft via the <a href="https://www.microsoft.com/en-us/security/portal/submission/submit.aspx">Submission form</a> or automatic sample submission
-</td>
-<td>
-ussus1eastprod.blob.core.windows.net<br />
-ussus1westprod.blob.core.windows.net<br />
-usseu1northprod.blob.core.windows.net<br />
-usseu1westprod.blob.core.windows.net<br />
-ussuk1southprod.blob.core.windows.net<br />
-ussuk1westprod.blob.core.windows.net<br />
-ussas1eastprod.blob.core.windows.net<br />
-ussas1southeastprod.blob.core.windows.net<br />
-ussau1eastprod.blob.core.windows.net<br />
-ussau1southeastprod.blob.core.windows.net<br />
-</td>
-</tr>
-<tr style="vertical-align:top">
-<td>
-Certificate Revocation List (CRL)
-</td>
-<td>
-Used by Windows when creating the SSL connection to MAPS for updating the CRL
-</td>
-<td>
-http://www.microsoft.com/pkiops/crl/<br />
-http://www.microsoft.com/pkiops/certs<br />
-http://crl.microsoft.com/pki/crl/products<br />
-http://www.microsoft.com/pki/certs
-</ul>
-</td>
-</tr>
-<tr style="vertical-align:top">
-<td>
-Symbol Store 
-</td>
-<td>
-Used by Windows Defender Antivirus to restore certain critical files during remediation flows
-</td>
-<td>
-https://msdl.microsoft.com/download/symbols
-</td>
-</tr>
-<tr style="vertical-align:top">
-<td>
-Universal Telemetry Client
-</td>
-<td>
-Used by Windows to send client diagnostic data; Windows Defender Antivirus uses this for product quality monitoring purposes
-</td>
-<td>
-This update uses SSL (TCP Port 443) to download manifests and upload diagnostic data to Microsoft that uses the following DNS endpoints:  <ul><li>vortex-win.data.microsoft.com</li><li>settings-win.data.microsoft.com</li></ul></td>
-</tr>
-</table>
 
-<a id="validate"></a>
+| **Service**| **Description** |**URL** |
+| :--: | :-- | :-- |
+| *Windows Defender Antivirus cloud-delivered protection service, also referred to as Microsoft Active Protection Service (MAPS)*|Used by Windows Defender Antivirus to provide cloud-delivered protection|*.wdcp.microsoft.com  *.wdcpalt.microsoft.com  *.wd.microsoft.com|
+| *Microsoft Update Service (MU)*|	Security intelligence and product updates	|*.update.microsoft.com|
+| *Security intelligence updates Alternate Download Location (ADL)*|	Alternate location for Windows Defender Antivirus Security intelligence updates if the installed Security intelligence is out of date (7 or more days behind)|	*.download.microsoft.com|
+| *Malware submission storage	*|Upload location for files submitted to Microsoft via the Submission form or automatic sample submission	|*.blob.core.windows.net|
+| *Certificate Revocation List (CRL)*	|Used by Windows when creating the SSL connection to MAPS for updating the CRL	| http://www.microsoft.com/pkiops/crl/   http://www.microsoft.com/pkiops/certs  http://crl.microsoft.com/pki/crl/products   http://www.microsoft.com/pki/certs |
+| *Symbol Store	*|Used by Windows Defender Antivirus to restore certain critical files during remediation flows	| https://msdl.microsoft.com/download/symbols |
+| *Universal Telemetry Client*	| Used by Windows to send client diagnostic data; Windows Defender Antivirus uses this for product quality monitoring purposes	| This update uses SSL (TCP Port 443) to download manifests and upload diagnostic data to Microsoft that uses the following DNS endpoints:   * vortex-win.data.microsoft.com  * settings-win.data.microsoft.com|
 
 ## Validate connections between your network and the cloud