Merge branch 'master' into patch-4

2025-05-13 05:47:23 +00:00 · 2022-01-18 14:54:47 -07:00 · 2022-01-18 14:54:47 -07:00 · fab70f4567
commit fab70f4567
parent 6c7e6cb172 deccaf0f6f
3 changed files with 147 additions and 36 deletions
--- a/windows/client-management/mdm/policy-csp-defender.md
+++ b/windows/client-management/mdm/policy-csp-defender.md
@ -128,6 +128,9 @@ ms.collection: highpri
  <dd>
    <a href="#defender-schedulescantime">Defender/ScheduleScanTime</a>
  </dd>
  <dd>
    <a href="#defender-securityintelligencelocation">Defender/SecurityIntelligenceLocation</a>
  </dd>
  <dd>
    <a href="#defender-signatureupdatefallbackorder">Defender/SignatureUpdateFallbackOrder</a>
  </dd>
@ -2063,6 +2066,57 @@ Valid values: 0–1380.
 <hr/>
 <!--Policy-->
 <a href="" id="defender-securityintelligencelocation"></a>**Defender/SecurityIntelligenceLocation**  
 <!--SupportedSKUs-->
 |Edition|Windows 10|Windows 11|
 |--- |--- |--- |
 |Home|Yes|Yes|
 |Pro|Yes|Yes|
 |Business|Yes|Yes|
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 <!--/SupportedSKUs-->
 <hr/>
 <!--Scope-->
 [Scope](./policy-configuration-service-provider.md#policy-scope):
 > [!div class = "checklist"]
 > * Device
 <hr/>
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to define the security intelligence location for VDI-configured computers. 
 If you disable or do not configure this setting, security intelligence will be referred from the default local source.
 <!--/Description-->
 <!--ADMXMapped-->
 ADMX Info:  
 -   GP Friendly name: *Define security intelligence location for VDI clients*
 -   GP name: *SecurityIntelligenceLocation*
 -   GP element: *SecurityIntelligenceLocation*
 -   GP path: *Windows Components/Microsoft Defender Antivirus/Security Intelligence Updates*
 -   GP ADMX file name: *WindowsDefender.admx*
 <!--/ADMXMapped-->
 <!--SupportedValues-->
 - Empty string - no policy is set
 - Non-empty string - the policy is set and security intelligence is gathered from the location
 <!--/SupportedValues-->
 <!--/Policy-->
 <hr/>
 <!--Policy-->
 <a href="" id="defender-signatureupdatefallbackorder"></a>**Defender/SignatureUpdateFallbackOrder**  
--- a/windows/client-management/mdm/policy-csp-kerberos.md
+++ b/windows/client-management/mdm/policy-csp-kerberos.md
@ -24,6 +24,9 @@ manager: dansimp
  <dd>
    <a href="#kerberos-allowforestsearchorder">Kerberos/AllowForestSearchOrder</a>
  </dd>
  <dd>
    <a href="#kerberos-cloudkerberosticketretrievalenabled">Kerberos/CloudKerberosTicketRetrievalEnabled</a>
  </dd>
  <dd>
    <a href="#kerberos-kerberosclientsupportsclaimscompoundarmor">Kerberos/KerberosClientSupportsClaimsCompoundArmor</a>
  </dd>
@ -100,6 +103,58 @@ ADMX Info:
 <hr/>
 <!--Policy-->
 <a href="" id="kerberos-cloudkerberosticketretrievalenabled"></a>**Kerberos/CloudKerberosTicketRetrievalEnabled**  
 <!--SupportedSKUs-->
 |Edition|Windows 10|Windows 11|
 |--- |--- |--- |
 |Home|No|No|
 |Pro|Yes|Yes|
 |Business|Yes|Yes|
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 <!--/SupportedSKUs-->
 <hr/>
 <!--Scope-->
 [Scope](./policy-configuration-service-provider.md#policy-scope):
 > [!div class = "checklist"]
 > * Device
 <hr/>
 <!--/Scope-->
 <!--Description-->
 This policy allows retrieving the cloud Kerberos ticket during the logon.
 - If you disable (0) or do not configure this policy setting, the cloud Kerberos ticket is not retrieved during the logon.
 - If you enable (1) this policy, the cloud Kerberos ticket is retrieved during the logon.
 <!--/Description-->
 <!--SupportedValues-->
 Valid values:  
 0 (default) - Disabled. 
 1 - Enabled. 
 <!--/SupportedValues-->
 <!--ADMXBacked-->
 ADMX Info:  
 -   GP Friendly name: *Allow retrieving the cloud Kerberos ticket during the logon*
 -   GP name: *CloudKerberosTicketRetrievalEnabled*
 -   GP path: *System/Kerberos*
 -   GP ADMX file name: *Kerberos.admx*
 <!--/ADMXBacked-->
 <!--/Policy-->
 <hr/>
 <!--Policy-->
 <a href="" id="kerberos-kerberosclientsupportsclaimscompoundarmor"></a>**Kerberos/KerberosClientSupportsClaimsCompoundArmor**  
--- a/windows/deployment/update/waas-delivery-optimization-reference.md
+++ b/windows/deployment/update/waas-delivery-optimization-reference.md
@ -22,9 +22,9 @@ ms.custom: seo-marvel-apr2020
 - Windows 10
 - Windows 11
-> **Looking for more Group Policy settings?** See the master spreadsheet available at the [Download Center](https://www.microsoft.com/download/details.aspx?id=102158).
+> **Looking for more Group Policy settings?** See the master spreadsheet available at the [Download Center](https://www.microsoft.com/en-us/download/details.aspx?id=103506).
-There are a great many details you can set in Delivery Optimization to customize it to do just what you need it to. This topic summarizes them for your reference. If you just need an overview of Delivery Optimization, see [Delivery Optimization for Windows 10 updates](waas-delivery-optimization.md). If you need information about setting up Delivery Optimization, including tips for the best settings in different scenarios, see [Set up Delivery Optimization for Windows 10 updates](waas-delivery-optimization-setup.md).
+There are a great many details you can set in Delivery Optimization to customize it to do just what you need it to. This topic summarizes them for your reference. If you just need an overview of Delivery Optimization, see [Delivery Optimization for Windows client updates](waas-delivery-optimization.md). If you need information about setting up Delivery Optimization, including tips for the best settings in different scenarios, see [Set up Delivery Optimization for Windows client updates](waas-delivery-optimization-setup.md).
 ## Delivery Optimization options
@ -65,8 +65,8 @@ In MDM, the same settings are under **.Vendor/MSFT/Policy/Config/DeliveryOptimiz
 | [Delay foreground download from http (in secs)](#delay-foreground-download-from-http-in-secs) | DODelayForegroundDownloadFromHttp | 1803 |
 | [Delay foreground download cache server fallback (in secs)](#delay-foreground-download-cache-server-fallback-in-secs) | DelayCacheServerFallbackForeground | 1903 |
 | [Delay background download cache server fallback (in secs)](#delay-background-download-cache-server-fallback-in-secs) | DelayCacheServerFallbackBackground | 1903 |
-| [Cache Server Hostname](#cache-server-hostname) | DOCacheHost | 2004  |
+| [Cache Server Hostname](#cache-server-hostname) | DOCacheHost | 1809  |
-| [Cache Server Hostname Source](#cache-server-hostname-source) | DOCacheHostSource | 2004  |
+| [Cache Server Hostname Source](#cache-server-hostname-source) | DOCacheHostSource | 1809  |
 | [Maximum Foreground Download Bandwidth (in KB/s)](#maximum-background-download-bandwidth-in-kbs)         | DOMaxForegroundDownloadBandwidth | 2004 |
 | [Maximum Background Download Bandwidth (in KB/s)](#maximum-background-download-bandwidth-in-kbs) | DOMaxBackgroundDownloadBandwidth | 2004 |
@ -111,11 +111,11 @@ Download mode dictates which download sources clients are allowed to use when do
 | Download mode option | Functionality when set |
 | --- | --- |
 | HTTP Only (0) | This setting disables peer-to-peer caching but still allows Delivery Optimization to download content over HTTP from the download's original source. This mode uses additional metadata provided by the Delivery Optimization cloud services for a peerless reliable and efficient download experience. |
-| LAN (1 – Default) | This default operating mode for Delivery Optimization enables peer sharing on the same network. The Delivery Optimization cloud service finds other clients that connect to the Internet using the same public IP as the target client. These clients then try to connect to other peers on the same network by using their private subnet IP.| 
+| LAN (**1 – Default**) | This default operating mode for Delivery Optimization enables peer sharing on the same network. The Delivery Optimization cloud service finds other clients that connect to the Internet using the same public IP as the target client. These clients then try to connect to other peers on the same network by using their private subnet IP.| 
 | Group (2) | When group mode is set, the group is automatically selected based on the device's Active Directory Domain Services (AD DS) site (Windows 10, version 1607) or the domain the device is authenticated to (Windows 10, version 1511). In group mode, peering occurs across internal subnets, between devices that belong to the same group, including devices in remote offices. You can use GroupID option to create your own custom group independently of domains and AD DS sites. Starting with Windows 10, version 1803, you can use the GroupIDSource parameter to take advantage of other method to create groups dynamically. Group download mode is the recommended option for most organizations looking to achieve the best bandwidth optimization with Delivery Optimization. |
 | Internet (3) | Enable Internet peer sources for Delivery Optimization. |
 | Simple (99) | Simple mode disables the use of Delivery Optimization cloud services completely (for offline environments). Delivery Optimization switches to this mode automatically when the Delivery Optimization cloud services are unavailable, unreachable or when the content file size is less than 10 MB. In this mode, Delivery Optimization provides a reliable download experience, with no peer-to-peer caching. |
-|Bypass (100) |	Bypass Delivery Optimization and use BITS, instead. You should only select this mode if you use WSUS and prefer to use BranchCache. You do not need to set this option if you are using Configuration Manager. If you want to disable peer-to-peer functionality, it's best to set **DownloadMode** to **0** or **99**. |
+|Bypass (100) |	Bypass Delivery Optimization and use BITS, instead. You should only select this mode if you use WSUS and prefer to use BranchCache. You do not need to set this option if you are using Configuration Manager. If you want to disable peer-to-peer functionality, it's best to set **DownloadMode** to **(0)** or **(99)**. |
 > [!NOTE]
 > Starting in Windows 11, the Bypass option of Download Mode is no longer used.
@ -125,7 +125,7 @@ Download mode dictates which download sources clients are allowed to use when do
 ### Group ID
-By default, peer sharing on clients using the group download mode is limited to the same domain in Windows 10, version 1511, and the same domain and Active Directory Domain Services site in Windows 10, version 1607. By using the Group ID setting, you can optionally create a custom group that contains devices that should participate in Delivery Optimization but do not fall within those domain or Active Directory Domain Services site boundaries, including devices in another domain. Using Group ID, you can further restrict the default group (for example, you could create a subgroup representing an office building), or extend the group beyond the domain, allowing devices in multiple domains in your organization to be peers. This setting requires the custom group to be specified as a GUID on each device that participates in the custom group.
+By default, peer sharing on clients using the Group download mode (option 2) is limited to the same domain in Windows 10, version 1511, and the same domain and Active Directory Domain Services site in Windows 10, version 1607. By using the Group ID setting, you can optionally create a custom group that contains devices that should participate in Delivery Optimization but do not fall within those domain or Active Directory Domain Services site boundaries, including devices in another domain. Using Group ID, you can further restrict the default group (for example, you could create a subgroup representing an office building), or extend the group beyond the domain, allowing devices in multiple domains in your organization to be peers. This setting requires the custom group to be specified as a GUID on each device that participates in the custom group.
 [//]: # (Configuration Manager boundary group option; GroupID Source policy)
@ -135,7 +135,7 @@ By default, peer sharing on clients using the group download mode is limited to
 >This configuration is optional and not required for most implementations of Delivery Optimization.
 ### Select the source of Group IDs
-Starting in Windows 10, version 1803, set this policy to restrict peer selection to a specific source. The options are:
+Starting in Windows 10, version 1803, set this policy to restrict peer selection to a specific source, when using a GroupID policy. The options are:
 - 0 = not set
 - 1 = AD Site
 - 2 = Authenticated domain SID
@ -148,11 +148,11 @@ When set, the Group ID is assigned automatically from the selected source. If yo
 ### Minimum RAM (inclusive) allowed to use Peer Caching  
-This setting specifies the minimum RAM size in GB required to use Peer Caching. For example if the minimum set is 1 GB, then devices with 1 GB or higher available RAM will be allowed to use Peer caching. The recommended values are 1 to 4, and the default value is 4 GB.
+This setting specifies the minimum RAM size in GB required to use Peer Caching. For example if the minimum set is 1 GB, then devices with 1 GB or higher available RAM will be allowed to use Peer caching. The recommended values are 1 to 4, and **the default value is 4 GB**.
 ### Minimum disk size allowed to use Peer Caching
-This setting specifies the required minimum disk size (capacity in GB) for the device to use Peer Caching. The recommended values are 64 to 256, and the default value is 32 GB.
+This setting specifies the required minimum disk size (capacity in GB) for the device to use Peer Caching. The recommended values are 64 to 256, and **the default value is 32 GB**.
 >[!NOTE]
 >If the [Modify Cache Drive](#modify-cache-drive) policy is set, the disk size check will apply to the new working directory specified by this policy.
@ -160,86 +160,86 @@ This setting specifies the required minimum disk size (capacity in GB) for the d
 ### Max Cache Age
-In environments configured for Delivery Optimization, you might want to set an expiration on cached updates and Windows application installation files. If so, this setting defines the maximum number of seconds each file can be held in the Delivery Optimization cache on each Windows 10 client device. The default Max Cache Age value is 259,200 seconds (three days). Alternatively, organizations might choose to set this value to "0" which means "unlimited" to avoid peers re-downloading content. When "Unlimited" value is set, Delivery Optimization will hold the files in the cache longer and will clean up the cache as needed (for example when the cache size exceeded the maximum space allowed).
+In environments configured for Delivery Optimization, you might want to set an expiration on cached updates and Windows application installation files. If so, this setting defines the maximum number of seconds each file can be held in the Delivery Optimization cache on each Windows 10 client device. Alternatively, organizations might choose to set this value to "0" which means "unlimited" to avoid peers re-downloading content. When "Unlimited" value is set, Delivery Optimization will hold the files in the cache longer and will clean up the cache as needed (for example when the cache size exceeded the maximum space allowed). **The default value is 259,200 seconds (three days)**. 
 ### Max Cache Size
-This setting limits the maximum amount of space the Delivery Optimization cache can use as a percentage of the available drive space, from 1 to 100. For example, if you set this value to 10 on a Windows client device that has 100 GB of available drive space, then Delivery Optimization will use up to 10 GB of that space. Delivery Optimization will constantly assess the available drive space and automatically clear the cache to keep the maximum cache size under the set percentage. The default value for this setting is 20.
+This setting limits the maximum amount of space the Delivery Optimization cache can use as a percentage of the available drive space, from 1 to 100. For example, if you set this value to 10 on a Windows client device that has 100 GB of available drive space, then Delivery Optimization will use up to 10 GB of that space. Delivery Optimization will constantly assess the available drive space and automatically clear the cache to keep the maximum cache size under the set percentage. **The default value is 20**.
 ### Absolute Max Cache Size
-This setting specifies the maximum number of gigabytes the Delivery Optimization cache can use. This is different from the [**Max Cache Size**](#max-cache-size) setting, which is a percentage of available disk space. Also, if you configure this policy, it will override the [**Max Cache Size**](#max-cache-size) setting. The default value for this setting is 10 GB.
+This setting specifies the maximum number of gigabytes the Delivery Optimization cache can use. This is different from the [**Max Cache Size**](#max-cache-size) setting, which is a percentage of available disk space. Also, if you configure this policy, it will override the [**Max Cache Size**](#max-cache-size) setting. **The default value is 10 GB**.
 ### Minimum Peer Caching Content File Size
-This setting specifies the minimum content file size in MB enabled to use Peer Caching. The recommended values are from 1 to 100000.
+This setting specifies the minimum content file size in MB enabled to use Peer Caching. The recommended values are from 1 to 100000. **The default file size is 50MB** to participate in peering. 
 ### Maximum Download Bandwidth
-This setting specifies the maximum download bandwidth that can be used across all concurrent Delivery Optimization downloads in kilobytes per second (KB/s). A default value of "0" means that Delivery Optimization will dynamically adjust and optimize the maximum bandwidth used.
+This setting specifies the maximum download bandwidth that can be used across all concurrent Delivery Optimization downloads in kilobytes per second (KB/s). **A default value of "0"** means that Delivery Optimization will dynamically adjust and optimize the maximum bandwidth used.
 > [!NOTE]
 > This is the best option for low bandwidth environments.
 ### Maximum Foreground Download Bandwidth
-Starting in Windows 10, version 1803, specifies the maximum foreground download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. The default value of "0" means that Delivery Optimization dynamically adjusts to use the available bandwidth for foreground downloads. However, downloads from LAN peers are not throttled even when this policy is set.
+Starting in Windows 10, version 1803, specifies the maximum foreground download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. **The default value of "0"** means that Delivery Optimization dynamically adjusts to use the available bandwidth for foreground downloads. However, downloads from LAN peers are not throttled even when this policy is set.
 ### Maximum Background Download Bandwidth
-Starting in Windows 10, version 1803, specifies the maximum background download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. The default value of "0" means that Delivery Optimization dynamically adjusts to use the available bandwidth for foreground downloads. However, downloads from LAN peers are not throttled even when this policy is set.
+Starting in Windows 10, version 1803, specifies the maximum background download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. **The default value of "0"** means that Delivery Optimization dynamically adjusts to use the available bandwidth for foreground downloads. However, downloads from LAN peers are not throttled even when this policy is set.
 ### Percentage of Maximum Download Bandwidth
-This setting specifies the maximum download bandwidth that Delivery Optimization can use across all concurrent download activities as a percentage of available download bandwidth. The default value 0 means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads.
+This setting specifies the maximum download bandwidth that Delivery Optimization can use across all concurrent download activities as a percentage of available download bandwidth. **The default value of "0"** means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads.
 > [!NOTE]
 > It is recommended to use the absolute value download option 'Maximum Download Bandwidth', rather than percentage-based options, for low bandwidth environments.
 ### Max Upload Bandwidth
-This setting allows you to limit the number of upload bandwidth individual clients can use for Delivery Optimization. Consider this setting when clients are providing content to requesting peers on the network. This option is set in kilobytes per second (KB/s). The default setting is "0", or "unlimited" which means Delivery Optimization dynamically optimizes for minimal usage of upload bandwidth; however it does not cap the upload bandwidth rate at a set rate.
+This setting allows you to limit the number of upload bandwidth individual clients can use for Delivery Optimization. Consider this setting when clients are providing content to requesting peers on the network. This option is set in kilobytes per second (KB/s). **The default value is "0", or "unlimited"** which means Delivery Optimization dynamically optimizes for minimal usage of upload bandwidth; however it does not cap the upload bandwidth rate at a set rate.
 ### Set Business Hours to Limit Background Download Bandwidth
-Starting in Windows 10, version 1803, specifies the maximum background download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth.
+Starting in Windows 10, version 1803, specifies the maximum background download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth. **By default, this policy is not set.**
 ### Set Business Hours to Limit Foreground Download Bandwidth
-Starting in Windows 10, version 1803, specifies the maximum foreground download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth.
+Starting in Windows 10, version 1803, specifies the maximum foreground download bandwidth that Delivery Optimization uses during and outside business hours across all concurrent download activities as a percentage of available download bandwidth. **By default, this policy is not set.**
 ### Select a method to restrict peer selection
-Starting in Windows 10, version 1803, set this policy to restrict peer selection via selected option. Currently the available options include: 0 = NAT, 1 = Subnet mask, and 2 = Local Peer Discovery. The subnet mask option applies to both Download Modes LAN (1) and Group (2).
+Starting in Windows 10, version 1803, set this policy to restrict peer selection via selected option. In Windows 11 the 'Local Peer Discovery' option was introduced to restrict peer discovery to the local network. Currently the available options include: 0 = NAT, 1 = Subnet mask, and 2 = Local Peer Discovery. These options apply to both Download Modes LAN (1) and Group (2) and therefore means there is no peering between subnets. **The default value in Windows 11 is set to "Local Peer Discovery"**.
 If Group mode is set, Delivery Optimization will connect to locally discovered peers that are also part of the same Group (have the same Group ID).
 The Local Peer Discovery (DNS-SD) option can only be set via MDM delivered policies on Windows 11 builds. This feature can be enabled in supported Windows 10 builds by setting the `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization\DORestrictPeerSelectionBy` value to **2**.
 ### Delay background download from http (in secs)
-Starting in Windows 10, version 1803, this allows you to delay the use of an HTTP source in a background download that is allowed to use peer-to-peer.
+Starting in Windows 10, version 1803, this allows you to delay the use of an HTTP source in a background download that is allowed to use peer-to-peer. The maximum value is 4294967295  seconds. **By default, this policy is not set.**
 ### Delay foreground download from http (in secs)
-Starting in Windows 10, version 1803, allows you to delay the use of an HTTP source in a foreground (interactive) download that is allowed to use peer-to-peer.
+Starting in Windows 10, version 1803, allows you to delay the use of an HTTP source in a foreground (interactive) download that is allowed to use peer-to-peer. The maximum value is 4294967295 seconds. **By default, this policy is not set.**
 ### Delay Foreground Download Cache Server Fallback (in secs)
-Starting in Windows 10, version 1903, allows you to delay the fallback from cache server to the HTTP source for foreground content download by X seconds. If you set the policy to delay foreground download from http, it will apply first (to allow downloads from peers first).
+Starting in Windows 10, version 1903, allows you to delay the fallback from cache server to the HTTP source for foreground content download by X seconds. If you set the policy to delay foreground download from http, it will apply first (to allow downloads from peers first). **By default, this policy is not set.**
 ### Delay Background Download Cache Server Fallback (in secs)
-Starting in Windows 10, version 1903, set this policy to delay the fallback from cache server to the HTTP source for a background content download by X seconds. If you set the policy to delay background download from http, it will apply first (to allow downloads from peers first).
+Starting in Windows 10, version 1903, set this policy to delay the fallback from cache server to the HTTP source for a background content download by X seconds. If you set the policy to delay background download from http, it will apply first (to allow downloads from peers first). **By default, this policy is not set.**
 ### Minimum Background QoS
-This value specifies the minimum download speed guarantee that a client attempts to achieve and will fulfill by downloading more kilobytes from Windows Update servers or WSUS. The lower this value is, the more content will be sourced using peers on the network rather than Windows Update. The higher this value, the more content is received from Windows Update servers or WSUS, versus peers on the local network.
+This value specifies the minimum download speed guarantee that a client attempts to achieve and will fulfill by downloading more kilobytes from Windows Update servers or WSUS. The lower this value is, the more content will be sourced using peers on the network rather than Windows Update. The higher this value, the more content is received from Windows Update servers or WSUS, versus peers on the local network. **The default value is 500KB/s**
 ### Modify Cache Drive
-This setting allows for an alternate Delivery Optimization cache location on the clients. By default, the cache is stored on the operating system drive through the %SYSTEMDRIVE% environment variable. You can set the value to an environment variable (for example, %SYSTEMDRIVE%), a drive letter (for example, D:), or a folder path (for example, D:\DOCache).
+This setting allows for an alternate Delivery Optimization cache location on the clients. **By default, the cache is stored on the operating system drive through the %SYSTEMDRIVE% environment variable.** You can set the value to an environment variable (for example, %SYSTEMDRIVE%), a drive letter (for example, D:), or a folder path (for example, D:\DOCache).
 ### Monthly Upload Data Cap
-This setting specifies the total amount of data in gigabytes that a Delivery Optimization client can upload to Internet peers per month. A value of "0" means that an unlimited amount of data can be uploaded. The default value for this setting is 20 GB.
+This setting specifies the total amount of data in gigabytes that a Delivery Optimization client can upload to Internet peers per month. A value of "0" means that an unlimited amount of data can be uploaded. **The default value for this setting is 20 GB.**
 ### Enable Peer Caching while the device connects via VPN
-This setting determines whether a device will be allowed to participate in Peer Caching while connected to VPN. Specify "true" to allow the device to participate in Peer Caching while connected via VPN to the domain network. The device can download from or upload to other domain network devices, either on VPN or on the corporate domain network.
+This setting determines whether a device will be allowed to participate in Peer Caching while connected to VPN. **By default, if a VPN connection is detected, peering is not allowed.** Specify "true" to allow the device to participate in Peer Caching while connected via VPN to the domain network. The device can download from or upload to other domain network devices, either on VPN or on the corporate domain network.
 ### Allow uploads while the device is on battery while under set Battery level
@ -247,12 +247,14 @@ This setting specifies battery levels at which a device will be allowed to uploa
 The device can download from peers while on battery regardless of this policy.
 >[!IMPORTANT]
-> By default, devices **will not upload while on battery**. To enable uploads while on battery, you need to enable this policy and set the battery value under which uploads pause.
+> **By default, devices will not upload while on battery**. To enable uploads while on battery, you need to enable this policy and set the battery value under which uploads pause.
 ### Cache Server Hostname 
-Set this policy to designate one or more Microsoft Connected Cache servers to be used by Delivery Optimization. You can set one or more FQDNs or IP Addresses that are comma separated, for example: myhost.somerandomhost.com,myhost2.somrandomhost.com,10.10.1.7.
+Set this policy to designate one or more Microsoft Connected Cache servers to be used by Delivery Optimization. You can set one or more FQDNs or IP Addresses that are comma-separated, for example: myhost.somerandomhost.com,myhost2.somrandomhost.com,10.10.1.7. **By default, this policy is empty.**
 >[!IMPORTANT]
 > Any value will signify that the policy is set. For example, an empty string ("") is not considered empty.
 ### Cache Server Hostname Source
@ -260,9 +262,9 @@ This policy allows you to specify how your client(s) can discover Delivery Optim
 - 1 = DHCP Option 235.
 - 2 = DHCP Option 235 Force.
-With either option, the client will query DHCP Option ID 235 and use the returned value as the Cache Server Hostname. Option 2 overrides the Cache Server Hostname policy, if set.
+With either option, the client will query DHCP Option ID 235 and use the returned value as the Cache Server Hostname. Option 2 overrides the Cache Server Hostname policy, if set. **By default, this policy has no value.**
-Set this policy to designate one or more Delivery Optimization in Network Cache servers through a custom DHCP Option. Specify the custom DHCP option on your server as *text* type. You can add one or more values as either fully qualified domain names (FQDN) or IP addresses. To add multiple values, separate each FQDN or IP address with commas.
+Set this policy to designate Delivery Optimization in Network Cache servers through a custom DHCP Option. Specify the custom DHCP option on your server as *text* type. You can add one or more values as either fully qualified domain names (FQDN) or IP addresses. To add multiple values, separate each FQDN or IP address with commas.
 > [!NOTE]
 > If you format the DHCP Option ID incorrectly, the client will fall back to the Cache Server Hostname policy value if that value has been set.
@ -271,11 +273,11 @@ Set this policy to designate one or more Delivery Optimization in Network Cache
 Specifies the maximum foreground download bandwidth in kilobytes/second that the device can use across all concurrent download activities using Delivery Optimization.
-The default value of 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads.
+**The default value of "0" means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads.**
 ### Maximum Background Download Bandwidth (in KB/s)
 Specifies the maximum background download bandwidth in kilobytes/second that the device can use across all concurrent download activities using Delivery Optimization.
-The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads.
+**The default value "0" means that Delivery Optimization dynamically adjusts to use the available bandwidth for downloads.**