mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-18 11:53:37 +00:00
Changed Windows to Microsoft
Changed only UX content; will change links later.
This commit is contained in:
Jeff Reeds (Aquent LLC)
@ -132,24 +132,24 @@ As seen with recent ransomware attacks, once called the "black plague" of the In
|
||||
|
||||
In response to these threats and as a part of your mechanisms to resist these types of breaches so that you remain in compliance with the GDPR, Windows 10 provides built in technology, detailed below including the following:
|
||||
|
||||
- Windows Defender Antivirus to respond to emerging threats on data.
|
||||
- Microsoft Defender Antivirus to respond to emerging threats on data.
|
||||
|
||||
- Microsoft Edge to systemically disrupt phishing, malware, and hacking attacks.
|
||||
|
||||
- Windows Defender Device Guard to block all unwanted applications on client machines.
|
||||
|
||||
#### Responding to emerging data threats
|
||||
Windows Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers. In Windows 10, it uses a multi-pronged approach to improve antimalware:
|
||||
Microsoft Defender Antivirus is a built-in antimalware solution that provides security and antimalware management for desktops, portable computers, and servers. In Windows 10, it uses a multi-pronged approach to improve antimalware:
|
||||
|
||||
- **Cloud-delivered protection.** Helps to detect and block new malware within seconds, even if the malware has never been seen before.
|
||||
|
||||
- **Rich local context.** Improves how malware is identified. Windows 10 informs Windows Defender Antivirus not only about content like files and processes, but also where the content came from, where it's been stored, and more.
|
||||
- **Rich local context.** Improves how malware is identified. Windows 10 informs Microsoft Defender Antivirus not only about content like files and processes, but also where the content came from, where it's been stored, and more.
|
||||
|
||||
- **Extensive global sensors.** Help to keep Windows Defender Antivirus current and aware of even the newest malware. This is accomplished in two ways: by collecting the rich local context data from end points and by centrally analyzing that data.
|
||||
- **Extensive global sensors.** Help to keep Microsoft Defender Antivirus current and aware of even the newest malware. This is accomplished in two ways: by collecting the rich local context data from end points and by centrally analyzing that data.
|
||||
|
||||
- **Tamper proofing.** Helps to guard Windows Defender Antivirus itself against malware attacks. For example, Windows Defender Antivirus uses Protected Processes, which prevents untrusted processes from attempting to tamper with Windows Defender Antivirus components, its registry keys, and so on.
|
||||
- **Tamper proofing.** Helps to guard Microsoft Defender Antivirus itself against malware attacks. For example, Microsoft Defender Antivirus uses Protected Processes, which prevents untrusted processes from attempting to tamper with Microsoft Defender Antivirus components, its registry keys, and so on.
|
||||
|
||||
- **Enterprise-level features.** Give IT pros the tools and configuration options necessary to make Windows Defender Antivirus an enterprise-class antimalware solution.
|
||||
- **Enterprise-level features.** Give IT pros the tools and configuration options necessary to make Microsoft Defender Antivirus an enterprise-class antimalware solution.
|
||||
|
||||
#### Systemically disrupting phishing, malware, and hacking attacks
|
||||
In today’s threat landscape, your ability to provide those mechanisms should be tied to the specific data-focused attacks you face through phishing, malware and hacking due to the browser-related attacks.
|
||||
@ -204,7 +204,7 @@ Among the key benefits of ATP are the following:
|
||||
|
||||
- Built in, not bolted on - agentless with high performance and low impact, cloud-powered; easy management with no deployment.
|
||||
|
||||
- Single pane of glass for Windows security - explore 6 months of rich machine timeline that unifies security events from Windows Defender ATP, Windows Defender Antivirus.
|
||||
- Single pane of glass for Windows security - explore 6 months of rich machine timeline that unifies security events from Windows Defender ATP, Microsoft Defender Antivirus.
|
||||
|
||||
- Power of the Microsoft graph - leverages the Microsoft Intelligence Security Graph to integrate detection and exploration with Office 365 ATP subscription, to track back and respond to attacks.
|
||||
|
||||
@ -216,7 +216,7 @@ To provide Detection capabilities, Windows 10 improves our OS memory and kernel
|
||||
|
||||
We continue to upgrade our detections of ransomware and other advanced attacks, applying our behavioral and machine-learning detection library to counter changing attacks trends. Our historical detection capability ensures new detection rules apply to up to six months of stored data to detect attacks that previously went unnoticed. Customers can also add customized detection rules or IOCs to augment the detection dictionary.
|
||||
|
||||
Customers asked us for a single pane of glass across the entire Windows security stack. Windows Defender Antivirus detections and Windows Defender Device Guard blocks are the first to surface in the Windows Defender ATP portal interleaved with Windows Defender ATP detections. The new user entity adds identity as a pivot, providing insight into actions, relationships, and alerts that span machines and allow us to track attackers moving laterally across the network.
|
||||
Customers asked us for a single pane of glass across the entire Windows security stack. Microsoft Defender Antivirus detections and Windows Defender Device Guard blocks are the first to surface in the Windows Defender ATP portal interleaved with Windows Defender ATP detections. The new user entity adds identity as a pivot, providing insight into actions, relationships, and alerts that span machines and allow us to track attackers moving laterally across the network.
|
||||
|
||||
Our alert page now includes a new process tree visualization that aggregates multiple detections and related events into a single view that helps security teams reduce the time to resolve cases by providing the information required to understand and resolve incidents without leaving the alert page.
|
||||
|
||||
@ -314,7 +314,7 @@ Azure Information Protection also helps your users share sensitive data in a sec
|
||||
|
||||
- **Windows Hello for Business:** https://www.youtube.com/watch?v=WOvoXQdj-9E and https://docs.microsoft.com/windows/access-protection/hello-for-business/hello-identity-verification
|
||||
|
||||
- **Windows Defender Antivirus:** https://www.youtube.com/watch?v=P1aNEy09NaI and https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10
|
||||
- **Microsoft Defender Antivirus:** https://www.youtube.com/watch?v=P1aNEy09NaI and https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10
|
||||
|
||||
- **Windows Defender Advanced Threat Protection:** https://www.youtube.com/watch?v=qxeGa3pxIwg and https://docs.microsoft.com/windows/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection
|
||||
|
||||
|
||||
@ -1595,7 +1595,7 @@ You can disconnect from the Microsoft Antimalware Protection Service.
|
||||
>1. Ensure Windows and Windows Defender are fully up to date.
|
||||
>2. Search the Start menu for "Tamper Protection" by clicking on the search icon next to the Windows Start button. Then scroll down to the Tamper Protection toggle and turn it **Off**. This will allow you to modify the Registry key and allow the Group Policy to make the setting. Alternatively, you can go to **Windows Security Settings -> Virus & threat protection, click on Manage Settings** link and then scroll down to the Tamper Protection toggle to set it to **Off**.
|
||||
|
||||
- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Join Microsoft MAPS** and then select **Disabled** from the drop-down box named **Join Microsoft MAPS**
|
||||
- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **MAPS** > **Join Microsoft MAPS** and then select **Disabled** from the drop-down box named **Join Microsoft MAPS**
|
||||
|
||||
-OR-
|
||||
|
||||
@ -1608,7 +1608,7 @@ You can disconnect from the Microsoft Antimalware Protection Service.
|
||||
|
||||
You can stop sending file samples back to Microsoft.
|
||||
|
||||
- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Never Send**.
|
||||
- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **MAPS** > **Send file samples when further analysis is required** to **Never Send**.
|
||||
|
||||
-or-
|
||||
|
||||
@ -1617,11 +1617,11 @@ You can stop sending file samples back to Microsoft.
|
||||
|
||||
You can stop downloading **Definition Updates**:
|
||||
|
||||
- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**.
|
||||
- **Enable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Signature Updates** > **Define the order of sources for downloading definition updates** and set it to **FileShares**.
|
||||
|
||||
-and-
|
||||
|
||||
- **Disable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to **Nothing**.
|
||||
- **Disable** the Group Policy **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Signature Updates** > **Define file shares for downloading definition updates** and set it to **Nothing**.
|
||||
|
||||
-or-
|
||||
|
||||
@ -1645,7 +1645,7 @@ You can turn off **Enhanced Notifications** as follows:
|
||||
|
||||
-or-
|
||||
|
||||
- **Enable** the Group Policy **Turn off enhanced notifications** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Defender Antivirus** > **Reporting**.
|
||||
- **Enable** the Group Policy **Turn off enhanced notifications** under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Defender Antivirus** > **Reporting**.
|
||||
|
||||
-or-
|
||||
|
||||
|
||||
@ -398,7 +398,7 @@ The following endpoint is used to retrieve Skype configuration values. To turn o
|
||||
## Windows Defender
|
||||
|
||||
The following endpoint is used for Windows Defender when Cloud-based Protection is enabled.
|
||||
If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender), the device will not use Cloud-based Protection. For a detailed list of Windows Defender Antivirus cloud service connections, see [Allow connections to the Windows Defender Antivirus cloud service](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud-service).
|
||||
If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender), the device will not use Cloud-based Protection. For a detailed list of Microsoft Defender Antivirus cloud service connections, see [Allow connections to the Microsoft Defender Antivirus cloud service](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud-service).
|
||||
|
||||
| Source process | Protocol | Destination |
|
||||
|----------------|----------|------------|
|
||||
|
||||
@ -74,7 +74,7 @@ This type of data includes details about the health of the device, operating sys
|
||||
| Category Name | Description and Examples |
|
||||
| - | - |
|
||||
|Device health and crash data | Information about the device and software health such as:<br><ul><li>Error codes and error messages, name and ID of the app, and process reporting the error</li><li>DLL library predicted to be the source of the error -- xyz.dll</li><li>System generated files -- app or product logs and trace files to help diagnose a crash or hang</li><li>System settings such as registry keys</li><li>User generated files – .doc, .ppt, .csv files where they are indicated as a potential cause for a crash or hang</li><li>Details and counts of abnormal shutdowns, hangs, and crashes</li><li>Crash failure data – OS, OS component, driver, device, 1st and 3rd party app data</li><li>Crash and Hang dumps<ul><li>The recorded state of the working memory at the point of the crash.</li><li>Memory in use by the kernel at the point of the crash.</li><li>Memory in use by the application at the point of the crash.</li><li>All the physical memory used by Windows at the point of the crash.</li><li>Class and function name within the module that failed.</li></li></ul> |
|
||||
|Device performance and reliability data | Information about the device and software performance such as:<br><ul><li>User Interface interaction durations -- Start Menu display times, browser tab switch times, app launch and switch times, and Cortana and search performance and reliability.</li><li>Device on/off performance -- Device boot, shutdown, power on/off, lock/unlock times, and user authentication times (fingerprint and face recognition durations).</li><li>In-app responsiveness -- time to set alarm, time to fully render in-app navigation menus, time to sync reading list, time to start GPS navigation, time to attach picture MMS, and time to complete a Microsoft Store transaction.</li><li>User input responsiveness – onscreen keyboard invocation times for different languages, time to show auto-complete words, pen or touch latencies, latency for handwriting recognition to words, Narrator screen reader responsiveness, and CPU score.</li><li>UI and media performance and glitches/smoothness -- video playback frame rate, audio glitches, animation glitches (stutter when bringing up Start), graphics score, time to first frame, play/pause/stop/seek responsiveness, time to render PDF, dynamic streaming of video from OneDrive performance</li><li>Disk footprint -- Free disk space, out of memory conditions, and disk score.</li><li>Excessive resource utilization – components impacting performance or battery life through high CPU usage during different screen and power states</li><li>Background task performance -- download times, Windows Update scan duration, Windows Defender Antivirus scan times, disk defrag times, mail fetch times, service startup and state transition times, and time to index on-device files for search results</li><li>Peripheral and devices -- USB device connection times, time to connect to a wireless display, printing times, network availability and connection times (time to connect to Wi-Fi, time to get an IP address from DHCP etc.), smart card authentication times, automatic brightness environmental response times</li><li>Device setup -- first setup experience times (time to install updates, install apps, connect to network etc.), time to recognize connected devices (printer and monitor), and time to setup Microsoft Account.</li><li>Power and Battery life – power draw by component (Process/CPU/GPU/Display), hours of screen off time, sleep state transition details, temperature and thermal throttling, battery drain in a power state (screen off or screen on), processes and components requesting power use during screen off, auto-brightness details, time device is plugged into AC vs. battery, battery state transitions</li><li>Service responsiveness - Service URI, operation, latency, service success/error codes, and protocol.</li><li>Diagnostic heartbeat – regular signal to validate the health of the diagnostics system</li></ul>|
|
||||
|Device performance and reliability data | Information about the device and software performance such as:<br><ul><li>User Interface interaction durations -- Start Menu display times, browser tab switch times, app launch and switch times, and Cortana and search performance and reliability.</li><li>Device on/off performance -- Device boot, shutdown, power on/off, lock/unlock times, and user authentication times (fingerprint and face recognition durations).</li><li>In-app responsiveness -- time to set alarm, time to fully render in-app navigation menus, time to sync reading list, time to start GPS navigation, time to attach picture MMS, and time to complete a Microsoft Store transaction.</li><li>User input responsiveness – onscreen keyboard invocation times for different languages, time to show auto-complete words, pen or touch latencies, latency for handwriting recognition to words, Narrator screen reader responsiveness, and CPU score.</li><li>UI and media performance and glitches/smoothness -- video playback frame rate, audio glitches, animation glitches (stutter when bringing up Start), graphics score, time to first frame, play/pause/stop/seek responsiveness, time to render PDF, dynamic streaming of video from OneDrive performance</li><li>Disk footprint -- Free disk space, out of memory conditions, and disk score.</li><li>Excessive resource utilization – components impacting performance or battery life through high CPU usage during different screen and power states</li><li>Background task performance -- download times, Windows Update scan duration, Microsoft Defender Antivirus scan times, disk defrag times, mail fetch times, service startup and state transition times, and time to index on-device files for search results</li><li>Peripheral and devices -- USB device connection times, time to connect to a wireless display, printing times, network availability and connection times (time to connect to Wi-Fi, time to get an IP address from DHCP etc.), smart card authentication times, automatic brightness environmental response times</li><li>Device setup -- first setup experience times (time to install updates, install apps, connect to network etc.), time to recognize connected devices (printer and monitor), and time to setup Microsoft Account.</li><li>Power and Battery life – power draw by component (Process/CPU/GPU/Display), hours of screen off time, sleep state transition details, temperature and thermal throttling, battery drain in a power state (screen off or screen on), processes and components requesting power use during screen off, auto-brightness details, time device is plugged into AC vs. battery, battery state transitions</li><li>Service responsiveness - Service URI, operation, latency, service success/error codes, and protocol.</li><li>Diagnostic heartbeat – regular signal to validate the health of the diagnostics system</li></ul>|
|
||||
|Movies|Information about movie consumption functionality on the device. This isn't intended to capture user viewing, listening or habits.<br><ul><li>Video Width, height, color pallet, encoding (compression) type, and encryption type</li><li>Instructions for how to stream content for the user -- the smooth streaming manifest of chunks of content files that must be pieced together to stream the content based on screen resolution and bandwidth</li><li>URL for a specific two second chunk of content if there is an error</li><li>Full screen viewing mode details|
|
||||
|Music & TV|Information about music and TV consumption on the device. This isn't intended to capture user viewing, listening or habits.<br><ul><li>Service URL for song being downloaded from the music service – collected when an error occurs to facilitate restoration of service</li><li>Content type (video, audio, surround audio)</li><li>Local media library collection statistics -- number of purchased tracks, number of playlists</li><li>Region mismatch -- User OS Region, and Xbox Live region</li></ul>|
|
||||
|Reading|Information about reading consumption functionality on the device. This isn't intended to capture user viewing, listening or habits.<br><ul><li>App accessing content and status and options used to open a Microsoft Store book</li><li>Language of the book</li><li>Time spent reading content</li><li>Content type and size details</li></ul>|
|
||||
|
||||
@ -289,7 +289,7 @@ If a user has enabled Tailored experiences on the device, [pseudonymized](#pseud
|
||||
- UI and media performance and glitches versus smoothness -- video playback frame rate, audio glitches, animation glitches (stutter when bringing up Start), graphics score, time to first frame, play/pause/stop/seek responsiveness, time to render PDF, dynamic streaming of video from OneDrive performance
|
||||
- Disk footprint -- Free disk space, out of memory conditions, and disk score
|
||||
- Excessive resource utilization -- components impacting performance or battery life through high CPU usage during different screen and power states
|
||||
- Background task performance -- download times, Windows Update scan duration, Windows Defender Antivirus scan times, disk defrag times, mail fetch times, service startup and state transition times, and time to index on-device files for search results
|
||||
- Background task performance -- download times, Windows Update scan duration, Microsoft Defender Antivirus scan times, disk defrag times, mail fetch times, service startup and state transition times, and time to index on-device files for search results
|
||||
- Peripheral and devices -- USB device connection times, time to connect to a wireless display, printing times, network availability and connection times (time to connect to Wi-Fi, time to get an IP address from DHCP etc.), smart card authentication times, automatic brightness, and environmental response times
|
||||
- Device setup -- first setup experience times (time to install updates, install apps, connect to network, and so on), time to recognize connected devices (printer and monitor), and time to set up a Microsoft Account
|
||||
- Power and Battery life -- power draw by component (Process/CPU/GPU/Display), hours of time the screen is off, sleep state transition details, temperature and thermal throttling, battery drain in a power state (screen off or screen on), processes and components requesting power use while the screen is off, auto-brightness details, time device is plugged into AC versus battery, and battery state transitions
|
||||
|
||||
Reference in New Issue
Block a user