Merge pull request #8501 from Brenduns/update-trend-mtd

v-stsavell · web-flow · commit 13c94304a7ee · 2022-09-22T10:09:06.000-05:00
Edits per Trend Micro feedback
diff --git a/memdocs/intune/fundamentals/whats-new.md b/memdocs/intune/fundamentals/whats-new.md
@@ -216,7 +216,7 @@ The **All devices** option is now available for [compliance policy](../protect/c
 When you include the *All devices* group you can then exclude individual groups of devices to further refine the assignment scope.
 
 #### Trend Micro – New mobile threat defense partner<!-- 11017779 -->
-You can now use [Trend Micro Mobile Security](../protect/trend-micro-mobile-threat-defense-connector.md) as an integrated mobile threat defense (MTD) partner with Intune. By configuring the Trend MTD connector in Intune, you can control mobile device access to corporate resources using conditional access that's based on risk assessment.
+You can now use [Trend Micro Mobile Security as a Service](../protect/trend-micro-mobile-threat-defense-connector.md) as an integrated mobile threat defense (MTD) partner with Intune. By configuring the Trend MTD connector in Intune, you can control mobile device access to corporate resources using conditional access that's based on risk assessment.
  
 For more information, see:
 - [Mobile threat defense integration with Intune](../protect/mobile-threat-defense.md)
diff --git a/memdocs/intune/protect/mobile-threat-defense.md b/memdocs/intune/protect/mobile-threat-defense.md
@@ -109,6 +109,6 @@ Learn how to protect access to company resource based on device, network, and ap
 - [Pradeo](pradeo-mobile-threat-defense-connector.md)
 - [Sophos Mobile](sophos-mtd-connector.md)
 - [Symantec Endpoint Protection Mobile](skycure-mobile-threat-defense-connector.md)
-- [Trend Micro Mobile Security](trend-micro-mobile-threat-defense-connector.md)
+- [Trend Micro Mobile Security as a Service](trend-micro-mobile-threat-defense-connector.md)
 - [Wandera Mobile Threat Defense](wandera-mtd-connector.md)
 - [Zimperium](zimperium-mobile-threat-defense-connector.md)
diff --git a/memdocs/intune/protect/mtd-apps-ios-app-configuration-policy-add-assign.md b/memdocs/intune/protect/mtd-apps-ios-app-configuration-policy-add-assign.md
@@ -157,9 +157,9 @@ Use the same Azure AD account previously configured in the [Symantec Endpoint Pr
 
 Create the iOS app configuration policy as described in the [using iOS app configuration policy](../apps/app-configuration-policies-use-ios.md) article. For more information, see [Sophos Intercept X for Mobile iOS - Available managed settings](https://community.sophos.com/kb/133963) in the Sophos knowledge base.
 
-### Trend Micro Mobile Security app configuration policy
+### Trend Micro Mobile Security as a Service app configuration policy
 
-See the instructions for [using Microsoft Intune app configuration policies for iOS](../apps/app-configuration-policies-use-ios.md) to add the Trend Micro Mobile Security app configuration policy.
+See the instructions for [using Microsoft Intune app configuration policies for iOS](../apps/app-configuration-policies-use-ios.md) to add the Trend Micro Mobile Security as a Service app configuration policy.
 
 ### Wandera app configuration policy
 
diff --git a/memdocs/intune/protect/trend-micro-mobile-threat-defense-connector.md b/memdocs/intune/protect/trend-micro-mobile-threat-defense-connector.md
@@ -1,7 +1,7 @@
 ---
 # required metadata
 
-title: Trend Micro Mobile connector with Intune
+title: Trend Micro Mobile Security as a Service connector with Intune
 titleSuffix: Intune on Azure
 description: Set up the Trend Micro Mobile Threat Defense connector with Intune.
 keywords:
@@ -29,11 +29,16 @@ search.appverid: MET150
 ms.collection: M365-identity-device-management
 ---
 
-# Use Trend Micro Mobile Security with Intune
+# Use Trend Micro Mobile Security as a Service with Microsoft Intune
 
-Control mobile device access to corporate resources using Conditional Access based on risk assessment conducted by Trend Micro Mobile Security, a mobile threat defense (MTD) solution that integrates with Microsoft Intune. Risk is assessed based on telemetry collected from devices running the Trend Micro Mobile Agent app.
+Control mobile device access to corporate resources using Conditional Access based on risk assessment conducted by Trend Micro Mobile Security as a Service, a mobile threat defense (MTD) solution that integrates with Microsoft Intune. Risk is assessed based on telemetry collected from devices protected by the Trend Micro Mobile Security as a Service, including:
 
-You can configure Conditional Access policies based on a Trend Micro risk assessment, enabled through Intune device compliance policies for enrolled devices. You can set up your policies to allow or block noncompliant devices from accessing corporate resources based on detected threats.
+- Malicious  apps installed
+- Malicious network behavior and profiles
+- Operating system vulnerabilities
+- Device misconfiguration
+
+You can configure Conditional Access policies based on Trend Micro Mobile Security as a Service’s risk assessment, enabled through Intune device compliance policies for enrolled devices. You can set up your policies to allow or block noncompliant devices from accessing corporate resources based on detected threats.
 
 For more information about how to integrate Trend Micro with Microsoft Intune, see [Integration with Microsoft Endpoint Manager (Intune)](http://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003/integration-with-int.aspx) in the [Trend Micro Mobile Security documentation](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security.aspx).
 
@@ -53,11 +58,11 @@ For more information about how to integrate Trend Micro with Microsoft Intune, s
 
 ## How do Intune and the Trend Micro MTD connector help protect your company resources?
 
-The Trend Micro Mobile Agent app for Android and iOS/iPadOS captures file system, network stack, device, and application telemetry where available, then sends the telemetry data to the *Mobile Security* cloud service to assess the device's risk for mobile threats.
+The Trend Micro Mobile Security as a Service mobile agent app for Android and iOS/iPadOS captures file system, network stack, device, and application telemetry where available, then sends the telemetry data to Trend Micro Mobile Security as a Service to assess the device's risk for mobile threats.
 
-- **Support for enrolled devices** - Intune device compliance policy includes a rule for MTD, which can use risk assessment information from Trend Micro. When the MTD rule is enabled, Intune evaluates device compliance with the policy that you enabled. If the device is found noncompliant, users are blocked access to corporate resources, such as Exchange Online and SharePoint Online. Users also receive guidance from the Trend Micro Mobile Agent app installed on their devices to resolve the issue and regain access to corporate resources. To support using Trend Micro with enrolled devices:
+- **Support for enrolled devices** - Intune device compliance policy includes a rule for MTD, which can use risk assessment information from Trend Micro. When the MTD rule is enabled, Intune evaluates device compliance with the policy that you enabled. If the device is found noncompliant, users are blocked access to corporate resources, such as Exchange Online and SharePoint Online. Users also receive guidance from the Trend Micro Mobile Security as a Service mobile agent app installed on their devices to resolve the issue and regain access to corporate resources. To support using Trend Micro with enrolled devices:
 
-  - [Add MTD apps to devices](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
+  - [Add MTD apps to devices](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md) (This is done automatically when  setting up Trend Micro Mobile Security as a Service integration)
   - [Create a device compliance policy that supports MTD](../protect/mtd-device-compliance-policy-create.md)
   - [Enable the MTD connector in Intune](../protect/mtd-connector-enable.md)
 
@@ -107,7 +112,7 @@ Detect threats like **Man-in-the-middle** in network and prevent synchronization
 
 ## Next steps
 
-- [Integrate Trend Micro with Intune](../protect/trend-micro-mtd-connector-integration.md)
-- [Set up Trend Micro Mobile Agent app](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
-- [Create Trend Micro device compliance policy](../protect/mtd-device-compliance-policy-create.md)
-- [Enable Trend Micro Mobile Security MTD connector](../protect/mtd-connector-enable.md)
+- [Integrate Trend Micro Mobile Security as a Service with Intune](../protect/trend-micro-mtd-connector-integration.md)
+- [Set up Trend Micro Mobile Security as a Service mobile agent app](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
+- [Create Trend Micro Mobile Security as a Service device compliance policy](../protect/mtd-device-compliance-policy-create.md)
+- [Enable Trend Micro Mobile Security as a Service MTD connector](../protect/mtd-connector-enable.md)
diff --git a/memdocs/intune/protect/trend-micro-mtd-connector-integration.md b/memdocs/intune/protect/trend-micro-mtd-connector-integration.md
@@ -3,7 +3,7 @@
 
 title: Set up Trend Micro MTD integration with Intune
 titleSuffix: Intune on Azure
-description: "Trend Micro Mobile Security connector integration with Intune"
+description: "Trend Micro Mobile Security as Service connector integration with Intune"
 keywords:
 author: brenduns
 ms.author: brenduns
@@ -29,15 +29,15 @@ search.appverid: MET150
 ms.collection: M365-identity-device-management
 ---
 
-# Connect Trend Micro Mobile Security with Microsoft Intune
+# Connect Trend Micro Mobile Security as a Service with Microsoft Intune
 
-Connect the Trend Micro MTD connector to monitor and mitigate device risk levels on Intune-managed devices. Trend Micro Mobile Security works by reporting device risk levels to Microsoft Intune. Intune then uses that information to enforce the appropriate app configuration and risk assessment policies. For more information about Trend Micro Mobile Security, see [Getting Started with Mobile Security](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003.aspx) in the Trend Micro documentation.
+Connect Trend Micro Mobile Security as a Service to monitor and mitigate device risk levels on Intune-managed devices. Trend Micro Mobile Security as a Service works by reporting device risk levels to Microsoft Intune. Intune then uses that information to enforce the appropriate app configuration and risk assessment policies. For more information about Trend Micro Mobile Security as a Service, see [Getting Started with Mobile Security](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003.aspx) in the Trend Micro documentation.
 
-This article describes the requirements and steps to connect the MTD connector in your tenant.
+This article describes the requirements and steps to connect Trend Micro Mobile Security as a Service in your tenant.
 
 ## Before you begin
 
-The following subscriptions and accounts are required to integrate Trend Micro Mobile Security with Microsoft Intune.
+The following subscriptions and accounts are required to integrate Trend Micro Mobile Security as a Service with Microsoft Intune.
 
 - Microsoft Intune subscription
 - Azure Active Directory (Azure AD) account with Global Administrator rights to grant the following permissions:
@@ -47,39 +47,46 @@ The following subscriptions and accounts are required to integrate Trend Micro M
   - Send device information to Intune
 - Admin sign-in credentials to access the Trend Micro Vision One management console
 
-### App authorization
+### Trend Micro Mobile Security as a Service App authorization
 
-The following authorization process happens when you connect the Trend Micro Mobile Security MTD connector:
+The following authorization process happens when you configure the integration with Trend Micro Mobile Security as a Service:
 
-- Allow Trend Micro Mobile Security to communicate information related to device health state back to Intune. To grant these permissions, you must use Global Administrator credentials. Granting permissions is a one-time operation. After the permissions are granted, the Global Administrator credentials aren't needed for day-to-day operation.
-- Allow Trend Micro Mobile Security to sync Azure AD enrollment group membership to populate its device's database.
+- Allow Trend Micro Mobile Security as a Service to communicate information related to device health state back to Intune. To grant these permissions, you must use Global Administrator credentials. Granting permissions is a one-time operation. After the permissions are granted, the Global Administrator credentials aren't needed for day-to-day operation.
+- Allow Trend Micro Mobile Security as a Service to sync Azure AD enrollment group membership to populate its device's database.
 - Allow Trend Micro Vision One management console to use Azure AD Single Sign On (SSO).
-- Allow Trend Micro Mobile Agent app to sign in using Azure AD SSO.
+- Allow Trend Micro Mobile as a Service agent app to sign in using Azure AD SSO.
+- Allow Trend Micro Mobile Security as a Service to get installed app information to perform malware  scanning.
+- Allow Trend Micro Mobile Security as a Service to add its mobile apps in Intune for deployment.
+- Allow Trend Micro Mobile Security as a Service to create device configuration profiles.
+- Allow Trend Micro Mobile Security as a Service to perform remote actions when necessary.
 
 For more information about consent and Azure AD applications, see [Request the permissions from a directory admin](/azure/active-directory/develop/v2-permissions-and-consent#request-the-permissions-from-a-directory-admin).
 
-## Set up Trend Micro MTD connector
+## Configuration Overview
+
+The configuration of Trend Micro Mobile Security as a Service and Intune integration can be done on [Trend Micro Vision One console](https://portal.xdr.trendmicro.com/) with the following steps:
+
+1. **Configure Intune integration settings.** - Grant permissions required by Trend Micro Mobile Security as a Service, select the platforms of your mobile devices, and choose data synchronization frequency. Device configuration profiles and app configuration policies are created automatically in Intune.
+
+2. **Select groups to install Trend Micro Mobile Security as a Service mobile app.** - Trend Micro Mobile Security as a Service mobile app installs automatically on devices in the selected groups.
+
+3. **(Optional) Create mobile policies.** - Optionally create customized mobile security policies provided by Trend Micro Mobile Security as a Service. For more information, see [Configuring Mobile Policies](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/configuringmobilepolicy).
+
+4. **Confirm mobile app status update.**
+
+## Set up Mobile Security as a Service integration
 
 1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) with an Intune administrator account.
 2. Go to **All services** > **Tenant administration**.
 3. Select **Connectors and tokens**.
 4. Under **Cross platform**, select **Mobile Threat Defense**.
 5. Select **Add**.
 6. For **Select the Mobile Threat Defense connector to setup**, choose **Trend Micro**.
-7. Select Open the Trend Micro admin console. Keep the Microsoft Endpoint Manager tab open for later.
-8. Sign in with your Azure AD account, and then follow the instructions in [Setting up Intune Integration](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003/integration-with-int/setting-up-intune-in.aspx) (opens Trend Micro Mobile Security documentation) to complete setup.
-9. After you finish setup in the Trend Micro Vision One console, return to your tab in the Microsoft Endpoint Manager admin center.
-10. Under **Compliance policy evaluation**, turn on the following settings:
-
-    - **Connect Android devices version 7.0 and above to Trend Micro**
-    - **Connect iOS/iPadOS devices version 11.0 and above to Trend Micro**
-
-These settings allow Trend Micro Mobile Security to evaluate the devices in your organization.
-
-Configure additional settings to meet your organization’s requirements.  
-
-11. Select **Create** to save your connector configurations.
+7. Select **Open the** [**Trend Micro Vision One console**](https://portal.xdr.trendmicro.com/). Keep the Microsoft Endpoint Manager tab open for later.
+8. Sign in with your Trend Micro Vision One administration account, and then follow the instructions in [Setting up Intune Integration](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003/integration-with-int/setting-up-intune-in.aspx) (opens Trend Micro Mobile Security documentation) to complete setup.
+9. After you finish setup in the Trend Micro Vision One console, Trend Micro Mobile Security as a Service is now available in Intune.
 
 ## Next steps
 
-- [Set up Trend Micro Mobile Agent app for enrolled devices](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
+- [Customize Mobile Policies in Trend Micro Mobile Security as a Service](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/mobile-policy.aspx)
+- [Create Mobile Threat Defense (MTD) device compliance policy with Intune](../protect/mtd-device-compliance-policy-create.md)
