Merge pull request #6471 from Brenduns/9851681-ios-tunnel-mde

 2201 - OOB - 9851681 ios tunnel mde

Author: Brenduns

memdocs/intune/configuration/vpn-settings-configure.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 01/20/2022
+ms.date: 01/31/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -138,14 +138,20 @@ You can create VPN profiles using the following connection types:
 - L2TP
   - Windows 10/11
 
-- Microsoft Tunnel (standalone client)
+- Microsoft Tunnel (standalone client)(preview)
   - iOS/iPadOS  
 
 - Microsoft Tunnel  
-  - Android Enterprise personally owned devices with a work profile
-  - Android Enterprise fully managed and corporate-owned work profile
+  - Android Enterprise personally owned devices with a work profile.
+  - Android Enterprise fully managed and corporate-owned work profile.
+  - iOS/iPadOS – As part of a public preview, iOS/iPadOS supports a connection type of *Microsoft Tunnel (preview)*. To use this connection type, you must use the preview version of Microsoft Defender for Endpoint that supports Tunnel on this platform.
 
   > [!Important]
+  > Prior to support for using Microsoft Defender for Endpoint as the tunnel client app, Microsoft Tunnel used a standalone tunnel client app and a connection type of **Microsoft Tunnel (standalone client)**.
+  >
+  > For Android, as of June 14, 2021, both the standalone tunnel app and standalone client connection type are deprecated and drop from support after October 26, 2021.
+  >
+  > For iOS/iPadOS, the standalone client app and connection type remain in support while use of Microsoft Defender for Endpoint as the client app with the Microsoft Tunnel connection type are in public preview.
   > Prior to support for using Microsoft Defender for Endpoint as the tunnel client app, a standalone tunnel client app was available in preview and used a connection type of **Microsoft Tunnel (standalone client)**. As of June 14, 2021, both the standalone tunnel app and standalone client connection type are deprecated and drop from support after January 31, 2022.
 
 - NetMotion Mobility

memdocs/intune/configuration/vpn-settings-ios.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 03/02/2021
+ms.date: 11/11/2021
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -58,14 +58,15 @@ Select the VPN connection type from the following list of vendors:
 - **Cisco (IPSec)**
 - **Citrix VPN**
 - **Citrix SSO**
-- **Zscaler**: To use Conditional Access, or allow users to bypass the Zscaler sign in screen, then you must integrate Zscaler Private Access (ZPA) with your Azure AD account. For detailed steps, see the [Zscaler documentation](https://help.zscaler.com/zpa/configuration-guide-microsoft-azure-ad).
+- **Zscaler**: To use Conditional Access, or allow users to bypass the Zscaler sign in screen, you must integrate Zscaler Private Access (ZPA) with your Azure AD account. For detailed steps, see the [Zscaler documentation](https://help.zscaler.com/zpa/configuration-guide-microsoft-azure-ad).
 - **NetMotion Mobility**
 - **IKEv2**: [IKEv2 settings](#ikev2-settings) (in this article) describes the properties.
-- **Microsoft Tunnel**
+- **Microsoft Tunnel (standalone client)(preview)**: Applicable to the Microsoft Tunnel client app.
+- **Microsoft Tunnel (preview)** - Applicable to the preview version of the Microsoft Defender for Endpoint app that includes Tunnel client functionality.
 - **Custom VPN**
 
 > [!NOTE]
-> Cisco, Citrix, F5, and Palo Alto have announced that their legacy clients don't work on iOS 12. You should migrate to the new apps as soon as possible. For more information, see the [Microsoft Intune Support Team Blog](https://go.microsoft.com/fwlink/?linkid=2013806&clcid=0x409).
+> Cisco, Citrix, F5, and Palo Alto have announced that their legacy clients don't work on iOS 12 and later. You should migrate to the new apps as soon as possible. For more information, see the [Microsoft Intune Support Team Blog](https://go.microsoft.com/fwlink/?linkid=2013806&clcid=0x409).
 
 ## Base VPN settings
 
@@ -301,14 +302,11 @@ These settings apply when you choose **Connection type** > **IKEv2**.
 
 ## Per-app VPN
 
-These settings apply when you choose **Connection type** > **Microsoft Tunnel (standalone client)**.  
+These settings apply when you choose **Connection type** > **Microsoft Tunnel (standalone client) (preview)** or **Connection type** > **Microsoft Tunnel (preview)**.  
 
 - **Per-app VPN**: **Enable** associates a specific to this VPN connection. When the app runs, traffic automatically routes through the VPN connection. You can associate the VPN profile with an app when you assign the software. For more information, see [How to assign and monitor apps](../apps/apps-deploy.md).
 
-  For more information, see [Microsoft Tunnel for Intune](../protect/microsoft-tunnel-overview.md).  
-
-> [!Important]
-> In preparation for the [public preview of Tunnel client functionality in the Microsoft Defender for Endpoint app](https://aka.ms/defendertunnel), the VPN profile connection type for the Microsoft Tunnel client app has been renamed to **Microsoft Tunnel (standalone client)**. At this time, you should use the **Microsoft Tunnel (standalone client)** connection type, not the **Microsoft Tunnel** connection type.   
+  For more information, see [Microsoft Tunnel for Intune](../protect/microsoft-tunnel-overview.md).
 
 ## Proxy
 

memdocs/intune/fundamentals/in-development.md

@@ -82,8 +82,6 @@ We’re adding a new policy under endpoint security Account protection that you
 
 With this capability, when configuring the policy you’ll be able to select users from the Azure AD group picker, or manually add users by their SID.
 
-### Use Microsoft Defender for Endpoint as the Tunnel app for iOS devices (public preview)<!-- 9851681 -->
-As part of a public preview, you'll soon be able to use the Microsoft Defender for Endpoint client app as [Microsoft Tunnel app](../protect/microsoft-tunnel-overview.md) for your iOS devices.  Eventually, Defender for Endpoint will replace the use of the standalone Tunnel client app for iOS devices as it has for Android devices.
 
 <!-- ***********************************************-->
 

memdocs/intune/fundamentals/whats-new.md

@@ -60,6 +60,20 @@ You can use RSS to be notified when this page is updated. For more information,
 ### Scripts
 -->
 
+## Week of January 31, 2022
+
+### Device security
+
+#### Public preview of Tunnel client functionality in Microsoft Defender for Endpoint app for iOS/iPadOS<!-- 9851681  -->
+
+Microsoft Tunnel client functionality for iOS/iPadOS is migrating into the Microsoft Defender for Endpoint app. With this preview, you can start to use a preview version of Microsoft Defender for Endpoint as the Tunnel app for supported devices. The existing Tunnel client remains available, but will eventually be phased out in favor of the Defender for Endpoint app.
+
+This public preview applies to:  
+
+- iOS/iPadOS
+
+For this preview, you download a preview version of Microsoft Defender for Endpoint from the Apple app store, and then migrate supported devices from the standalone Tunnel client app to the preview app. For details, see [Migrate to the Microsoft Defender for Endpoint app](../protect/microsoft-tunnel-migrate-app.md).
+
 ## Week of January 24, 2022 (Service release 2201)
 
 ### App management

…tunnel-migrate-app/defender-app-tabs.png …nel-migrate-app/defender-app-android.pngmemdocs/intune/protect/media/microsoft-tunnel-migrate-app/defender-app-tabs.png renamed to memdocs/intune/protect/media/microsoft-tunnel-migrate-app/defender-app-android.png memdocs/intune/protect/media/microsoft-tunnel-migrate-app/defender-app-tabs.png renamed to memdocs/intune/protect/media/microsoft-tunnel-migrate-app/defender-app-android.png

@@ -1,11 +1,11 @@
 ---
-title: Use the Microsoft Tunnel VPN gateway with Conditional Access policies
+title: Use Microsoft Tunnel VPN gateway with Conditional Access policies
 description: Configure your Azure tenant to support using Conditional Access policies to grant access to the Intune Microsoft Tunnel VPN gateway solution.
 keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 05/24/2021
+ms.date: 01/31/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -25,11 +25,11 @@ ms.custom: intune-azure
 ms.collection: M365-identity-device-management
 ---
 
-# Use Conditional Access with the Microsoft Tunnel in Intune
+# Use Conditional Access with Microsoft Tunnel in Intune
 
 If your Microsoft Intune environment uses both Azure Active Directory (AD) and Conditional Access, you can use Conditional Access policies to gate device access to your Microsoft Tunnel VPN gateway.
 
-To support integration of Conditional Access and the Microsoft Tunnel, you’ll use Azure AD PowerShell to enable your tenant to support Microsoft Tunnel. After enabling your tenant to support Microsoft Tunnel, you can then create Conditional Access policies that apply to the Microsoft Tunnel app.
+To support integration of Conditional Access and Microsoft Tunnel, you’ll use Azure AD PowerShell to enable your tenant to support Microsoft Tunnel. After enabling your tenant to support Microsoft Tunnel, you can then create Conditional Access policies that apply to the Microsoft Tunnel app.
 
 ## Provision your tenant