Merge pull request #7495 from MicrosoftDocs/main

Publish 04/29/2022 3:30 PM PT

Author: Angela Fleischmann

memdocs/intune/configuration/vpn-settings-configure.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 01/31/2022
+ms.date: 04/29/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -138,21 +138,24 @@ You can create VPN profiles using the following connection types:
 - L2TP
   - Windows 10/11
 
-- Microsoft Tunnel (standalone client)(preview)
-  - iOS/iPadOS  
-
 - Microsoft Tunnel  
   - Android Enterprise personally owned devices with a work profile.
   - Android Enterprise fully managed and corporate-owned work profile.
-  - iOS/iPadOS – As part of a public preview, iOS/iPadOS supports a connection type of *Microsoft Tunnel (preview)*. To use this connection type, you must use the preview version of Microsoft Defender for Endpoint that supports Tunnel on this platform.
 
+  > [!Important]  
+  > As of June 14, 2021, both the standalone tunnel app and standalone client connection type for Android are deprecated and drop from support after October 26, 2021.
+
+- Microsoft Tunnel (preview)
+  - iOS/iPadOS
+  
   > [!Important]
-  > Prior to support for using Microsoft Defender for Endpoint as the tunnel client app, Microsoft Tunnel used a standalone tunnel client app and a connection type of **Microsoft Tunnel (standalone client)**.
-  >
-  > For Android, as of June 14, 2021, both the standalone tunnel app and standalone client connection type are deprecated and drop from support after October 26, 2021.
-  >
-  > For iOS/iPadOS, the standalone client app and connection type remain in support while use of Microsoft Defender for Endpoint as the client app with the Microsoft Tunnel connection type are in public preview.
-  > Prior to support for using Microsoft Defender for Endpoint as the tunnel client app, a standalone tunnel client app was available in preview and used a connection type of **Microsoft Tunnel (standalone client)**. As of June 14, 2021, both the standalone tunnel app and standalone client connection type are deprecated and drop from support after January 31, 2022.
+  > On April 29, 2022, this connection type became generally available and supports Microsoft Defender for Endpoint as a tunnel client app. However, the connection type continues to reflect *preview*.
+
+- Microsoft Tunnel (standalone client)(preview)
+  - iOS/iPadOS
+
+  > [!Important]
+  > Use *Microsoft Tunnel (preview)* instead. On April 29, 2022, the *Microsoft Tunnel (preview)* connection type became generally available and supports Microsoft Defender for Endpoint as a tunnel client app. By the end of June 2022, the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app it supports are deprecated and drop from support. Soon after the June date, this connection type will stop functioning and no longer connect to Microsoft Tunnel.
 
 - NetMotion Mobility
   - Android Enterprise personally owned devices with a work profile

memdocs/intune/configuration/vpn-settings-ios.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 02/24/2022
+ms.date: 04/29/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -81,12 +81,21 @@ Select the VPN connection type from the following list of vendors:
 - **IKEv2**
 
   [IKEv2 settings](#ikev2-settings) (in this article) describes the properties.
+
 - **Microsoft Tunnel (standalone client)(preview)**
 
   Applies to the Microsoft Tunnel client app.
+
+  > [!Important]
+  > Use *Microsoft Tunnel (preview)* instead. On April 29, 2022, the *Microsoft Tunnel (preview)* connection type became generally available and supports Microsoft Defender for Endpoint as a tunnel client app. By the end of June 2022, the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app it supports are deprecated and drop from support. Soon after the June date, this connection type will stop functioning and no longer connect to Microsoft Tunnel.
+
 - **Microsoft Tunnel (preview)**
 
-  Applies to the preview version of the Microsoft Defender for Endpoint app that includes Tunnel client functionality.
+  Applies to the Microsoft Defender for Endpoint app that includes Tunnel client functionality.
+
+  > [!Important]
+  > On April 29, 2022, this connection type became generally available and supports Microsoft Defender for Endpoint as a tunnel client app. However, the connection type continues to reflect *preview*.
+  
 - **Custom VPN**
 
 > [!NOTE]

memdocs/intune/enrollment/windows-enrollment-status.md

@@ -194,7 +194,7 @@ The Enrollment Status Page tracks the following device setup items:
 - Applications
   - Per machine Line-of-business (LoB) MSI apps.
   - LoB store apps with installation context = Device.
-  - Offline store and LoB store apps with installation context = Device.
+  - Offline store apps with installation context = Device.
   - Win32 applications (Windows 11 and Windows 10 version 1903 and later only) 
 
   > [!NOTE]

memdocs/intune/fundamentals/whats-new-archive.md

@@ -1184,7 +1184,7 @@ Later, if recovery is needed, a user can always use any device to view their per
 
 #### Improved view of security baseline details for devices<!-- 5536846  -->
 
-Now you can drill-in to the details for a device to view the settings details for security baselines that apply to the device. The settings appear in a simple, flat list, which includes the setting category, setting name, and status. For more information, see [View Endpoint security configurations per device](../protect/security-baselines-monitor.md#view-endpoint-security-configurations-per-device).
+Now you can drill-in to the details for a device to view the settings details for security baselines that apply to the device. The settings appear in a simple, flat list, which includes the setting category, setting name, and status. For more information, see [View Endpoint security configurations per device](../protect/security-baselines-monitor.md).
 
 <!-- vvvvvvvvvvvvvvvvvvvvvv -->
 ### Monitor and troubleshoot
@@ -2189,7 +2189,7 @@ The following platforms support import of PFX certificates:
 - Windows 10
 
 #### View the endpoint security configuration for devices<!-- 6206460  -->
-We've updated the name of the option in the Microsoft Endpoint Manager admin center, for viewing [endpoint security configurations that apply to a specific device](../protect/security-baselines-monitor.md#view-endpoint-security-configurations-per-device). This option is renamed to **Endpoint security configuration** because it shows applicable security baselines and additional policies created outside of security baselines. Previously, this option was named *Security baselines*.
+We've updated the name of the option in the Microsoft Endpoint Manager admin center, for viewing [endpoint security configurations that apply to a specific device](../protect/security-baselines-monitor.md). This option is renamed to **Endpoint security configuration** because it shows applicable security baselines and additional policies created outside of security baselines. Previously, this option was named *Security baselines*.
 
 <!-- vvvvvvvvvvvvvvvvvvvvvv -->
 ### Role-based access control

memdocs/intune/fundamentals/whats-new.md

@@ -7,7 +7,7 @@ keywords:
 author: Erikre
 ms.author: erikre
 manager: dougeby
-ms.date: 04/26/2022
+ms.date: 04/29/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: fundamentals
@@ -104,6 +104,17 @@ We've added two new Setup Assistant settings that you can use with Apple Automat
 
 ### Device security
 
+### Microsoft Defender for Endpoint as the Tunnel client app for iOS is now Generally Available<!-- 9849514  --> 
+
+Use of Microsoft Defender for Endpoint that supports [Microsoft Tunnel](../protect/microsoft-tunnel-overview.md) on iOS/iPadOS is now out of preview and is generally available. With general availability, a new version of the Defender for Endpoint app for iOS is available from the App store to download and deploy. If you’ve been using the preview version as your Tunnel client app for iOS, we recommend you upgrade to the latest Defender for Endpoint app for iOS soon to gain the benefits of the latest updates and fixes.
+
+For now, even with the general availability of Defender as the tunnel client app, the VPN profile connection type you'll use remains named **Microsoft Tunnel (preview)**.  The connection type will be renamed in a future update to **Microsoft Tunnel**.
+
+With this release, by the end of June both the standalone Tunnel client app and the preview version of Defender for Endpoint as the Tunnel client app for iOS will be deprecated and be dropped from support. Soon after that deprecation, the standalone Tunnel client app will no longer function and will no longer support opening connections to Microsoft Tunnel.
+
+If you're still using the standalone tunnel app for iOS, plan to [migrate to the Microsoft Defender for Endpoint app](../protect/microsoft-tunnel-migrate-app.md) before support for the standalone app ends and it’s support to connect to Tunnel no longer functions.
+
+
 #### Attack surface reduction rules profile<!-- 8858871 -->
 The **Attack Surface Reduction Rules (ConfigMgr)** profile for tenant attached devices is now in public preview. For more information, see [Tenant attach: Create and deploy attack surface reduction policies](../../configmgr/tenant-attach/deploy-asr-policy.md#bkmk_asr).
 

memdocs/intune/protect/endpoint-security-manage-devices.md

@@ -7,7 +7,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 04/16/2021
+ms.date: 04/29/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -47,7 +47,7 @@ The initial *All devices* view displays your devices and includes key informatio
 - When the device last checked in
 - And more
 
-![All device view in the admin center](./media/endpoint-security-manage-devices/all-device-view.png)
+:::image type="content" source="./media/endpoint-security-manage-devices/all-device-view.png" alt-text="The all device view in the admin center." lightbox="./media/endpoint-security-manage-devices/all-device-view.png":::
 
 While viewing device details, you can select a device to drill-in for more information.
 
@@ -85,14 +85,13 @@ Consider the following fields:
 
 ## Review a devices policy
 
-While viewing the list of devices, you can select a device to drill-in for more information about it by opening that device’s *Overview* page.
-
-From the Overview page of a device, you can then select **Endpoint security configuration** to view the endpoint security policies that apply to that device. Policy details are available for devices managed by MDM and Intune.
+To view information about the device configuration policies that apply to a device that's managed by MDM and Intune, you can view the [**Device configuration report**](../fundamentals/reports.md#device-configuration-report-operational). Both *endpoint security* and *security baseline* policies are device configuration policies.
 
+To view the report, select a device and then select **Device configuration**, which is found below the *Monitor* category.
+  
 ![View endpoint security policy details](./media/endpoint-security-manage-devices/view-policy-details.png)
 
-Devices that are managed by Configuration Manager don’t display policy details. To view additional information for these devices, use the Configuration Manager console.
-
+Devices that are managed by Configuration Manager don’t display policy details in the report. To view additional information for these devices, use the Configuration Manager console.
 ## Remote actions for devices
 
 Remote actions are actions you can start or apply to a device from the Microsoft Endpoint Manager admin center. When you view details for a device, you can access remote actions that apply to the device.
@@ -142,4 +141,4 @@ Options you manage for devices don’t take effect until the device checks in wi
 
 ## Next steps
 
-[Manage endpoint security in Intune](../protect/endpoint-security.md)
+[Manage endpoint security in Intune](../protect/endpoint-security.md)