Merge branch 'main' into release-win365-gcc

v-alje · v-alje · commit 3b9cca10f530 · 2022-09-22T11:43:38.000-07:00
diff --git a/memdocs/autopilot/known-issues.md b/memdocs/autopilot/known-issues.md
@@ -1,18 +1,14 @@
 ---
 title: Windows Autopilot known issues
 description: Inform yourself about known issues that may occur during Windows Autopilot deployment.
-keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
-ms.prod: w10
-ms.mktglfcycl: deploy
+ms.prod: windows-client
+ms.technology: itpro-deploy
 ms.localizationpriority: medium
-ms.sitesec: library
-ms.pagetype: deploy
-audience: itpro
 author: aczechowski
 ms.author: aaroncz
 ms.reviewer: jubaptis
 manager: dougeby
-ms.date: 05/18/2022
+ms.date: 09/21/2022
 ms.collection: M365-modern-desktop
 ms.topic: troubleshooting
 ---
@@ -28,6 +24,14 @@ This article describes known issues that can often be resolved by configuration
 
 ## Known issues
 
+### Autopilot deployment report shows "failure" status on a successful deployment
+
+The Autopilot deployment report (preview) will show a failed status for any device that experiences an initial deployment failure. For subsequent deployment attempts, using the **Try again** or **Continue to desktop** options, it won't update the deployment state in the report. If the user resets the device, it will show as a new deployment row in the report with the previous attempt remaining as failed.
+
+### Autopilot deployment report doesn't show deployed device
+
+Autopilot deployments that take longer than one hour may display an incomplete deployment status in the deployment report. If the device successfully enrolls but doesn't complete provisioning after more than one hour, the device status may not be updated in the report.
+
 ### Autopilot profile not being applied when assigned 
 
 In Windows 10 April and some May update releases, there is an issue where the Autopilot profile may fail to apply to the device and the hardware hash may not be harvested. As a result, any settings made in the profile may not be configured for the user such as device renaming. To resolve this issue, the May (KB5015020) cumulative update needs to be applied to the device.
@@ -62,9 +66,11 @@ When you attempt an Autopilot reset, you see the following message: _Autopilot r
 
 When a device is registered in Autopilot and no profile is assigned, it will take the default Autopilot profile. This behavior is by design. It makes sure that all devices that you register with Autopilot go through the Autopilot experience. If you don't want the device to go through an Autopilot deployment, remove the Autopilot registration.
 
-### White screen during HAADJ deployment
+### White screen during hybrid Azure AD joined deployment
+
+There's a UI bug on Autopilot hybrid Azure AD joined deployments where the Enrollment Status page is displayed as a white screen. This issue is limited to the UI and shouldn't affect the deployment process.
 
-There's a UI bug on Autopilot HAADJ deployments where the Enrollment Status page is displayed as a white screen. This issue is limited to the UI and shouldn't affect the deployment process.
+This issue was resolved in September 2022.
 
 ### Virtual machine failing at "Preparing your device for mobile management"
 
diff --git a/memdocs/intune/apps/app-management.md b/memdocs/intune/apps/app-management.md
@@ -74,7 +74,7 @@ Intune offers a range of capabilities to help you get the apps you need on the d
 | Apps from a   store | Yes | Yes | No | Yes |
 | Update apps | Yes | Yes | No | Yes |
 
-<sup>1</sup> Consider using [Windows Information Protection](../protect/windows-information-protection-configure.md) to protect apps on devices that run Windows 10/11.<br>
+<sup>1</sup> Consider using  [Microsoft Purview Information Protection](/microsoft-365/compliance/information-protection) and [Microsoft Purview Data Loss Prevention](/microsoft-365/compliance/dlp-learn-about-dlp). Microsoft Purview simplifies the configuration set-up and provides an advanced set of capabilities. <br>
 <sup>2</sup> Applies to devices managed by Intune only.<br>
 <sup>3</sup> Intune supports available apps from Managed Google Play store on Android Enterprise devices.<br>
 <sup>4</sup> Intune does not provide installing a shortcut to an app as a web link on standard Android Enterprise devices. However, Web link support is provided for [multi-app dedicated Android Enterprise devices](../configuration/device-restrictions-android-for-work.md#device-experience).<br> 
diff --git a/memdocs/intune/fundamentals/whats-new.md b/memdocs/intune/fundamentals/whats-new.md
@@ -216,7 +216,7 @@ The **All devices** option is now available for [compliance policy](../protect/c
 When you include the *All devices* group you can then exclude individual groups of devices to further refine the assignment scope.
 
 #### Trend Micro – New mobile threat defense partner<!-- 11017779 -->
-You can now use [Trend Micro Mobile Security](../protect/trend-micro-mobile-threat-defense-connector.md) as an integrated mobile threat defense (MTD) partner with Intune. By configuring the Trend MTD connector in Intune, you can control mobile device access to corporate resources using conditional access that's based on risk assessment.
+You can now use [Trend Micro Mobile Security as a Service](../protect/trend-micro-mobile-threat-defense-connector.md) as an integrated mobile threat defense (MTD) partner with Intune. By configuring the Trend MTD connector in Intune, you can control mobile device access to corporate resources using conditional access that's based on risk assessment.
  
 For more information, see:
 - [Mobile threat defense integration with Intune](../protect/mobile-threat-defense.md)
diff --git a/memdocs/intune/protect/mobile-threat-defense.md b/memdocs/intune/protect/mobile-threat-defense.md
@@ -109,6 +109,6 @@ Learn how to protect access to company resource based on device, network, and ap
 - [Pradeo](pradeo-mobile-threat-defense-connector.md)
 - [Sophos Mobile](sophos-mtd-connector.md)
 - [Symantec Endpoint Protection Mobile](skycure-mobile-threat-defense-connector.md)
-- [Trend Micro Mobile Security](trend-micro-mobile-threat-defense-connector.md)
+- [Trend Micro Mobile Security as a Service](trend-micro-mobile-threat-defense-connector.md)
 - [Wandera Mobile Threat Defense](wandera-mtd-connector.md)
 - [Zimperium](zimperium-mobile-threat-defense-connector.md)
diff --git a/memdocs/intune/protect/mtd-apps-ios-app-configuration-policy-add-assign.md b/memdocs/intune/protect/mtd-apps-ios-app-configuration-policy-add-assign.md
@@ -157,9 +157,9 @@ Use the same Azure AD account previously configured in the [Symantec Endpoint Pr
 
 Create the iOS app configuration policy as described in the [using iOS app configuration policy](../apps/app-configuration-policies-use-ios.md) article. For more information, see [Sophos Intercept X for Mobile iOS - Available managed settings](https://community.sophos.com/kb/133963) in the Sophos knowledge base.
 
-### Trend Micro Mobile Security app configuration policy
+### Trend Micro Mobile Security as a Service app configuration policy
 
-See the instructions for [using Microsoft Intune app configuration policies for iOS](../apps/app-configuration-policies-use-ios.md) to add the Trend Micro Mobile Security app configuration policy.
+See the instructions for [using Microsoft Intune app configuration policies for iOS](../apps/app-configuration-policies-use-ios.md) to add the Trend Micro Mobile Security as a Service app configuration policy.
 
 ### Wandera app configuration policy
 
diff --git a/memdocs/intune/protect/trend-micro-mobile-threat-defense-connector.md b/memdocs/intune/protect/trend-micro-mobile-threat-defense-connector.md
@@ -1,7 +1,7 @@
 ---
 # required metadata
 
-title: Trend Micro Mobile connector with Intune
+title: Trend Micro Mobile Security as a Service connector with Intune
 titleSuffix: Intune on Azure
 description: Set up the Trend Micro Mobile Threat Defense connector with Intune.
 keywords:
@@ -29,11 +29,16 @@ search.appverid: MET150
 ms.collection: M365-identity-device-management
 ---
 
-# Use Trend Micro Mobile Security with Intune
+# Use Trend Micro Mobile Security as a Service with Microsoft Intune
 
-Control mobile device access to corporate resources using Conditional Access based on risk assessment conducted by Trend Micro Mobile Security, a mobile threat defense (MTD) solution that integrates with Microsoft Intune. Risk is assessed based on telemetry collected from devices running the Trend Micro Mobile Agent app.
+Control mobile device access to corporate resources using Conditional Access based on risk assessment conducted by Trend Micro Mobile Security as a Service, a mobile threat defense (MTD) solution that integrates with Microsoft Intune. Risk is assessed based on telemetry collected from devices protected by the Trend Micro Mobile Security as a Service, including:
 
-You can configure Conditional Access policies based on a Trend Micro risk assessment, enabled through Intune device compliance policies for enrolled devices. You can set up your policies to allow or block noncompliant devices from accessing corporate resources based on detected threats.
+- Malicious  apps installed
+- Malicious network behavior and profiles
+- Operating system vulnerabilities
+- Device misconfiguration
+
+You can configure Conditional Access policies based on Trend Micro Mobile Security as a Service’s risk assessment, enabled through Intune device compliance policies for enrolled devices. You can set up your policies to allow or block noncompliant devices from accessing corporate resources based on detected threats.
 
 For more information about how to integrate Trend Micro with Microsoft Intune, see [Integration with Microsoft Endpoint Manager (Intune)](http://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security/getting-started-with_003/integration-with-int.aspx) in the [Trend Micro Mobile Security documentation](https://docs.trendmicro.com/en-us/enterprise/trend-micro-vision-one/mobile-security.aspx).
 
@@ -53,11 +58,11 @@ For more information about how to integrate Trend Micro with Microsoft Intune, s
 
 ## How do Intune and the Trend Micro MTD connector help protect your company resources?
 
-The Trend Micro Mobile Agent app for Android and iOS/iPadOS captures file system, network stack, device, and application telemetry where available, then sends the telemetry data to the *Mobile Security* cloud service to assess the device's risk for mobile threats.
+The Trend Micro Mobile Security as a Service mobile agent app for Android and iOS/iPadOS captures file system, network stack, device, and application telemetry where available, then sends the telemetry data to Trend Micro Mobile Security as a Service to assess the device's risk for mobile threats.
 
-- **Support for enrolled devices** - Intune device compliance policy includes a rule for MTD, which can use risk assessment information from Trend Micro. When the MTD rule is enabled, Intune evaluates device compliance with the policy that you enabled. If the device is found noncompliant, users are blocked access to corporate resources, such as Exchange Online and SharePoint Online. Users also receive guidance from the Trend Micro Mobile Agent app installed on their devices to resolve the issue and regain access to corporate resources. To support using Trend Micro with enrolled devices:
+- **Support for enrolled devices** - Intune device compliance policy includes a rule for MTD, which can use risk assessment information from Trend Micro. When the MTD rule is enabled, Intune evaluates device compliance with the policy that you enabled. If the device is found noncompliant, users are blocked access to corporate resources, such as Exchange Online and SharePoint Online. Users also receive guidance from the Trend Micro Mobile Security as a Service mobile agent app installed on their devices to resolve the issue and regain access to corporate resources. To support using Trend Micro with enrolled devices:
 
-  - [Add MTD apps to devices](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
+  - [Add MTD apps to devices](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md) (This is done automatically when  setting up Trend Micro Mobile Security as a Service integration)
   - [Create a device compliance policy that supports MTD](../protect/mtd-device-compliance-policy-create.md)
   - [Enable the MTD connector in Intune](../protect/mtd-connector-enable.md)
 
@@ -107,7 +112,7 @@ Detect threats like **Man-in-the-middle** in network and prevent synchronization
 
 ## Next steps
 
-- [Integrate Trend Micro with Intune](../protect/trend-micro-mtd-connector-integration.md)
-- [Set up Trend Micro Mobile Agent app](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
-- [Create Trend Micro device compliance policy](../protect/mtd-device-compliance-policy-create.md)
-- [Enable Trend Micro Mobile Security MTD connector](../protect/mtd-connector-enable.md)
+- [Integrate Trend Micro Mobile Security as a Service with Intune](../protect/trend-micro-mtd-connector-integration.md)
+- [Set up Trend Micro Mobile Security as a Service mobile agent app](../protect/mtd-apps-ios-app-configuration-policy-add-assign.md)
+- [Create Trend Micro Mobile Security as a Service device compliance policy](../protect/mtd-device-compliance-policy-create.md)
+- [Enable Trend Micro Mobile Security as a Service MTD connector](../protect/mtd-connector-enable.md)
diff --git a/memdocs/intune/protect/trend-micro-mtd-connector-integration.md b/memdocs/intune/protect/trend-micro-mtd-connector-integration.md
diff --git a/windows-365/enterprise/resize-cloud-pc.md b/windows-365/enterprise/resize-cloud-pc.md
diff --git a/windows-365/enterprise/whats-new.md b/windows-365/enterprise/whats-new.md
