Merge pull request #7601 from MicrosoftDocs/main

Publish 05/13/2022, 10:30 AM

Author: v-dihans

memdocs/intune/configuration/vpn-settings-configure.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 04/29/2022
+ms.date: 05/12/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -155,7 +155,11 @@ You can create VPN profiles using the following connection types:
   - iOS/iPadOS
 
   > [!Important]
-  > Use *Microsoft Tunnel (preview)* instead. On April 29, 2022, the *Microsoft Tunnel (preview)* connection type became generally available and supports Microsoft Defender for Endpoint as a tunnel client app. By the end of June 2022, the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app it supports are deprecated and drop from support. Soon after the June date, this connection type will stop functioning and no longer connect to Microsoft Tunnel.
+  > **Plan for change**. On April 29, 2022 both the *Microsoft Tunnel (preview)* connection type and *Microsoft Defender for Endpoint* as the tunnel client app became generally available. With this general availability, the use of the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app are deprecated and soon will drop from support.  
+  > - On July 29, 2022, the  standalone tunnel client app will no longer be available for download. Only the generally available version of *Microsoft Defender for Endpoint* will be available as the tunnel client app.  
+  > - On August 1, 2022, the *Microsoft Tunnel (standalone client) (preview)* connection type will cease to connect to Microsoft Tunnel.  
+  >
+  > To avoid a disruption in service for Microsoft Tunnel, plan to migrate your use of the deprecated tunnel client app and connection type to those that are now generally available.
 
 - NetMotion Mobility
   - Android Enterprise personally owned devices with a work profile

memdocs/intune/configuration/vpn-settings-ios.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 04/29/2022
+ms.date: 05/12/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -87,7 +87,11 @@ Select the VPN connection type from the following list of vendors:
   Applies to the Microsoft Tunnel client app.
 
   > [!Important]
-  > Use *Microsoft Tunnel (preview)* instead. On April 29, 2022, the *Microsoft Tunnel (preview)* connection type became generally available and supports Microsoft Defender for Endpoint as a tunnel client app. By the end of June 2022, the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app it supports are deprecated and drop from support. Soon after the June date, this connection type will stop functioning and no longer connect to Microsoft Tunnel.
+  > **Plan for change**. On April 29, 2022 both the *Microsoft Tunnel (preview)* connection type and *Microsoft Defender for Endpoint* as the tunnel client app became generally available. With this general availability, the use of the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app are deprecated and soon will drop from support.  
+  > - On July 29, 2022, the  standalone tunnel client app will no longer be available for download. Only the generally available version of *Microsoft Defender for Endpoint* will be available as the tunnel client app.  
+  > - On August 1, 2022, the *Microsoft Tunnel (standalone client) (preview)* connection type will cease to connect to Microsoft Tunnel.  
+  >
+  > To avoid a disruption in service for Microsoft Tunnel, plan to migrate your use of the deprecated tunnel client app and connection type to those that are now generally available.
 
 - **Microsoft Tunnel (preview)**
 

memdocs/intune/configuration/vpn-settings-windows-10.md

@@ -7,7 +7,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 01/25/2022
+ms.date: 05/12/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: configuration
@@ -54,13 +54,12 @@ These settings apply to devices running:
 - **Use this VPN profile with a user/device scope**: Apply the profile to the user scope or the device scope:
 
   - **User scope**: The VPN profile is installed within the user's account on the device, such as `[email protected]`. If another user signs in to the device, the VPN profile isn't available.
-  - **Device scope**: The VPN profile is installed in the device context, and applies to all users on the device.
+  - **Device scope**: The VPN profile is installed in the device context, and applies to all users on the device. Windows Holographic devices only support device scope.
 
 Existing VPN profiles apply to their existing scope. By default, new VPN profiles are installed in the user scope *except* for the profiles with device tunnel enabled. VPN profiles with device tunnel enabled use the device scope.
 
 ## Connection type
 
-
 - **Connection type**: Select the VPN connection type from the following list of vendors:
 
   - **Check Point Capsule VPN**

memdocs/intune/enrollment/enrollment-restrictions-set.md

@@ -21,7 +21,7 @@ ms.assetid: 9691982c-1a03-4ac1-b7c5-73087be8c5f2
 #ROBOTS:
 #audience:
 
-ms.reviewer: dagerrit
+ms.reviewer: maholdaa
 ms.suite: ems
 search.appverid: MET150
 #ms.tgt_pltfrm:

memdocs/intune/fundamentals/windows-holographic-for-business.md

@@ -6,7 +6,7 @@ keywords:
 author: MandiOhlinger
 ms.author: mandia
 manager: dougeby
-ms.date: 01/24/2022
+ms.date: 05/12/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: fundamentals
@@ -133,6 +133,9 @@ Device restrictions let you control different settings and features on your devi
 
 Virtual private networks (VPNs) give your users secure remote access to your company network. In Intune, you can create a VPN profile that includes specific settings for your devices running Windows Holographic for Business. For example, you can create a VPN profile so all Windows Holographic for Business devices use Citrix VPN as the connection type.
 
+> [!NOTE]
+> When assigning a VPN policy to Windows Holographic for Business devices, assign the profile to the device scope. Currently, Windows Holographic only supports the device scope. When the VPN profile is installed in the device context, it applies to all users on the device. If a user profile is deployed, it's treated as a device profile.
+
 ### [Configure Wi-Fi](../configuration/wi-fi-settings-configure.md)
 
 You can also create a Wi-Fi profile in Intune to assign wireless network settings to your Windows Holographic for Business devices. When you assign a Wi-Fi profile, your end users get corporate network access, without any network configuration. For example, you can create a Wi-Fi network dedicated to only your Windows Holographic for Business devices.
@@ -163,4 +166,4 @@ Hello for Business is an alternative sign-in method that uses an Azure Active Di
 
 ## Next steps
 
-[Set up Intune](setup-steps.md).
+[Set up Intune](setup-steps.md).

memdocs/intune/protect/endpoint-security.md

@@ -35,7 +35,7 @@ The Endpoint security node groups the tools that are available through Intune th
 
 - **Review the status of all your managed devices**. Use the [All devices](#manage-devices) view where you can view device compliance from a high level. Then, drill-in to specific devices to understand which compliance policies aren't met so you can resolve them.
 
-- **Deploy security baselines that establish best practice security configurations for devices**. Intune includes [security baselines](#manage-security-baselines) for Windows devices and a growing list of applications, like Microsoft Defender for Endpoint and Microsoft Edge. Security baselines are pre-configured groups of Windows settings that help you apply a configuration that's recommended by the relevant security teams recommend.
+- **Deploy security baselines that establish best practice security configurations for devices**. Intune includes [security baselines](#manage-security-baselines) for Windows devices and a growing list of applications, like Microsoft Defender for Endpoint and Microsoft Edge. Security baselines are pre-configured groups of Windows settings that help you apply a configuration that's recommended by the relevant security teams.
 
 - **Manage security configurations on devices through tightly focused policies**.  Each [Endpoint security policy](#use-policies-to-manage-device-security) focuses on aspects of device security like antivirus, disk encryption, firewalls, and several areas made available through integration with Microsoft Defender for Endpoint.
 

memdocs/intune/protect/microsoft-tunnel-configure.md

@@ -5,7 +5,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 04/29/2022
+ms.date: 05/12/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -191,7 +191,12 @@ To use the Microsoft Tunnel, devices need access to a Microsoft Tunnel client ap
   - **Microsoft Tunnel** client app - For iOS/iPadOS, download the **Microsoft Tunnel** client app from the Apple **App Store**. See Add iOS store apps to Microsoft Intune.
 
   > [!Important]
-  > Use *Microsoft Defender for Endpoint* instead. On April 29, 2022, the *Microsoft Tunnel (preview)* connection type became generally available and supports Microsoft Defender for Endpoint as a tunnel client app. By the end of June 2022, the *Microsoft Tunnel (standalone client)(preview)* connection type and the *Microsoft Tunnel client app* it supports are deprecated and drop from support. Soon after the June date, this connection type will stop functioning and no longer connect to Microsoft Tunnel.
+  > **Plan for change**. On April 29, 2022 both the *Microsoft Tunnel (preview)* connection type and *Microsoft Defender for Endpoint* as the tunnel client app became generally available. With this general availability, the use of the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app are deprecated and soon will drop from support.  
+  > - On July 29, 2022, the  standalone tunnel client app will no longer be available for download. Only the generally available version of *Microsoft Defender for Endpoint* will be available as the tunnel client app.  
+  > - On August 1, 2022, the *Microsoft Tunnel (standalone client) (preview)* connection type will cease to connect to Microsoft Tunnel.  
+  >
+  > To avoid a disruption in service for Microsoft Tunnel, plan to migrate your use of the deprecated tunnel client app and connection type to those that are now generally available.
+
 
 For more information on deploying apps with Intune, see [Add apps to Microsoft Intune](../apps/apps-add.md).
 
@@ -221,7 +226,11 @@ After the Microsoft Tunnel installs and devices install the Microsoft Tunnel cli
   - **Microsoft Tunnel (standalone client) (preview)** – Use this connection type when you use the standalone Microsoft Tunnel client app. This connection type doesn’t support Microsoft Defender for Endpoint as the client Tunnel app.
 
     > [!Important]
-    > Use *Microsoft Tunnel (preview)* instead. On April 29, 2022, the *Microsoft Tunnel (preview)* connection type became generally available and supports Microsoft Defender for Endpoint as a tunnel client app. By the end of June 2022, the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app it supports are deprecated and drop from support. Soon after the June date, this connection type will stop functioning and no longer connect to Microsoft Tunnel.
+    > **Plan for change**. On April 29, 2022 both the *Microsoft Tunnel (preview)* connection type and *Microsoft Defender for Endpoint* as the tunnel client app became generally available. With this general availability, the use of the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app are deprecated and soon will drop from support.  
+    > - On July 29, 2022, the  standalone tunnel client app will no longer be available for download. Only the generally available version of *Microsoft Defender for Endpoint* will be available as the tunnel client app.  
+    > - On August 1, 2022, the *Microsoft Tunnel (standalone client) (preview)* connection type will cease to connect to Microsoft Tunnel.  
+    >
+    > To avoid a disruption in service for Microsoft Tunnel, plan to migrate your use of the deprecated tunnel client app and connection type to those that are now generally available.
 
   The iOS platform supports routing traffic by either a per-app VPN or by split tunneling rules, but not both simultaneously. If you enable a per-app VPN for iOS, your split tunneling rules are ignored.
 

memdocs/intune/protect/microsoft-tunnel-migrate-app.md

@@ -5,7 +5,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 04/29/2022
+ms.date: 05/12/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -52,7 +52,7 @@ The following device platforms support Microsoft Defender for Endpoint as the tu
 
   On April 29, 2022, Microsoft Defender for Endpoint became available as the Microsoft Tunnel client app for iOS/iPadOS devices for use with the Microsoft Tunnel Gateway in Microsoft Intune.
 
-  If you've previously configured Microsoft Tunnel for iOS/iPadOS using the standalone Microsoft Tunnel client app, you must migrate your devices to use Microsoft Defender for Endpoint as the Tunnel client app. Support for the iOS standalone Tunnel client app ends by the end of June.
+  If you've previously configured Microsoft Tunnel for iOS/iPadOS using the standalone Microsoft Tunnel client app, you must migrate your devices to use Microsoft Defender for Endpoint as the Tunnel client app. Support for the iOS standalone Tunnel client app ends on July 29, 2022.
 
   To configure the Microsoft Defender for Endpoint app to connect to Tunnel, you'll need to create a new VPN profile with the *Microsoft Tunnel (preview)* connection type.
 

memdocs/intune/protect/microsoft-tunnel-overview.md

@@ -5,7 +5,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 04/29/2022
+ms.date: 05/12/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -67,7 +67,11 @@ To direct devices to use the tunnel, you create and deploy a VPN policy for Micr
   > - As of June 14 2021, both the standalone tunnel app and standalone client connection type are deprecated and drop from support after January 31, 2022.
   >
   > For iOS/iPadOS:  
-  > - As of April 29, 2022, Microsoft Defender for Endpoint is generally available as the Microsoft Tunnel client app for iOS/iPadOS, and replaces use of the standalone tunnel client app and preview versions of Defender for Endpoint. By the end of June 2022, the standalone client app and its connection type of *Microsoft Tunnel (standalone client)(preview)* are deprecated and drop from support. Soon after the June date, this connection type will stop functioning and no longer connect to Microsoft Tunnel.
+  > - On April 29, 2022 both the *Microsoft Tunnel (preview)* connection type and *Microsoft Defender for Endpoint* as the tunnel client app became generally available. With this general availability, the use of the *Microsoft Tunnel (standalone client)(preview)* connection type and the standalone tunnel client app are deprecated and soon will drop from support.  
+  >   - On July 29, 2022, the  standalone tunnel client app will no longer be available for download. Only the generally available version of *Microsoft Defender for Endpoint* will be available as the tunnel client app.  
+  >   - On August 1, 2022, the *Microsoft Tunnel (standalone client) (preview)* connection type will cease to connect to Microsoft Tunnel.  
+  >
+  >   To avoid a disruption in service for Microsoft Tunnel, plan to migrate your use of the deprecated tunnel client app and connection type to those that are now generally available.
 
 Features of the VPN profiles for the tunnel include:
 

memdocs/intune/protect/microsoft-tunnel-prerequisites.md

@@ -49,6 +49,10 @@ The following sections detail the prerequisites for the Microsoft Tunnel, and pr
 
 Set up a Linux based virtual machine or a physical server on which Microsoft Tunnel Gateway will install.
 
+> [!NOTE]
+> Only the opearating systems and container versions that are listed in the following table are supported. Versions not listed are not supported. Only after testing and supportability are verified are newer versions added to this list. 
+
+
 - **Supported Linux distributions** - The following table details which versions of Linux are supported for the Tunnel server, and the container they require: 
 
   |Distributon version    | Container requirements   | Considerations     |
@@ -116,7 +120,7 @@ Both Podman and Docker containers use a bridge network to forward traffic throug
 The default bridge networks are:
 
 - Docker:  **172.17.0.0/16**
-- Podman: **10.0.88.0.0/16**
+- Podman: **10.88.0.0/16**
 
 To avoid conflicts, you can reconfigure both Podman and Docker to use a bridge network that you specify.