From bc3d9ab7cf7e4d7017095904d78016399ef4b2c8 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 10 Dec 2024 08:37:03 -0800 Subject: [PATCH 1/9] Defender for Endpoint Server --- defender-endpoint/defender-endpoint-plan-1.md | 2 +- defender-endpoint/mde-p1-setup-configuration.md | 2 +- defender-endpoint/minimum-requirements.md | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/defender-endpoint/defender-endpoint-plan-1.md b/defender-endpoint/defender-endpoint-plan-1.md index 11af838fbf..a7c2ec75df 100644 --- a/defender-endpoint/defender-endpoint-plan-1.md +++ b/defender-endpoint/defender-endpoint-plan-1.md @@ -190,7 +190,7 @@ Most organizations use various devices and operating systems. Defender for Endpo Servers require an additional license, such as: - **Microsoft Defender for Servers Plan 1 or Plan 2** (*recommended for enterprise customers*) as part of the [Defender for Cloud](/azure/defender-for-cloud/defender-for-cloud-introduction) offering. To learn more. see [Overview of Microsoft Defender for Servers](/azure/defender-for-cloud/defender-for-servers-introduction). -- **Microsoft Defender for Endpoint for Servers** (*recommended for enterprise customers*). To learn more, see [Defender for Endpoint onboarding Windows Server](onboard-windows-server.md). +- **Microsoft Defender for Endpoint Server** (*recommended for enterprise customers*). To learn more, see [Defender for Endpoint onboarding Windows Server](onboard-windows-server.md). - **Microsoft Defender for Business servers** (*for small and medium-sized businesses who have [Microsoft Defender for Business](/defender-business/mdb-overview)*). To learn more, see [How to get Microsoft Defender for Business servers](/defender-business/get-defender-business#how-to-get-microsoft-defender-for-business-servers). See [Microsoft licensing and product terms](https://www.microsoft.com/en-us/licensing/product-licensing/products). diff --git a/defender-endpoint/mde-p1-setup-configuration.md b/defender-endpoint/mde-p1-setup-configuration.md index 5a4080526f..aa391d6f7f 100644 --- a/defender-endpoint/mde-p1-setup-configuration.md +++ b/defender-endpoint/mde-p1-setup-configuration.md @@ -60,7 +60,7 @@ The following table lists the basic requirements for Defender for Endpoint Plan > The standalone version of Defender for Endpoint Plan 1 doesn't include server licenses. To onboard servers, you'll require an additional license, such as: > > - Microsoft Defender for Servers Plan 1 or Plan 2 (as part of the [Defender for Cloud](/azure/defender-for-cloud/defender-for-cloud-introduction)) offering. -> - Microsoft Defender for Endpoint for Servers +> - Microsoft Defender for Endpoint Server > - [Microsoft Defender for Business servers](/defender-business/get-defender-business#how-to-get-microsoft-defender-for-business-servers) (for small and medium-sized businesses) > > To learn more. see [Defender for Endpoint onboarding Windows Server](onboard-windows-server.md) diff --git a/defender-endpoint/minimum-requirements.md b/defender-endpoint/minimum-requirements.md index 284f2f689a..5cc77a04e0 100644 --- a/defender-endpoint/minimum-requirements.md +++ b/defender-endpoint/minimum-requirements.md @@ -6,7 +6,7 @@ ms.author: deniseb author: denisebmsft ms.reviewer: pahuijbr ms.localizationpriority: medium -ms.date: 10/10/2024 +ms.date: 12/10/2024 manager: deniseb audience: ITPro ms.collection: @@ -44,7 +44,7 @@ There are some minimum requirements for onboarding devices to the Defender for E - To [onboard servers](onboard-windows-server.md) to the standalone versions of Defender for Endpoint, server licenses are required. You can choose from: - Microsoft Defender for Servers Plan 1 or Plan 2 (as part of the [Defender for Cloud](/azure/defender-for-cloud/defender-for-cloud-introduction)) offering - - Microsoft Defender for Endpoint for Servers + - Microsoft Defender for Endpoint Server - [Microsoft Defender for Business servers](/defender-business/get-defender-business) (for small and medium-sized businesses only) For more detailed information about licensing requirements for Microsoft Defender for Endpoint, see [Microsoft Defender for Endpoint licensing information](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#microsoft-defender-for-endpoint). From b035091bc91ef1f956ee95d369a96eb884a450a8 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 10 Dec 2024 08:42:26 -0800 Subject: [PATCH 2/9] Update mde-p1-setup-configuration.md --- defender-endpoint/mde-p1-setup-configuration.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/defender-endpoint/mde-p1-setup-configuration.md b/defender-endpoint/mde-p1-setup-configuration.md index aa391d6f7f..a54bee1d20 100644 --- a/defender-endpoint/mde-p1-setup-configuration.md +++ b/defender-endpoint/mde-p1-setup-configuration.md @@ -10,8 +10,8 @@ ms.topic: overview ms.service: defender-endpoint ms.subservice: onboard ms.localizationpriority: medium -ms.date: 09/26/2024 -ms.reviewer: +ms.date: 12/10/2024 +ms.reviewer: yonghree, pahuijbr f1.keywords: NOCSH ms.collection: - m365-security From f8d5f29ad5c8f6f5e0289d03890c7e8f07b71c28 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 10 Dec 2024 09:41:27 -0800 Subject: [PATCH 3/9] Update comprehensive-guidance-on-linux-deployment.md --- defender-endpoint/comprehensive-guidance-on-linux-deployment.md | 1 + 1 file changed, 1 insertion(+) diff --git a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md index e95fd565f7..128e0d357e 100644 --- a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md +++ b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md @@ -29,6 +29,7 @@ To learn about other ways to deploy Microsoft Defender for Endpoint on Linux, se - [Puppet based deployment](linux-install-with-puppet.md) - [Ansible based deployment](linux-install-with-ansible.md) - [Deploy Defender for Endpoint on Linux with Chef](linux-deploy-defender-for-endpoint-with-chef.md) +- [Microsoft Defender for Endpoint on Linux for ARM64-based devices (preview)](mde-linux-arm.md) ## Deployment summary From c83b653a8590ce2b3e1338531cccd2055aea85d3 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 10 Dec 2024 09:41:35 -0800 Subject: [PATCH 4/9] Update comprehensive-guidance-on-linux-deployment.md --- .../comprehensive-guidance-on-linux-deployment.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md index 128e0d357e..c706c74bdf 100644 --- a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md +++ b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md @@ -33,20 +33,17 @@ To learn about other ways to deploy Microsoft Defender for Endpoint on Linux, se ## Deployment summary -Learn about the general guidance on a typical Microsoft Defender for Endpoint on Linux deployment. The applicability of some steps is determined by the requirements of your Linux environment. +Learn about the general guidance on a typical Microsoft Defender for Endpoint on Linux deployment. The applicability of some steps is determined by the requirements of your Linux environment. Some of the steps are optional and aren't specific to Defender for Endpoint; however, consider doing all the steps for best results. 1. [Prepare your network environment](#1-prepare-your-network-environment). 2. [Capture performance data from the endpoint](#2-capture-performance-data-from-the-endpoint). - > [!NOTE] - > Consider doing the following optional items, even though they are not Microsoft Defender for Endpoint specific, they tend to improve performance in Linux systems. - -3. [(Optional) Check for filesystem errors 'fsck' (akin to chkdsk)](#3-optional-check-for-filesystem-errors-fsck-akin-to-chkdsk). +3. (Optional) [Check for filesystem errors 'fsck' (akin to chkdsk)](#3-optional-check-for-filesystem-errors-fsck-akin-to-chkdsk). -4. [(Optional) Update storage subsystem drivers](#4-optional-update-storage-subsystem-drivers). +4. (Optional) [Update storage subsystem drivers](#4-optional-update-storage-subsystem-drivers). -5. [(Optional) Update nic drivers](#5-optional-update-nic-drivers). +5. (Optional) [Update nic drivers](#5-optional-update-nic-drivers). 6. [Confirm system requirements and resource recommendations are met](#6-confirm-system-requirements-and-resource-recommendations-are-met). @@ -86,7 +83,6 @@ Learn about the general guidance on a typical Microsoft Defender for Endpoint on Add the Microsoft Defender for Endpoint URLs and/or IP addresses to the allowed list, and prevent traffic from being SSL inspected. - ### Network connectivity of Microsoft Defender for Endpoint Use the following steps to check the network connectivity of Microsoft Defender for Endpoint: From 2d3bdcedf1d0235a60ac08edf5a31179163e7f7a Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 10 Dec 2024 09:48:04 -0800 Subject: [PATCH 5/9] Update comprehensive-guidance-on-linux-deployment.md --- ...prehensive-guidance-on-linux-deployment.md | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md index c706c74bdf..c944d851bb 100644 --- a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md +++ b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md @@ -87,22 +87,23 @@ Add the Microsoft Defender for Endpoint URLs and/or IP addresses to the allowed Use the following steps to check the network connectivity of Microsoft Defender for Endpoint: -1. See [Step 1: Allow destinations for the Microsoft Defender for Endpoint traffic](#step-1-allow-destinations-for-the-microsoft-defender-for-endpoint-traffic) that are allowed for the Microsoft Defender for Endpoint traffic. +1. See [Allow destinations for the Microsoft Defender for Endpoint traffic](#step-1-allow-destinations-for-the-microsoft-defender-for-endpoint-traffic). -2. If the Linux servers are behind a proxy, then set the proxy settings. For more information, see [Set up proxy settings](#step-2-set-up-proxy-settings). +2. If the Linux servers are behind a proxy, set proxy settings. For more information, see [Set up proxy settings](#step-2-set-up-proxy-settings). 3. Verify that the traffic isn't being inspected by SSL inspection (TLS inspection). This is the most common network related issue when setting up Microsoft Defender Endpoint, see [Verify SSL inspection isn't being performed on the network traffic](#step-3-verify-ssl-inspection-isnt-being-performed-on-the-network-traffic). > [!NOTE] -> - Traffic for Defender for Endpoint should NOT be inspected by SSL inspection (TLS inspection). This applies to all supported operating systems (Windows, Linux, and MacOS). +> - Traffic for Defender for Endpoint should NOT be inspected by SSL inspection (TLS inspection). This applies to all supported operating systems (Windows, Linux, and Mac). > - To allow connectivity to the consolidated set of URLs or IP addresses, ensure your devices are running the latest component versions. See [Onboarding devices using streamlined connectivity for Microsoft Defender for Endpoint](configure-device-connectivity.md) for more information. -For more information see [Troubleshoot cloud connectivity issues](#troubleshoot-cloud-connectivity-issues). +For more information, see [Troubleshoot cloud connectivity issues](#troubleshoot-cloud-connectivity-issues). #### Step 1: Allow destinations for the Microsoft Defender for Endpoint traffic -1. Go to [STEP 1: Configure your network environment to ensure connectivity with Defender for Endpoint service](configure-environment.md) to find the relevant destinations that need to be accessible to devices inside your network environment -2. Configure your Firewall/Proxy/Network to allow the relevant URLs and/or IP addresses +1. See [Configure your network environment to ensure connectivity with Defender for Endpoint service](configure-environment.md) to find the relevant destinations that need to be accessible to devices inside your network environment + +2. Configure your Firewall/Proxy/Network to allow the relevant URLs and/or IP addresses. #### Step 2: Set up proxy settings @@ -122,7 +123,7 @@ The following table lists the supported proxy settings: #### Step 3: Verify SSL inspection isn't being performed on the network traffic -To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You must bypass SSL inspection for Microsoft Defender for Endpoint URLs. For additional information about the certificate pinning process, see [enterprise-certificate-pinning](/windows/security/identity-protection/enterprise-certificate-pinning). +To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You must bypass SSL inspection for Microsoft Defender for Endpoint URLs. For more information about the certificate pinning process, see [enterprise-certificate-pinning](/windows/security/identity-protection/enterprise-certificate-pinning). ##### Troubleshoot cloud connectivity issues @@ -130,7 +131,7 @@ For more information, see [Troubleshooting cloud connectivity issues for Microso ## 2. Capture performance data from the endpoint -Capture performance data from the endpoints that have Defender for Endpoint installed. This includes disk space availability on all mounted partitions, memory usage, process list, and CPU usage (aggregate across all cores). +Capture performance data from the endpoints that have Defender for Endpoint installed. This data includes disk space availability on all mounted partitions, memory usage, process list, and CPU usage (aggregate across all cores). ## 3. (Optional) Check for filesystem errors 'fsck' (akin to chkdsk) @@ -154,11 +155,11 @@ For a detailed list of supported Linux distros, see [System requirements](micros |---|---| |Disk space |Minimum: 2 GB
NOTE: More disk space might be needed if cloud diagnostics are enabled for crash collections. | |RAM |1 GB
4 GB is preferred| -|CPU |If the Linux system is running only one vcpu, we recommend it be increased to two vcpu's
4 cores are preferred | +|CPU |If the Linux system is running only one vcpu, we recommend it be increased to two vcpu's
Four cores are preferred | |OS version|Kernel filter driver|Comments| |---|---|---| -|RHEL 7.x, RHEL 8.x, and RHEL 9.x |No kernel filter driver, the fanotify kernel option must be enabled|akin to Filter Manager (fltmgr, accessible via `fltmc.exe`) in Windows| +|RHEL 7.x, RHEL 8.x, and RHEL 9.x |No kernel filter driver, the `fanotify` kernel option must be enabled|akin to Filter Manager (fltmgr, accessible via `fltmc.exe`) in Windows| ## 7. Add your existing solution to the exclusion list for Microsoft Defender Antivirus This step of the setup process involves adding Defender for Endpoint to the exclusion list for your existing endpoint protection solution and any other security products your organization is using. You can choose from several methods to add your exclusions to Microsoft Defender Antivirus. @@ -166,9 +167,9 @@ This step of the setup process involves adding Defender for Endpoint to the excl > [!TIP] > To get help configuring exclusions, refer to your solution provider's documentation. -- Your ability to run Microsoft Defender for Endpoint on Linux alongside a non-Microsoft antimalware product depends on the implementation details of that product. If the other antimalware product uses fanotify, it has to be uninstalled to eliminate performance and stability side effects resulting from running two conflicting agents. +- Your ability to run Microsoft Defender for Endpoint on Linux alongside a non-Microsoft antimalware product depends on the implementation details of that product. If the other antimalware product uses `fanotify`, it has to be uninstalled to eliminate performance and stability side effects resulting from running two conflicting agents. -- To check if there's a non-Microsoft antimalware that is running FANotify, you can run `mdatp health`, then check the result: +- To check if there's a non-Microsoft antimalware that is running `fanotify`, you can run `mdatp health`, then check the result: :::image type="content" source="media/mdatp-health-result.png" alt-text="Image of mdatp health result"::: @@ -196,7 +197,6 @@ This step of the setup process involves adding Defender for Endpoint to the excl When you add [exclusions to Microsoft Defender Antivirus scans](/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus), you should add path and process exclusions. > [!NOTE] -> > - Antivirus exclusions apply to the antivirus engine. > - Indicators allow/block apply to the antivirus engine. From de7f224c5e66ff08dc1cdb9324709b460784d2ec Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 10 Dec 2024 09:49:20 -0800 Subject: [PATCH 6/9] Update comprehensive-guidance-on-linux-deployment.md --- .../comprehensive-guidance-on-linux-deployment.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md index c944d851bb..2e40009c7f 100644 --- a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md +++ b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md @@ -14,11 +14,14 @@ ms.collection: ms.topic: conceptual ms.subservice: linux search.appverid: met150 -ms.date: 10/28/2024 +ms.date: 12/10/2024 --- # Advanced deployment guidance for Microsoft Defender for Endpoint on Linux +> [!TIP] +> We are excited to share that Microsoft Defender for Endpoint on Linux now extends support for ARM64-based Linux servers in preview! For more information, see [Microsoft Defender for Endpoint on Linux for ARM64-based devices (preview)](mde-linux-arm.md). + This article provides advanced deployment guidance for Microsoft Defender for Endpoint on Linux. You get a brief summary of the deployment steps, learn about the system requirements, then be guided through the actual deployment steps. You'll also learn how to verify that the device has been correctly onboarded. For information about Microsoft Defender for Endpoint capabilities, see [Advanced Microsoft Defender for Endpoint capabilities](#advanced-microsoft-defender-for-endpoint-capabilities). @@ -169,7 +172,7 @@ This step of the setup process involves adding Defender for Endpoint to the excl - Your ability to run Microsoft Defender for Endpoint on Linux alongside a non-Microsoft antimalware product depends on the implementation details of that product. If the other antimalware product uses `fanotify`, it has to be uninstalled to eliminate performance and stability side effects resulting from running two conflicting agents. -- To check if there's a non-Microsoft antimalware that is running `fanotify`, you can run `mdatp health`, then check the result: +- To check if there's a non-Microsoft antimalware that is running `fanotify`, you can run `mdatp health`, then check the results: :::image type="content" source="media/mdatp-health-result.png" alt-text="Image of mdatp health result"::: From d599955b438e7d565f14e03f9e11c83235ceacb4 Mon Sep 17 00:00:00 2001 From: Chris Davis Date: Tue, 10 Dec 2024 10:09:55 -0800 Subject: [PATCH 7/9] Update try-microsoft-defender-for-office-365.md Removed FAQ item per request --- .../try-microsoft-defender-for-office-365.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/defender-office-365/try-microsoft-defender-for-office-365.md b/defender-office-365/try-microsoft-defender-for-office-365.md index 33b446ccaf..47b1bdc59e 100644 --- a/defender-office-365/try-microsoft-defender-for-office-365.md +++ b/defender-office-365/try-microsoft-defender-for-office-365.md @@ -18,7 +18,7 @@ ms.collection: ms.custom: ms.service: defender-office-365 ROBOTS: -ms.date: 4/8/2024 +ms.date: 12/10/2024 --- # Try Microsoft Defender for Office 365 @@ -442,10 +442,6 @@ A: No. The trial automatically provisions Defender for Office 365 Plan 2 license A: See [Extend your trial](/microsoft-365/commerce/try-or-buy-microsoft-365#extend-your-trial). -### Q: Why do I not see options to cancel or extend the trial? - -A: You don't see options to cancel or extend your trial if your subscription is part of the New Commerce Experience (NCE). Currently, only customers on legacy subscriptions have the capability to cancel or extend their trials. - ### Q: What happens to my data after the trial expires? A: After your trial expires, you have access to your trial data (data from features in Defender for Office 365 that you didn't have previously) for 30 days. After this 30 day period, all policies and data that were associated with the Defender for Office 365 trial are deleted. From c84cdf1dbc917a49791d725d469748d793fc81ab Mon Sep 17 00:00:00 2001 From: Ruchika Mittal Date: Wed, 11 Dec 2024 00:11:14 +0530 Subject: [PATCH 8/9] punctuation fix --- defender-endpoint/mde-p1-setup-configuration.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/defender-endpoint/mde-p1-setup-configuration.md b/defender-endpoint/mde-p1-setup-configuration.md index a54bee1d20..46daef806d 100644 --- a/defender-endpoint/mde-p1-setup-configuration.md +++ b/defender-endpoint/mde-p1-setup-configuration.md @@ -63,7 +63,7 @@ The following table lists the basic requirements for Defender for Endpoint Plan > - Microsoft Defender for Endpoint Server > - [Microsoft Defender for Business servers](/defender-business/get-defender-business#how-to-get-microsoft-defender-for-business-servers) (for small and medium-sized businesses) > -> To learn more. see [Defender for Endpoint onboarding Windows Server](onboard-windows-server.md) +> To learn more, see [Defender for Endpoint onboarding Windows Server](onboard-windows-server.md) ## Plan your deployment @@ -78,7 +78,7 @@ When you plan your deployment, you can choose from several different architectur To learn more about your deployment options, see [Plan your Defender for Endpoint deployment](deployment-strategy.md). And, download the following poster: -[:::image type="content" source="/defender/media/defender-endpoint/mde-deployment-strategy.png" alt-text="Screnshot of deployment strategy poster thumbnail.":::](https://download.microsoft.com/download/5/6/0/5609001f-b8ae-412f-89eb-643976f6b79c/mde-deployment-strategy.pdf) +[:::image type="content" source="/defender/media/defender-endpoint/mde-deployment-strategy.png" alt-text="Screenshot of deployment strategy poster thumbnail.":::](https://download.microsoft.com/download/5/6/0/5609001f-b8ae-412f-89eb-643976f6b79c/mde-deployment-strategy.pdf) **[Get the deployment poster](https://download.microsoft.com/download/5/6/0/5609001f-b8ae-412f-89eb-643976f6b79c/mde-deployment-strategy.pdf)** @@ -251,7 +251,7 @@ You can configure Defender for Endpoint to block or allow removable devices and 5. On the **Configuration settings** tab, select **All Settings**. Then in the search box, type `Removable` to see all the settings that pertain to removable devices. -6. Select an item in the list, such as **All Removable Storage classes: Deny all access**, to open its flyout pane. The flyout for each setting explains what happens when it's enabled, disabled, or not configured. Select a setting, and then choose **OK**. +6. Select an item in the list, such as **All Removable Storage classes, Deny all access**, to open its flyout pane. The flyout for each setting explains what happens when it's enabled, disabled, or not configured. Select a setting, and then choose **OK**. 7. Repeat step 6 for each setting that you want to configure. Then choose **Next**. From be757fd22b35339845509b3884603922a0321ae0 Mon Sep 17 00:00:00 2001 From: Ruchika Mittal Date: Wed, 11 Dec 2024 00:15:46 +0530 Subject: [PATCH 9/9] punctuation fix --- defender-endpoint/minimum-requirements.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/defender-endpoint/minimum-requirements.md b/defender-endpoint/minimum-requirements.md index 5cc77a04e0..b92148ec8d 100644 --- a/defender-endpoint/minimum-requirements.md +++ b/defender-endpoint/minimum-requirements.md @@ -27,7 +27,7 @@ search.appverid: met150 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-minreqs-abovefoldlink) -There are some minimum requirements for onboarding devices to the Defender for Endpoint service. Learn about the licensing, hardware and software requirements, and other configuration settings to onboard devices to the service. +There are some minimum requirements for onboarding devices to the Defender for Endpoint service. Learn about the licensing, hardware, and software requirements, and other configuration settings to onboard devices to the service. > [!TIP] > @@ -70,7 +70,7 @@ Devices on your network must be running one of these editions. New features or c > [!IMPORTANT] > Windows 11 Home devices that have been upgraded to one of the below supported editions might require you to run the following command before onboarding: > `DISM /online /Add-Capability /CapabilityName:Microsoft.Windows.Sense.Client~~~~`. -> For more information about edition upgrades and features, see [Features](/windows-hardware/manufacture/desktop/windows-features?view=windows-11&preserve-view=true)) +> For more information about edition upgrades and features, see ([Features](/windows-hardware/manufacture/desktop/windows-features?view=windows-11&preserve-view=true)) - Windows 11 Enterprise - Windows 11 IoT Enterprise @@ -149,7 +149,7 @@ Alternatively, if you must use an IPv6-only configuration, consider adding dynam #### Internet connectivity -Internet connectivity on devices is required either directly or through proxy. +Internet connectivity on devices is required either directly or through a proxy. For more information on other proxy configuration settings, see [Configure device proxy and Internet connectivity settings](configure-proxy-internet.md).