Merge pull request #109668 from memildin/asc-melvyn-containerwork

Removed the list of supported OSes - to avoid maintaining it twice

Author: v-shils

articles/security-center/TOC.yml

@@ -153,6 +153,8 @@
       href: security-center-sql-service-recommendations.md
     - name: Protect identity and access
       href: security-center-identity-access.md  
+    - name: Apply disk encryption
+      href: security-center-apply-disk-encryption.md
   - name: Apply cloud defenses
     items:
     - name: Manage just-in-time access
@@ -166,8 +168,6 @@
 
   - name: Archive
     items:
-    - name: Apply disk encryption
-      href: security-center-apply-disk-encryption.md
     - name: Apply system updates
       href: security-center-apply-system-updates.md
     - name: Threat reports

articles/security-center/security-center-apply-disk-encryption.md

@@ -15,46 +15,34 @@ ms.date: 10/28/2018
 ms.author: memildin
 
 ---
+
 # Apply disk encryption in Azure Security Center
-Azure Security Center recommends that you apply disk encryption if you have Windows or Linux VM disks that are not encrypted using Azure Disk Encryption. Disk Encryption lets you encrypt your Windows and Linux IaaS VM disks.  Encryption is recommended for both the OS and data volumes on your VM.
+
+Azure Security Center recommends that you use Azure Disk Encryption on unencrypted disks on both Windows and Linux VM. Disk Encryption lets you encrypt your Windows and Linux IaaS VM disks.  Encryption is recommended for both the OS and data volumes on your VM.
 
 Disk Encryption uses the industry standard [BitLocker](https://technet.microsoft.com/library/cc732774.aspx) feature of Windows and the [DM-Crypt](https://en.wikipedia.org/wiki/Dm-crypt) feature of Linux. These features provide OS and data encryption to help protect and safeguard your data and meet your organizational security and compliance commitments. Disk Encryption is integrated with [Azure Key Vault](https://azure.microsoft.com/documentation/services/key-vault/) to help you control and manage the disk encryption keys and secrets in your Key Vault subscription, while ensuring that all data in the VM disks are encrypted at rest in your [Azure Storage](https://azure.microsoft.com/documentation/services/storage/).
 
-> [!NOTE]
-> Azure Disk Encryption is supported on the following Windows server operating systems - Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2. Disk encryption is supported on the following Linux server operating systems - Ubuntu, CentOS, SUSE, and SUSE Linux Enterprise Server (SLES).
->
->
+For the list of supported versions of Windows and Linux, see [Supported VMs and operating systems](../virtual-machines/windows/disk-encryption-overview.md#supported-vms-and-operating-systems) in the Azure Disk Encryption documentation.
 
 ## Implement the recommendation
-1. In the **Recommendations** blade, select **Apply disk encryption**.
-2. In the **Apply disk encryption** blade, you see a list of VMs for which Disk Encryption is recommended.
+1. In the **Recommendations** page, select **Disk encryption should be applied on virtual machines**.
+2. From the **Unhealthy resources**, select a VM for which Disk Encryption is recommended.
 3. Follow the instructions to apply encryption to these VMs.
 
-![][1]
+![Applying disk encryption](./media/security-center-apply-disk-encryption/apply-disk-encryption.png)
 
 To encrypt Azure Virtual Machines that have been identified by Security Center as needing encryption, we recommend the following steps:
 
 * Install and configure Azure PowerShell. This enables you to run the PowerShell commands required to set up the prerequisites required to encrypt Azure Virtual Machines.
 * Obtain and run the Azure Disk Encryption Prerequisites Azure PowerShell script.
 * Encrypt your virtual machines.
 
-[Encrypt a Windows IaaS VM with Azure PowerShell](../virtual-machines/windows/disk-encryption-powershell-quickstart.md) walks you through these steps. This topic assumes you are using a Windows client machine from which you configure disk encryption.
+[Encrypt a Windows IaaS VM with Azure PowerShell](../virtual-machines/windows/disk-encryption-powershell-quickstart.md) - Walks you through these steps and assumes you are using a Windows client machine from which you can configure disk encryption.
 
-There are many approaches that can be used for Azure Virtual Machines. If you are already well-versed in Azure PowerShell or Azure CLI, then you may prefer to use alternate approaches. To learn about these other approaches, see [Azure disk encryption](../security/fundamentals/encryption-overview.md).
+There are many approaches that can be used for Azure Virtual Machines. If you are already well versed in Azure PowerShell or Azure CLI, then you may prefer to use alternate approaches. To learn about these other approaches, see [Azure disk encryption](../security/fundamentals/encryption-overview.md).
 
 ## See also
-This document showed you how to implement the Security Center recommendation "Apply disk encryption." To learn more about disk encryption, see the following:
-
-* [Encryption and key management with Azure Key Vault](https://azure.microsoft.com/documentation/videos/azurecon-2015-encryption-and-key-management-with-azure-key-vault/) (video, 36 min 39 sec) -- Learn how to use disk encryption management for IaaS VMs and Azure Key Vault to help protect and safeguard your data.
-* [Azure disk encryption](../security/fundamentals/encryption-overview.md) (document) -- Learn how to enable disk encryption for Windows and Linux VMs.
-
-To learn more about Security Center, see the following:
-
-* [Setting security policies in Azure Security Center](tutorial-security-policy.md) -- Learn how to configure security policies.
-* [Security health monitoring in Azure Security Center](security-center-monitoring.md) -- Learn how to monitor the health of your Azure resources.
-* [Managing and responding to security alerts in Azure Security Center](security-center-managing-and-responding-alerts.md) -- Learn how to manage and respond to security alerts.
-* [Managing security recommendations in Azure Security Center](security-center-recommendations.md) -- Learn how recommendations help you protect your Azure resources.
-* [Azure Security blog](https://blogs.msdn.com/b/azuresecurity/) -- Find blog posts about Azure security and compliance.
+This document showed you how to implement the Security Center recommendation "Apply disk encryption." To learn more about disk encryption, see:
 
-<!--Image references-->
-[1]: ./media/security-center-apply-disk-encryption/apply-disk-encryption.png
+* [Encryption and key management with Azure Key Vault](https://azure.microsoft.com/documentation/videos/azurecon-2015-encryption-and-key-management-with-azure-key-vault/) (video, 36 min 39 sec)--Learn how to use disk encryption management for IaaS VMs and Azure Key Vault to help protect and safeguard your data.
+* [Azure disk encryption](../security/fundamentals/encryption-overview.md) (document)--Learn how to enable disk encryption for Windows and Linux VMs.

articles/security-center/security-center-os-coverage.md

@@ -79,7 +79,7 @@ Virtual machines are also created in a customer subscription as part of some Azu
 
 Virtual machines that run in a cloud service are also supported. Only cloud services web and worker roles that run in production slots are monitored. To learn more about cloud services, see [Overview of Azure Cloud Services](../cloud-services/cloud-services-choose-me.md).
 
-Protection for Virtual Machines residing in Azure Stack is also supported. For more information about Security Center’s integration with Azure Stack, see [Onboard your Azure Stack virtual machines to Security Center](https://docs.microsoft.com/azure/security-center/quick-onboard-azure-stack).
+Protection for Virtual Machines residing in Azure Stack is also supported. For more information about Security Center's integration with Azure Stack, see [Onboard your Azure Stack virtual machines to Security Center](https://docs.microsoft.com/azure/security-center/quick-onboard-azure-stack).
 
 ## Next steps