Merge pull request #239516 from dcurwin/mde-mdc-may28-2023

Fix offboarding section

Author: prmerger-automator[bot]

articles/defender-for-cloud/integration-defender-for-endpoint.md

@@ -48,7 +48,7 @@ The protections include:
 
 - **Threat intelligence**. Defender for Endpoint generates alerts when it identifies attacker tools, techniques, and procedures. It uses data generated by Microsoft threat hunters and security teams, augmented by intelligence provided by partners.
 
-When you integrate Defender for Endpoint with Defender for Cloud, you'll gain access to the benefits from the following extra capabilities:
+When you integrate Defender for Endpoint with Defender for Cloud, you gain access to the benefits from the following extra capabilities:
 
 - **Automated onboarding**. Defender for Cloud automatically enables the Defender for Endpoint sensor on all supported machines connected to Defender for Cloud.
 
@@ -72,9 +72,9 @@ Before you can enable the Microsoft Defender for Endpoint integration with Defen
 
 - Ensure the machine is connected to Azure and the internet as required:
 
-    - **Azure virtual machines (Windows or Linux)** - Configure the network settings described in configure device proxy and internet connectivity settings: [Windows](/microsoft-365/security/defender-endpoint/configure-proxy-internet) or [Linux](/microsoft-365/security/defender-endpoint/linux-static-proxy-configuration).
+  - **Azure virtual machines (Windows or Linux)** - Configure the network settings described in configure device proxy and internet connectivity settings: [Windows](/microsoft-365/security/defender-endpoint/configure-proxy-internet) or [Linux](/microsoft-365/security/defender-endpoint/linux-static-proxy-configuration).
 
-    - **On-premises machines** - Connect your target machines to Azure Arc as explained in [Connect hybrid machines with Azure Arc-enabled servers](../azure-arc/servers/learn/quick-enable-hybrid-vm.md).
+  - **On-premises machines** - Connect your target machines to Azure Arc as explained in [Connect hybrid machines with Azure Arc-enabled servers](../azure-arc/servers/learn/quick-enable-hybrid-vm.md).
 
 - Enable **Microsoft Defender for Servers**. See [Quickstart: Enable Defender for Cloud's enhanced security features](enable-enhanced-security.md).
 
@@ -106,7 +106,7 @@ You'll deploy Defender for Endpoint to your Windows machines in one of two ways
 
 If you've already enabled the integration with **Defender for Endpoint**, you have complete control over when and whether to deploy the MDE unified solution to your **Windows** machines.
 
-To deploy the MDE unified solution, you'll need to use the [REST API call](#enable-the-mde-unified-solution-at-scale) or the Azure portal:
+To deploy the MDE unified solution, you need to use the [REST API call](#enable-the-mde-unified-solution-at-scale) or the Azure portal:
 
 1. From Defender for Cloud's menu, select **Environment settings** and select the subscription with the Windows machines that you want to receive Defender for Endpoint.
 
@@ -119,7 +119,6 @@ To deploy the MDE unified solution, you'll need to use the [REST API call](#enab
 
 1. Select **Fix** to see the components that aren't enabled.
 
-
     :::image type="content" source="./media/integration-defender-for-endpoint/fix-defender-for-endpoint.png" alt-text="Screenshot of Fix button that enables Microsoft Defender for Endpoint support.":::
 
 1. To enable the Unified solution for Windows Server 2012 R2 and 2016 machines, select **Enable**.
@@ -181,7 +180,6 @@ If you've already enabled the integration with **Defender for Endpoint for Windo
 
 1. Select **Fix** to see the components that aren't enabled.
 
-
     :::image type="content" source="./media/integration-defender-for-endpoint/fix-defender-for-endpoint.png" alt-text="Screenshot of Fix button that enables Microsoft Defender for Endpoint support.":::
 
 1. To enable deployment to Linux machines, select **Enable**.
@@ -200,7 +198,6 @@ If you've already enabled the integration with **Defender for Endpoint for Windo
     > [!NOTE]
     > The next time you return to this page of the Azure portal, the **Enable for Linux machines** button won't be shown. To disable the integration for Linux, you'll need to disable it for Windows too by clearing the checkbox for **Allow Microsoft Defender for Endpoint to access my data**, and selecting **Save**.
 
-
 1. To verify installation of Defender for Endpoint on a Linux machine, run the following shell command on your machines:
 
     `mdatp health`
@@ -312,6 +309,7 @@ For endpoints running Windows:
     ```powershell
     powershell.exe -NoExit -ExecutionPolicy Bypass -WindowStyle Hidden (New-Object System.Net.WebClient).DownloadFile('http://127.0.0.1/1.exe', 'C:\\test-MDATP-test\\invoice.exe'); Start-Process 'C:\\test-MDATP-test\\invoice.exe'
     ```
+
     :::image type="content" source="./media/integration-defender-for-endpoint/generate-edr-alert.png" alt-text="A command prompt window with the command to generate a test alert.":::
 
     If the command is successful, you'll see a new alert on the workload protection dashboard and the Microsoft Defender for Endpoint portal. This alert might take a few minutes to appear.
@@ -373,7 +371,7 @@ Defender for Cloud automatically deploys the extension to machines running:
 - Linux.
 
 > [!IMPORTANT]
-> If you delete the MDE.Windows/MDE.Linux extension, it will not remove Microsoft Defender for Endpoint. to 'offboard', see [Offboard Windows servers.](/microsoft-365/security/defender-endpoint/configure-server-endpoints).
+> If you delete the MDE.Windows/MDE.Linux extension, it will not remove Microsoft Defender for Endpoint. To offboard the machine, see [Offboard Windows servers.](/microsoft-365/security/defender-endpoint/configure-server-endpoints#offboard-windows-servers).
 
 ### I enabled the solution but the `MDE.Windows`/`MDE.Linux` extension isn't showing on my machine
 
@@ -391,6 +389,7 @@ Licenses for Defender for Endpoint for servers are included with **Microsoft Def
 ### Do I need to buy a separate anti-malware solution to protect my machines?
 
 No. With MDE integration in Defender for Servers, you'll also get malware protection on your machines.
+
 - On Windows Server 2012 R2 with MDE unified solution integration enabled, Defender for Servers will deploy [Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows) in *active mode*.
 - On newer Windows Server operating systems, Microsoft Defender Antivirus is part of the operating system and will be enabled in *active mode*.
 - On Linux, Defender for Servers will deploy MDE including the anti-malware component, and set the component in *passive mode*.