Merge pull request #299010 from MicrosoftDocs/main

Publish to live, Tuesday 4 AM PST, 4/29

Author: ttorble

articles/defender-for-iot/organizations/TOC.yml

@@ -339,7 +339,7 @@
           href: appliance-catalog/dell-poweredge-r360-e1800.md
       - name: Production line
         items:
-        - name: Heptagon YB3x
+        - name: Heptagon Systems YB3x
           href: appliance-catalog/heptagon-yb3x.md
         - name: HPE ProLiant DL20 Gen11 Plus (NHP 2LFF)
           href: appliance-catalog/hpe-proliant-dl20-gen-11-nhp-2lff.md

articles/defender-for-iot/organizations/appliance-catalog/heptagon-yb3x.md

@@ -1,13 +1,13 @@
 ---
-title: Heptagon YB3x for OT monitoring in L100 deployments - Microsoft Defender for IoT
-description: Learn about the YB3x appliance when used for OT monitoring with Microsoft Defender for IoT in L100 deployments.
+title: Heptagon Systems YB3x for OT monitoring in L100 deployments - Microsoft Defender for IoT
+description: Learn about the Heptagon Systems YB3x appliance when used for OT monitoring with Microsoft Defender for IoT in L100 deployments.
 ms.date: 04/01/2024
 ms.topic: reference
 ---
 
-# Heptagon YB3x
+# Heptagon Systems YB3x
 
-This article describes the **Heptagon YB3x** appliance deployment and installation for OT sensors.
+This article describes the **Heptagon Systems YB3x** appliance deployment and installation for OT sensors.
 
 | Appliance characteristic |Details |
 |---------|---------|
@@ -16,9 +16,9 @@ This article describes the **Heptagon YB3x** appliance deployment and installati
 |**Physical specifications** | Ports: 6 x 1-GbE ports|
 |**Status** | Supported, available as preconfigured |
 
-The following image shows a view of the Heptagon YB3x front panel:
+The following image shows a view of the Heptagon Systems YB3x front panel:
 
-:::image type="content" source="media/yb3x.png" alt-text="Picture of the front view of the Heptagon YB3x." border="false":::
+:::image type="content" source="media/yb3x.png" alt-text="Picture of the front view of the Heptagon Systems YB3x." border="false":::
 
 ## Specifications
 
@@ -40,7 +40,7 @@ The following image shows a view of the Heptagon YB3x front panel:
 |Safety |IEC 60950-1, AS/NZS  |
 |EMC |CE, FCC, AS/NZS |
 
-## Heptagon YB3x - Bill of Materials
+## Heptagon Systems YB3x - Bill of Materials
 
 |Description| PN|Quantity|
 |--------------|--------------|---------|
@@ -50,9 +50,9 @@ The following image shows a view of the Heptagon YB3x front panel:
 |8 GB 2,666 MT/s DDR4 ECC Reg CL19 DIMM 1Rx8 Hynix D IDT  | KSM26RS8/8HDI  | 2|
 |Power supply, 110-220 VAC to 12 VDC, 100 W, IP 67, Industrial temp   | PS100-12-IP67  | 1 |
 
-## Heptagon YB3x software setup
+## Heptagon Systems YB3x software setup
 
-This procedure describes how to install Defender for IoT software on the Heptagon YB3x. The installation process takes about 20 minutes. After the installation, the system restarts several times.
+This procedure describes how to install Defender for IoT software on the Heptagon Systems YB3x. The installation process takes about 20 minutes. After the installation, the system restarts several times.
 
 To install Defender for IoT software:
 

articles/defender-for-iot/organizations/appliance-catalog/index.yml

@@ -44,7 +44,7 @@ landingContent:
     linkLists:
       - linkListType: deploy
         links:
-          - text: Heptagon YB3x
+          - text: Heptagon Systems YB3x
             url: heptagon-yb3x.md
           - text: HPE ProLiant DL20 Gen11 Plus (NHP 2LFF)
             url: hpe-proliant-dl20-gen-11-nhp-2lff.md

articles/migrate/toc.yml

@@ -22,7 +22,7 @@ items:
   - name: Supported Geographies
     href: supported-geographies.md
   - name: Security baseline
-    href: /security/benchmark/azure/baselines/azure-migrate-security-baseline
+    href: /security/benchmark/azure/baselines/azure-migrate-security-baseline?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
   - name: Requirements for Private endpoints # Explain about private end points and support requirements 
     href: how-to-use-azure-migrate-with-private-endpoints.md
   - name: Support Matrix
@@ -34,7 +34,7 @@ items:
     - name: Discover VMware estate
       href: ./vmware/tutorial-discover-vmware.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
     - name: Scoped discovery of VMware estate
-      href: set-discovery-scope.md
+      href: ./vmware/set-discovery-scope.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
     - name: Discover Hyper-v estate
       href: tutorial-discover-hyper-v.md
     - name: Discover physical servers and servers running in AWS and GCP
@@ -150,15 +150,15 @@ items:
   - name: Server Migrations
     items: 
     - name: Overview of Migration method
-      href: server-migrate-overview.md
+      href: ./vmware/server-migrate-overview.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
     - name: Agent-based migrations
       items:
       - name: Agent-based migration using portal
         href: ./vmware/tutorial-migrate-vmware-agent.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
     - name: Agentless migrations
       items:
       - name: Agentless migrations using portal
-        href: vmware/tutorial-migrate-vmware.md
+        href: ./vmware/tutorial-migrate-vmware.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
       - name: Agentless migrations using scripts
         href: ./vmware/tutorial-migrate-vmware-powershell.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
 #   - name: Limitations
@@ -187,15 +187,15 @@ items:
         - name: Migrate to Azure Cloud
           href: ./vmware/tutorial-migrate-vmware.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
         - name: Migrate to Azure Local 
-          href: /azure/azure-local/migrate/migration-azure-migrate-vmware-overview?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
+          href: /azure/azure-local/migrate/migration-azure-migrate-vmware-overview.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
     - name: Migrate Hyper-V servers 
       items:
 #       - name: Create Business case and assessment
 #         href: tutorial-assess-hyper-v.md
         - name: Migrate to Azure Cloud
           href: tutorial-migrate-hyper-v.md
         - name: Migrate to Azure Local
-          href: /azure/azure-local/migrate/migration-azure-migrate-overview?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
+          href: /azure/azure-local/migrate/migration-azure-migrate-overview.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
     - name: Migrate physical servers
       items:
         - name: Create Business case and assessment
@@ -246,8 +246,6 @@ items:
         href: tutorial-app-containerization-java-app-service.md
       - name: Modernize ASP.NET web apps to App Service code
         href: tutorial-modernize-asp-net-appservice-code.md
-      - name: Modernize ASP.NET web apps to AKS
-        href: tutorial-modernize-asp-net-aks.md
       - name: CI/CD for Day 2 operations
         href: tutorial-app-containerization-azure-pipeline.md  
 - name: How-to
@@ -270,8 +268,6 @@ items:
         href: how-to-set-up-appliance-physical.md
     - name: Deploy appliance in Azure Government
       href: deploy-appliance-script-government.md
-    - name: Limit discovery scope for servers in VMware environment
-      href: set-discovery-scope.md
     - name: Create least privilege credentials for SQL Server discovery
       href: least-privilege-credentials.md  
     - name: Enable Arc on discovered items
@@ -300,7 +296,7 @@ items:
 #   - name: Scale assessment
       items:
       - name: Assess large number of servers in VMware environment
-        href: scale-vmware-assessment.md
+        href: ./vmware/scale-vmware-assessment.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
       - name: Assess large number of servers in Hyper-V environment
         href: scale-hyper-v-assessment.md
       - name: Assess large numbers of physical servers
@@ -314,7 +310,7 @@ items:
     - name: Prepare Windows 2003 servers for migration
       href: prepare-windows-server-2003-migration.md
     - name: Migrate VMware VMs to encrypted Azure VMs
-      href: how-to-migrate-vmware-vms-with-cmk-disks.md
+      href: ./vmware/how-to-migrate-vmware-vms-with-cmk-disks.md?toc=/azure/migrate/toc.json&bc=/azure/migrate/breadcrumb/toc.json
     - name: Test migration
       href: how-to-test-replicating-virtual-machines.md
     - name: Upgrade Windows OS

articles/site-recovery/replication-appliance-support-matrix.md

@@ -3,7 +3,7 @@ title: Support requirements for Azure Site Recovery replication appliance
 description: This article describes support and requirements when deploying the replication appliance for VMware disaster recovery to Azure with Azure Site Recovery - Modernized
 ms.service: azure-site-recovery
 ms.topic: faq
-ms.date: 04/23/2025
+ms.date: 04/29/2025
 ms.author: ankitadutta
 author: ankitaduttaMSFT
 ---
@@ -37,7 +37,7 @@ Number of disks | 2, including the OS disk - 80 GB and a data disk - 620 GB
 
 **Component** | **Requirement**
 --- | ---
-Operating system | Windows Server 2022
+Operating system | Windows Server 2022 <br><br> **Note**: <br> - Windows Server 2019 appliances will continue to receive software updates. <br> - Upgrading OS on existing Windows server 2019 appliances to Windows Server 2022 is not supported. 
 Operating system locale | English (en-*)
 Windows Server roles | Don't enable these roles: <br> - Active Directory Domain Services <br>- Internet Information Services <br> - Hyper-V
 Group policies | Don't enable these group policies: <br> - Prevent access to the command prompt. <br> - Prevent access to registry editing tools. <br> - Trust logic for file attachments. <br> - Turn on Script Execution. <br> [Learn more](/previous-versions/windows/it-pro/windows-7/gg176671(v=ws.10))
@@ -53,6 +53,7 @@ FIPS (Federal Information Processing Standards) | Don't enable FIPS mode|
 |NIC type | VMXNET3 (if the appliance is a VMware VM)|
 |NAT | Supported |
 
+
 >[!NOTE]
 > To support communication between source machines and replication appliance using multiple subnets, you should select FQDN as the mode of connectivity during the appliance setup. This will allow source machines to use FQDN, along with a list of IP addresses, to communicate with replication appliance. 
 

articles/web-application-firewall/afds/captcha-challenge.md

@@ -0,0 +1,48 @@
+---
+title: Azure Front Door Web Application Firewall CAPTCHA (preview)
+description: Learn about the CAPTCHA feature in Azure Front Door Web Application Firewall (WAF) and how it helps protect your web applications from automated attacks.
+author: halkazwini
+ms.author: halkazwini
+ms.service: azure-web-application-firewall
+ms.topic: concept-article
+ms.date: 04/29/2025
+
+---
+
+# Azure Front Door Web Application Firewall CAPTCHA (preview)
+
+> [!IMPORTANT]
+> Web Application Firewall CAPTCHA on Azure Frond Door is currently in PREVIEW. See the [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) for legal terms that apply to Azure features that are in beta, preview, or otherwise not yet released into general availability.
+
+Azure Web Application Firewall (WAF) offers a CAPTCHA feature designed to differentiate human users from automated bots. This interactive challenge requires suspected traffic to complete a CAPTCHA test, blocking malicious automated requests while allowing legitimate users to proceed seamlessly. As a result, WAF helps protect applications from bot-driven attacks, including brute-force attempts and account takeover risks.
+
+CAPTCHA on Azure WAF is useful in login and sign-up flows where human authentication is crucial to protect sensitive user data. It acts as a strong defense against various automated threats, preventing bots from accessing critical website elements like login pages and forms, and reducing spam by ensuring only real users can submit comments, register accounts, or complete transactions.
+
+Incorporating CAPTCHA into Azure WAF not only enhances security but also minimizes friction for legitimate users. This balance strengthens the overall protection of web applications against sophisticated automated threats.
+
+## How it works
+
+When the CAPTCHA challenge is active on Azure WAF, any client's HTTP(s) request matches a specific rule prompts an interactive Microsoft CAPTCHA page. This challenge requires user participation to verify they're human before their request is validated by Azure WAF. Upon successful completion, WAF recognizes the request as originating from a legitimate user, and proceeds with standard rule processing. Requests that fail to complete the challenge are blocked, thus preventing automated bots from accessing protected resources. 
+
+:::image type="content" source="../media/captcha-challenge/browser-captcha.png" alt-text="Screenshot of Web Application Firewall CAPTCHA in the browser.":::
+
+
+## Expiration 
+
+The WAF **Policy settings** define the CAPTCHA challenge cookie validity lifetime in minutes, determining how long a user remains validated before facing a new challenge. Once the lifetime expires, the user must complete the CAPTCHA challenge again to verify their identity. The lifetime is configurable between 5 and 1,440 minutes, with a default setting of 30 minutes. The CAPTCHA challenge cookie name is `afd_azwaf_captcha` on Azure Front Door.
+
+> [!NOTE]
+> The CAPTCHA challenge expiration cookie is injected into the user’s browser after successfully completing the challenge.
+
+## Limitations 
+
+- **Mobile Apps**: Not supported.
+
+- **AJAX and API calls aren't supported**: CAPTCHA verification doesn't apply to AJAX and API requests.
+
+- **POST body size restriction**: The first request that triggers a CAPTCHA challenge will be blocked if its POST body exceeds 128 KB.
+
+- **Non-HTML embedded resources**: CAPTCHA is designed for HTML resources. Placing CAPTCHA in front of non-HTML resources, such as images, CSS, or JavaScript files, may likely result in issues with content loading and rendering.
+
+- **Browser compatibility**: CAPTCHA isn't supported on Microsoft Internet Explorer. It's compatible with the latest versions of Microsoft Edge, Chrome, Firefox, and Safari.
+

articles/web-application-firewall/media/captcha-challenge/browser-captcha.png

@@ -184,6 +184,8 @@ items:
     href: waf-copilot.md
   - name: JavaScript challenge
     href: waf-javascript-challenge.md
+  - name: CAPTCHA challenge
+    href: ./afds/captcha-challenge.md
 - name: Operational excellence
   items:
   - name: Application Gateway