Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into remote-config

Author: batamig

articles/defender-for-cloud/integration-defender-for-endpoint.md

@@ -95,7 +95,7 @@ Before you can enable the Microsoft Defender for Endpoint integration with Defen
 
 #### Windows
 
-[The MDE unified solution](/microsoft-365/security/defender-endpoint/configure-server-endpoints#new-windows-server-2012-r2-and-2016-functionality-in-the-modern-unified-solution) doesn't use or require installation of the Log Analytics agent. The unified solution is automatically deployed for Windows servers connected through Azure Arc and multicloud servers connected through the multicloud connectors. However, the unified solution isn't automatically deployed for Azure Windows 2012 R2 and 2016 servers that are protected by Defender for Servers Plan 2. You can choose to deploy the MDE unified solution to those machines.
+[The MDE unified solution](/microsoft-365/security/defender-endpoint/configure-server-endpoints#new-windows-server-2012-r2-and-2016-functionality-in-the-modern-unified-solution) doesn't use or require installation of the Log Analytics agent. The unified solution is automatically deployed for Azure Windows 2012 R2 and 2016 servers, Windows servers connected through Azure Arc, and Windows multicloud servers connected through the multicloud connectors.
 
 You'll deploy Defender for Endpoint to your Windows machines in one of two ways - depending on whether you've already deployed it to your Windows machines:
 
@@ -110,43 +110,45 @@ To deploy the MDE unified solution, you'll need to use the [REST API call](#enab
 
 1. From Defender for Cloud's menu, select **Environment settings** and select the subscription with the Windows machines that you want to receive Defender for Endpoint.
 
-1. Select **Integrations**. You'll know that the integration is enabled if the checkbox for **Allow Microsoft Defender for Endpoint to access my data** is selected as shown:
+1. In the Monitoring coverage column of the Defender for Servers plan, select **Settings**.
 
-    :::image type="content" source="media/integration-defender-for-endpoint/unified-solution-enabled.png" alt-text="The integration between Microsoft Defender for Cloud and Microsoft's EDR solution, Microsoft Defender for Endpoint, is enabled." lightbox="media/integration-defender-for-endpoint/unified-solution-enabled.png":::
+    The status of the Endpoint protections component is **Partial**, meaning that not all parts of the component are enabled.
 
     > [!NOTE]
-    > If it isn't selected, use the instructions in [Users who've never enabled the integration with Microsoft Defender for Endpoint for Windows](#users-who-never-enabled-the-integration-with-microsoft-defender-for-endpoint-for-windows).
+    > If the status is **Off**, use the instructions in [Users who've never enabled the integration with Microsoft Defender for Endpoint for Windows](#users-who-never-enabled-the-integration-with-microsoft-defender-for-endpoint-for-windows).
 
-1. To deploy the MDE unified solution to your Windows Server 2012 R2 and 2016 machines:
+1. Select **Fix** to see the components that are not enabled.
 
-    1. Select **Enable unified solution**.
-    1. Select **Save**.
-    1. In the confirmation prompt, verify the information and select **Enable** to continue.
 
-    :::image type="content" source="./media/integration-defender-for-endpoint/enable-unified-solution-result.png" alt-text="Confirming the use of the MDE unified solution for Windows Server 2012 R2 and 2016 machines":::
+    :::image type="content" source="./media/integration-defender-for-endpoint/fix-defender-for-endpoint.png" alt-text="Screenshot of Fix button that enables Microsoft Defender for Endpoint support.":::
 
-    Microsoft Defender for Cloud will:
+1. To enable the Unified solution for Windows Server 2012 R2 and 2016 machines, select **Enable**.
 
-    - Stop the existing MDE process in the Log Analytics agent that collects data for Defender for Servers.
-    - Install the MDE unified solution for all existing and new Windows Server 2012 R2 and 2016 machines.
-    - Remove the **Enable unified solution** from the Integrations options.
+    :::image type="content" source="./media/integration-defender-for-endpoint/enable-defender-for-endpoint-unified.png" alt-text="Screenshot of enabling the use of the MDE unified solution for Windows Server 2012 R2 and 2016 machines.":::
 
-    Microsoft Defender for Cloud will automatically onboard your machines to Microsoft Defender for Endpoint. Onboarding might take up to 12 hours. For new machines created after the integration has been enabled, onboarding takes up to an hour.
+1. To save the changes, select **Save** at the top of the page and then select **Continue** in the Settings and monitoring page.
 
-    > [!NOTE]
-    > If you choose not to deploy the MDE unified solution to your Windows 2012 R2 and 2016 servers in Defender for Servers Plan 2 and then downgrade Defender for Servers to Plan 1, the MDE unified solution is not deployed to those servers so that your existing deployment is not changed without your explicit consent.
+Microsoft Defender for Cloud will:
+
+- Stop the existing MDE process in the Log Analytics agent that collects data for Defender for Servers.
+- Install the MDE unified solution for all existing and new Windows Server 2012 R2 and 2016 machines.
+
+Microsoft Defender for Cloud will automatically onboard your machines to Microsoft Defender for Endpoint. Onboarding might take up to 12 hours. For new machines created after the integration has been enabled, onboarding takes up to an hour.
+
+> [!NOTE]
+> If you choose not to deploy the MDE unified solution to your Windows 2012 R2 and 2016 servers in Defender for Servers Plan 2 and then downgrade Defender for Servers to Plan 1, the MDE unified solution is not deployed to those servers so that your existing deployment is not changed without your explicit consent.
 
 ##### Users who never enabled the integration with Microsoft Defender for Endpoint for Windows
 
-If you've never enabled the integration for Windows, the **Allow Microsoft Defender for Endpoint to access my data** option will enable Defender for Cloud to deploy Defender for Endpoint to *both* your Windows and Linux machines.
+If you've never enabled the integration for Windows, Endpoint protection enables Defender for Cloud to deploy Defender for Endpoint to *both* your Windows and Linux machines.
 
 To deploy the MDE unified solution, you'll need to use the [REST API call](#enable-the-mde-unified-solution-at-scale) or the Azure portal:
 
 1. From Defender for Cloud's menu, select **Environment settings** and select the subscription with the machines that you want to receive Defender for Endpoint.
 
-1. Select **Integrations**.
+1. In the status of the Endpoint protection component, select **On** to enable the integration with Microsoft Defender for Endpoint.
 
-1. Select **Allow Microsoft Defender for Endpoint to access my data**, and select **Save**.
+    :::image type="content" source="media/integration-defender-for-endpoint/enable-defender-for-endpoint.png" alt-text="Screenshot of Status toggle that enables Microsoft Defender for Endpoint." lightbox="media/integration-defender-for-endpoint/enable-defender-for-endpoint.png":::
 
 The MDE agent unified solution is deployed to all of the machines in the selected subscription.
 
@@ -163,20 +165,23 @@ If you've already enabled the integration with **Defender for Endpoint for Windo
 
 1. From Defender for Cloud's menu, select **Environment settings** and select the subscription with the Linux machines that you want to receive Defender for Endpoint.
 
-1. Select **Integrations**. You'll know that the integration is enabled, if the checkbox for **Allow Microsoft Defender for Endpoint to access my data** is selected as shown:
+1. In the Monitoring coverage column of the Defender for Server plan, select **Settings**.
 
-    :::image type="content" source="./media/integration-defender-for-endpoint/integration-enabled.png" alt-text="The integration between Microsoft Defender for Cloud and Microsoft's EDR solution, Microsoft Defender for Endpoint is enabled":::
+    The status of the Endpoint protections component is **Partial**, meaning that not all parts of the component are enabled.
 
     > [!NOTE]
-    > If it isn't selected, use the instructions in [New users who've never enabled the integration with Microsoft Defender for Endpoint for Windows](#new-users-who-never-enabled-the-integration-with-microsoft-defender-for-endpoint-for-windows).
+    > If the status is **Off** isn't selected, use the instructions in [Users who've never enabled the integration with Microsoft Defender for Endpoint for Windows](#users-who-never-enabled-the-integration-with-microsoft-defender-for-endpoint-for-windows).
 
-1. To add your Linux machines to your integration:
+1. Select **Fix** to see the components that are not enabled.
 
-    1. Select **Enable for Linux machines**.
-    1. Select **Save**.
-    1. In the confirmation prompt, verify the information and select **Enable** to continue.
 
-    :::image type="content" source="./media/integration-defender-for-endpoint/enable-for-linux-result.png" alt-text="Confirming the integration between Defender for Cloud and Microsoft's EDR solution, Microsoft Defender for Endpoint for Linux":::
+    :::image type="content" source="./media/integration-defender-for-endpoint/fix-defender-for-endpoint.png" alt-text="Screenshot of Fix button that enables Microsoft Defender for Endpoint support.":::
+
+1. To enable deployment to Linux machines, select **Enable**.
+
+    :::image type="content" source="./media/integration-defender-for-endpoint/enable-defender-for-endpoint-linux.png" alt-text="Screenshot of enabling the integration between Defender for Cloud and Microsoft's EDR solution, Microsoft Defender for Endpoint for Linux.":::
+
+1. To save the changes, select **Save** at the top of the page and then select **Continue** in the Settings and monitoring page.
 
     Microsoft Defender for Cloud will:
 
@@ -204,13 +209,13 @@ If you've already enabled the integration with **Defender for Endpoint for Windo
 
 ##### New users who never enabled the integration with Microsoft Defender for Endpoint for Windows
 
-If you've never enabled the integration for Windows, the **Allow Microsoft Defender for Endpoint to access my data** option will enable Defender for Cloud to deploy Defender for Endpoint to *both* your Windows and Linux machines.
+If you've never enabled the integration for Windows, endpoint protection enables Defender for Cloud to deploy Defender for Endpoint to *both* your Windows and Linux machines.
 
 1. From Defender for Cloud's menu, select **Environment settings** and select the subscription with the Linux machines that you want to receive Defender for Endpoint.
 
-1. Select **Integrations**.
+1. In the status of the Endpoint protection component, select **On** to enable the integration with Microsoft Defender for Endpoint.
 
-1. Select **Allow Microsoft Defender for Endpoint to access my data**, and select **Save**.
+    :::image type="content" source="media/integration-defender-for-endpoint/enable-defender-for-endpoint.png" alt-text="Screenshot of Status toggle that enables Microsoft Defender for Endpoint." lightbox="media/integration-defender-for-endpoint/enable-defender-for-endpoint.png":::
 
     Microsoft Defender for Cloud will: