Merge branch 'sensor-version-22.3.8-release' into patch-328

batamig · web-flow · commit 8b64a47972aa · 2023-04-14T10:37:53.000+03:00
diff --git a/articles/defender-for-iot/organizations/concept-supported-protocols.md b/articles/defender-for-iot/organizations/concept-supported-protocols.md
@@ -24,21 +24,22 @@ OT network sensors can detect the following protocols when identifying assets an
 |**Emerson**     |   DeltaV<br> DeltaV - Discovery<br> Emerson OpenBSI/BSAP<br> Ovation DCS ADMD<br>Ovation DCS DPUSTAT<br> Ovation DCS SSRPC      |
 |**Emerson Fischer**     |  ROC       |
 |**Eurocontrol**     |      ASTERIX   |
-|**GE**     | Bentley Nevada (System 1 / BN3500)<br>  EGD<br>  GSM (GE MarkVI and MarkVIe)<br>  SRTP (GE)<br> GE_CMP        |
+|**GE**     | Bentley Nevada (System 1 / BN3500)<br>ClassicSDI (MarkVle) <br>  EGD<br>  GSM (GE MarkVI and MarkVIe)<br>SDI (MarkVle) <br>  SRTP (GE)<br> GE_CMP        |
 |**Generic Applications** | Active Directory<br> RDP<br> Teamviewer<br> VNC<br>  |
 |**Honeywell**     |    ENAP<br> Experion DCS CDA<br> Experion DCS FDA<br> Honeywell EUCN <br> Honeywell Discovery     |
 |**IEC**     |    Codesys V3<br>IEC 60870-5-7 (IEC 62351-3 + IEC 62351-5)<br> IEC 60870-5-101 (encapsulated serial)<br> IEC 60870-5-103 (encapsulated serial)<br> IEC 60870-5-104<br> IEC 60870-5-104 ASDU_APCI<br> IEC 60870 ICCP TASE.2<br>  IEC 61850 GOOSE<br> IEC 61850 MMS<br> IEC 61850 SMV (SAMPLED-VALUES)<br> LonTalk (LonWorks)    |
 |**IEEE**     |     LLC<br> STP<br> VLAN    |
 |**IETF**     |  ARP<br> DHCP<br> DCE RPC<br> DNS<br> FTP (FTP_ADAT<br> FTP_DATA)<br> GSSAPI (RFC2743)<br> HTTP<br> ICMP<br> IPv4<br> IPv6<br> LLDP<br> MDNS<br> NBNS<br> NTLM (NTLMSSP Auth Protocol)<br> RPC<br> SMB / Browse / NBDGM<br> SMB / CIFS<br> SNMP<br> SPNEGO (RFC4178)<br> SSH<br> Syslog<br> TCP<br> Telnet<br> TFTP<br> TPKT<br> UDP       |
-| **InterSite** | add items here |
+| **InterSite** | <!--tbd--> |
 |**ISO**     |  CLNP (ISO 8473)<br> COTP (ISO 8073)<br> ISO Industrial Protocol<br>  MQTT (IEC 20922)       |
 |**Medical**     |ASTM<br> HL7         |
 |**Microsoft**     | Horizon community dissectors<br> Horizon proprietary dissectors (developed by customers)        |
 |**Mitsubishi**     |   Melsoft / Melsec (Mitsubishi Electric)      |
 |**Omron**     |  FINS       |
 |**OPC**     |  UA       |
 |**Oracle**     |   TDS<br> TNS      |
-|**Rockwell Automation**     |   ENIP<br> EtherNet/IP CIP (including Rockwell extension)<br> EtherNet/IP CIP FW version 27 and above      |
+| **Profitnet I/O** | <!--TBD--> |
+|**Rockwell Automation**     |  CSP2<br> ENIP<br> EtherNet/IP CIP (including Rockwell extension)<br> EtherNet/IP CIP FW version 27 and above      |
 |**Samsung** | Samsung TV |
 |**Schneider Electric**     | Modbus/TCP<br> Modbus TCP–Schneider Unity Extensions<br> OASYS (Schneider Electric Telvant)<br> Schneider TSAA        |
 |**Schneider Electric / Invensys**     |   Foxboro Evo<br> Foxboro I/A<br> Trident<br> TriGP<br> TriStation      |
diff --git a/articles/defender-for-iot/organizations/detect-windows-endpoints-script.md b/articles/defender-for-iot/organizations/detect-windows-endpoints-script.md
@@ -43,26 +43,18 @@ The script described in this article is supported for the following Windows oper
 - Windows 10
 - Windows Server 2003/2008/2012/2016/2019
 
-## Download the script
+## Download and run the script
 
-In order to run the script, you first need to download it from the OT sensor console.
+This procedure describes how to deploy and run a script on the Windows workstation and servers that you want to monitor in Defender for IoT.
+
+The script detects enriched Windows data, and is run as a utility and not an installed program. Running the script doesn't affect the endpoint. You may want to deploy the script once, or using ongoing automation, using standard automated deployment methods and tools.
 
 1. Sign into your OT sensor console, and select **System Settings** > **Import Settings** > **Windows Information**.
 
-1. Select **Download script**.
+1. Select **Download script**. For example:
 
     :::image type="content" source="media/detect-windows-endpoints-script/download-wmi-script.png" alt-text="Screenshot of where to download WMI script." lightbox="media/detect-windows-endpoints-script/download-wmi-script.png":::
 
-## Run the script
-
-This procedure describes how to deploy and run the script on the Windows workstation and servers that you want to monitor in Defender for IoT.
-
-The script you run to detect enriched Windows data is run as a utility and not as an installed program. Running the script doesn't affect the endpoint.
-
-1. Deploy the script once, or using ongoing automation, using standard automated deployment methods and tools.
-
-1. Download the WMI script as described [earlier](#download-the-script).
-
 1. Copy the script to a local drive and unzip it. The following files appear:
 
     - `start.bat`
@@ -74,15 +66,15 @@ The script you run to detect enriched Windows data is run as a utility and not a
 
     After the script runs to probe the registry, a CX-snapshot file appears with the registry information. The filename indicates the system name, date, and time of the snapshot with the following syntax: `CX-snaphot_SystemName_Month_Year_Time`
 
-Files generated by the script:
+Files generated by the script include:
 
 - Remain on the local drive until you delete them.
 - Must remain in the same location. Don't separate the generated files.
 - Are overwritten if you run the script again.
 
 ## Import device details
 
-After having run the script as described [earlier](#run-the-script), import the generated data to your sensor to view the device details in the **Device inventory**.
+After having run the script as described [earlier](#download-and-run-the-script), import the generated data to your sensor to view the device details in the **Device inventory**.
 
 **To import device details to your sensor**:
 
@@ -104,7 +96,7 @@ After having run the script as described [earlier](#run-the-script), import the
 
 To preform offline WMI:
 
-1. [Download the script](#download-the-script), then extract it.
+1. [Download the script](#download-and-run-the-script), then extract it.
 
 1. Run `run.bat` as administrator directly on the Windows endpoint.
 
diff --git a/articles/defender-for-iot/organizations/release-notes.md b/articles/defender-for-iot/organizations/release-notes.md
@@ -101,7 +101,7 @@ To understand whether a feature is supported in your sensor version, check the r
 
 **Supported until**: 03/2024
 
-- [Download WMI script from OT sensor console](detect-windows-endpoints-script.md#download-the-script)
+- [Download WMI script from OT sensor console](detect-windows-endpoints-script.md#download-and-run-the-script)
 - [Automatically resolved notifications for operating system changes and device type changes](how-to-work-with-the-sensor-device-map.md#device-notification-responses)
 - [UI enhancements when uploading SSL/TLS certificates](how-to-deploy-certificates.md#deploy-a-certificate-on-an-ot-sensor)
 
diff --git a/articles/defender-for-iot/organizations/whats-new.md b/articles/defender-for-iot/organizations/whats-new.md
@@ -26,9 +26,9 @@ Features released earlier than nine months ago are described in the [What's new
 
 The script used to configure OT sensors to detect Microsoft Windows workstations and servers is now available for download from the OT sensor itself. 
 
-For more information, see [Download the script](detect-windows-endpoints-script.md#download-the-script).
+For more information, see [Download the script](detect-windows-endpoints-script.md#download-and-run-the-script)
 
-### Automatically resolved notifications for operating system changes
+### Automatically resolved OS notifications
 
 After updating your OT sensor to version 22.3.8, no new device notifications for **Operating system changes** are generated. Existing **Operating system changes** notifications are automatically resolved if they aren't dismissed or otherwise handled within 14 days.
 
