MicrosoftDocs
diff --git a/‎articles/active-directory/fundamentals/active-directory-deployment-plans.md
Lines changed: 8 additions & 8 deletions b/‎articles/active-directory/fundamentals/active-directory-deployment-plans.md
Lines changed: 8 additions & 8 deletions
diff --git a/‎articles/active-directory/manage-apps/end-user-experiences.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/manage-apps/end-user-experiences.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/manage-apps/secure-hybrid-access.md
Lines changed: 62 additions & 36 deletions b/‎articles/active-directory/manage-apps/secure-hybrid-access.md
Lines changed: 62 additions & 36 deletions
diff --git a/‎articles/azure-functions/dotnet-isolated-process-guide.md
Lines changed: 2 additions & 2 deletions b/‎articles/azure-functions/dotnet-isolated-process-guide.md
Lines changed: 2 additions & 2 deletions
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: fundamentals
 ms.workload: identity
 ms.topic: conceptual
-ms.date: 01/06/2023
+ms.date: 01/17/2023
 ms.author: gasinh
 ms.custom: "it-pro, seodec18"
 ms.collection: M365-identity-device-management
@@ -54,7 +54,7 @@ Use the following list to plan for authentication deployment.
   * See, [What is Conditional Access?](../conditional-access/overview.md)
   * See, [Plan a Conditional Access deployment](../conditional-access/plan-conditional-access.md)
 * **Azure AD self-service password reset (SSPR)** - Help users reset a password without administrator intervention:
-  * See, [Passwordless authentication options for Azure AD](/articles/active-directory/authentication/concept-authentication-passwordless.md)
+  * See, [Passwordless authentication options for Azure AD](../authentication/concept-authentication-passwordless.md)
   * See, [Plan an Azure Active Directory self-service password reset deployment](../authentication/howto-sspr-deployment.md) 
 * **Passordless authentication** - Implement passwordless authentication using the Microsoft Authenticator app or FIDO2 Security keys:
   * See, [Enable passwordless sign-in with Microsoft Authenticator](../authentication/howto-authentication-passwordless-phone.md)
@@ -65,7 +65,7 @@ Use the following list to plan for authentication deployment.
 Use the following list to help deploy applications and devices.
 
 * **Single sign-on (SSO)** - Enable user access to apps and resources while signing in once, without being required to enter credentials again: 
-  * See, [What is SSO in Azure AD?](/articles/active-directory/manage-apps/what-is-single-sign-on.md)
+  * See, [What is SSO in Azure AD?](../manage-apps/what-is-single-sign-on.md)
   * See, [Plan a SSO deployment](../manage-apps/plan-sso-deployment.md)
 * **My Apps portal** - A web-based portal to discover and access applications. Enable user productivity with self-service, for instance requesting access to groups, or managing access to resources on behalf of others. 
   * See, [My Apps portal overview](../manage-apps/myapps-overview.md)
@@ -77,14 +77,14 @@ Use the following list to help deploy applications and devices.
 The following list describes features and services for productivity gains in hybrid scenarios.
 
 * **Active Directory Federation Services (AD FS)** - Migrate user authentication from federation to cloud with pass-through authentication or password hash sync:
-  *  See, [What is federation with Azure AD?](/articles/active-directory/hybrid/whatis-fed.md)
+  *  See, [What is federation with Azure AD?](../hybrid/whatis-fed.md)
   *  See, [Migrate from federation to cloud authentication](../hybrid/migrate-from-federation-to-cloud-authentication.md)
 * **Azure AD Application Proxy** - Enable employees to be productive at any place or time, and from a device. Learn about software as a service (SaaS) apps in the cloud and corporate apps on-premises. Azure AD Application Proxy enables access without virtual private networks (VPNs) or demilitarized zones (DMZs):
-  * See, [Remote access to on-premises applications through Azure AD Application Proxy](/articles/active-directory/app-proxy/application-proxy.md)
+  * See, [Remote access to on-premises applications through Azure AD Application Proxy](../app-proxy/application-proxy.md)
   * See, [Plan an Azure AD Application Proxy deployment](../app-proxy/application-proxy-deployment-plan.md)
 * **Seamless single sign-on (Seamless SSO)** - Use Seamless SSO for user sign-in, on corporate devices connected to a corporate network. Users don't need to enter passwords to sign in to Azure AD, and usually don't need to enter usernames. Authorized users access cloud-based apps without extra on-premises components:
   * See, [Azure Active Directory SSO: Quickstart](../hybrid/how-to-connect-sso-quick-start.md) 
-  * See, [Azure Active Directory Seamless SSO: Technical deep dive](/articles/active-directory/hybrid/how-to-connect-sso-how-it-works.md)
+  * See, [Azure Active Directory Seamless SSO: Technical deep dive](../hybrid/how-to-connect-sso-how-it-works.md)
 
 ## Users
 
@@ -108,7 +108,7 @@ Learn more: [Secure access for a connected world—meet Microsoft Entra](https:/
 * **Reporting and monitoring** - Your Azure AD reporting and monitoring solution design has dependencies and constraints: legal, security, operations, environment, and processes. 
   * See, [Azure Active Directory reporting and monitoring deployment dependencies](../reports-monitoring/plan-monitoring-and-reporting.md)
 * **Access reviews** - Understand and manage access to resources:
-  * See, [What are access reviews?](/articles/active-directory/governance/access-reviews-overview.md)
+  * See, [What are access reviews?](../governance/access-reviews-overview.md)
   * See, [Plan a Microsoft Entra access reviews deployment](../governance/deploy-access-reviews.md)  
 * **Identity governance** - Meet your compliance and risk management objectives for access to critical applications. Learn how to enforce accurate access.
   * See, [Govern access for applications in your environment](../governance/identity-governance-applications-prepare.md)
@@ -127,4 +127,4 @@ In your first phase, target IT, usability, and other users who can test and prov
 
 Widen the pilot to larger groups of users by using dynamic membership, or by manually adding users to the targeted group(s).
 
-Learn more: [Dynamic membership rules for groups in Azure Active Directory](../enterprise-users/groups-dynamic-membership.md)]
+Learn more: [Dynamic membership rules for groups in Azure Active Directory](../enterprise-users/groups-dynamic-membership.md)
@@ -69,7 +69,7 @@ As an admin, you can choose to try out new app launcher features while they are
 
 To enable or disable previews for your app launchers:
 
-- Sign in to the Azure portal as a global administrator for your directory.
+- Sign in to the Azure portal as a global administrator, application administrator or cloud application administrator for your directory.
 - Search for and select **Azure Active Directory**, then select **Enterprise applications**.
 - On the left menu, select **App launchers**, then select **Settings**.
 - Under **Preview settings**, toggle the checkboxes for the previews you want to enable or disable. To opt into a preview, toggle the associated checkbox to the checked state. To opt out of a preview, toggle the associated checkbox to the unchecked state.
 
@@ -1,75 +1,101 @@
 ---
-title: Secure hybrid access
-description: This article describes partner solutions for integrating your legacy on-premises, public cloud, or private cloud applications with Azure AD.
+title: Secure hybrid access, protect legacy apps with Azure Active Directory
+description: Find partner solutions to integrate your legacy on-premises, public cloud, or private cloud applications with Azure AD.
 services: active-directory
 author: gargi-sinha
 manager: martinco
 ms.service: active-directory
 ms.subservice: app-mgmt
 ms.topic: how-to
 ms.workload: identity
-ms.date: 8/17/2021
+ms.date: 01/17/2023
 ms.author: gasinh
 ms.collection: M365-identity-device-management
 ---
-# Secure hybrid access: Secure legacy apps with Azure Active Directory
+# Secure hybrid access: Protect legacy apps with Azure Active Directory
 
-You can now protect your on-premises and cloud legacy authentication applications by connecting them to Azure Active Directory (AD) with:
+In this article, learn to protect your on-premises and cloud legacy authentication applications by connecting them to Azure Active Directory (Azure AD).
 
-- [Azure AD Application Proxy](#secure-hybrid-access-through-azure-ad-application-proxy)
+* **Application Proxy**:
+  * Protect users, apps, and data in the cloud and on-premises 
+  * Use it to publish on-premises web applications externally
+  * [Remote access to on-premises applications through Azure AD Application Proxy](../app-proxy/application-proxy.md)
+* **Secure hybrid access through Azure AD partner integrations**:
+  * Pre-built solutions
+  * Conditional Access policies per application
+  * [What is Conditional Access?](../conditional-access/overview.md)
+  * Azure AD integration documentation
 
-- [Secure hybrid access: Secure legacy apps with Azure Active Directory](#secure-hybrid-access-secure-legacy-apps-with-azure-active-directory)
-  - [Secure hybrid access through Azure AD Application Proxy](#secure-hybrid-access-through-azure-ad-application-proxy)
-  - [Secure hybrid access through Azure AD partner integrations](#secure-hybrid-access-through-azure-ad-partner-integrations)
+In addition to Application Proxy, you can strengthen your security posture with Identity Protection. 
 
-You can bridge the gap and strengthen your security posture across all applications with Azure AD capabilities like [Azure AD Conditional Access](../conditional-access/overview.md) and [Azure AD Identity Protection](../identity-protection/overview-identity-protection.md). By having Azure AD as an Identity provider (IDP), you can use modern authentication and authorization methods like [single sign-on (SSO)](what-is-single-sign-on.md) and [multifactor authentication (MFA)](../authentication/concept-mfa-howitworks.md) to secure your on-premises legacy applications.
+Learn more:
 
-## Secure hybrid access through Azure AD Application Proxy
+* [What is Identity Protection?](../identity-protection/overview-identity-protection.md)
+* [Using Azure AD Application Proxy to publish on-premises apps for remote users](../app-proxy/what-is-application-proxy.md)
 
-Using [Application Proxy](../app-proxy/what-is-application-proxy.md) you can provide [secure remote access](../app-proxy/application-proxy-add-on-premises-application.md) to your on-premises web applications. Your users don’t need to use a VPN. Users benefit by easily connecting to their applications from any device after a [SSO](../app-proxy/application-proxy-config-sso-how-to.md#how-to-configure-single-sign-on). Application Proxy provides remote access as a service and allows you to [easily publish your applications](../app-proxy/application-proxy-add-on-premises-application.md) to users outside the corporate network. It helps you scale your cloud access management without requiring you to modify your on-premises applications. [Plan an Azure AD Application Proxy](../app-proxy/application-proxy-deployment-plan.md) deployment as a next step.
+## Single sign-on and multi-factor authentication
 
-## Secure hybrid access through Azure AD partner integrations
+With Azure AD as an identity provider (IdP), you can use modern authentication and authorization methods like single sign-on (SSO) and Azure AD Multi-Factor Authentication (MFA) to secure legacy, on-premises applications.
 
-In addition to [Azure AD Application Proxy](../app-proxy/what-is-application-proxy.md), Microsoft partners with third-party providers to enable secure access to your on-premises applications and applications that use legacy authentication.
+Learn more:
 
-![Illustration of Secure Hybrid Access partner integrations and Application Proxy providing access to legacy and on-premises applications after authentication with Azure AD.](./media/secure-hybrid-access/secure-hybrid-access.png)
+* [What is SSO in Azure Active Directory?](what-is-single-sign-on.md)
+* [How it works: Azure AD Multi-Factor Authentication](../authentication/concept-mfa-howitworks.md)
 
-The following partners offer pre-built solutions to support **conditional access policies per application** and provide detailed guidance for integrating with Azure AD.
+## Secure hybrid access with Application Proxy
 
-- [Akamai Enterprise Application Access](../saas-apps/akamai-tutorial.md)
+Use Application Proxy to protect users, apps, and data in the cloud, and on premises. Use this tool for secure remote access to on-premises web applications. Users don’t need to use a virtual private network (VPN); they connect to applications from devices with SSO. 
 
-- [Citrix Application Delivery Controller (ADC)](../saas-apps/citrix-netscaler-tutorial.md)
+Learn more:
 
-- [Datawiza Access Broker](../manage-apps/datawiza-with-azure-ad.md)
+* [Remote access to on-premises applications through Azure AD Application Proxy](../app-proxy/application-proxy.md)
+* [Tutorial: Add an on-premises application for remote access through Application Proxy in Azure AD](../app-proxy/application-proxy-add-on-premises-application.md)
+* [How to configure SSO to an Application Proxy application](../app-proxy/application-proxy-config-sso-how-to.md)
+* [Using Azure AD Application Proxy to publish on-premises apps for remote users](../app-proxy/what-is-application-proxy.md)
 
-- [F5 BIG-IP APM (ADC)](../manage-apps/f5-aad-integration.md)
+### Application publishing and access management
 
-- [F5 BIG-IP APM VPN](../manage-apps/f5-aad-password-less-vpn.md)
+Use Application Proxy remote access as a service to publish applications to users outside the corporate network. Help improve your cloud access management without requiring modification to your on-premises applications.
 
-- [Kemp](../saas-apps/kemp-tutorial.md)
+Learn more:
 
-- [Perimeter 81](../saas-apps/perimeter-81-tutorial.md)
+* [Tutorial: Add an on-premises application for remote access through Application Proxy in Azure AD](../app-proxy/application-proxy-add-on-premises-application.md)
+* [Plan an Azure AD Application Proxy deployment](../app-proxy/application-proxy-deployment-plan.md)
 
-- [Silverfort Authentication Platform](../manage-apps/silverfort-azure-ad-integration.md)
+## Partner integrations for apps: on-premises and legacy authentication
 
-- [Strata](../saas-apps/maverics-identity-orchestrator-saml-connector-tutorial.md)
+Microsoft partners with various companies that deliver pre-built solutions for on-premises applications, and applications that use legacy authentication. The following diagram illustrates a user flow from sign-in to secure access to apps and data.
 
-The following partners offer pre-built solutions and detailed guidance for integrating with Azure AD.
+   ![Diagram of secure hybrid access integrations and Application Proxy providing user access.](./media/secure-hybrid-access/secure-hybrid-access.png)
 
-- [AWS](../saas-apps/aws-clientvpn-tutorial.md)
+### Secure hybrid access through Azure AD partner integrations
 
-- [Check Point](../saas-apps/check-point-remote-access-vpn-tutorial.md)
+The following partners offer solutions to support Conditional Access policies per application. Use the tables in the following two sections to learn about the partners and Azure AD integration documentation.
 
-- [Cisco AnyConnect](../saas-apps/cisco-anyconnect.md)
+Learn more: [What is Conditional Access?](../conditional-access/overview.md)
 
-- [Cloudflare](../manage-apps/cloudflare-azure-ad-integration.md)
+|Partner company site|Integration documentation|
+|---|---|
+|[Akamai Technologies](https://www.akamai.com/)|[Tutorial: Azure AD SSO integration with Akamai](../saas-apps/akamai-tutorial.md)|
+|[Citrix Systems, Inc.](https://www.citrix.com/)|[Tutorial: Azure AD SSO integration with Citrix ADC SAML Connector for Azure AD (Kerberos-based authentication)](../saas-apps/citrix-netscaler-tutorial.md)|
+|[Datawiza](https://www.datawiza.com/)|[Tutorial: Configure Secure Hybrid Access with Azure AD and Datawiza](datawiza-with-azure-ad.md)|
+|[F5, Inc.](https://www.f5.com/)|[Integrate F5 BIG-IP with Azure AD](f5-aad-integration.md)</br>[Tutorial: Configure F5 BIG-IP SSL-VPN for Azure AD SSO](f5-aad-password-less-vpn.md)|
+|[Progress Software Corporation, Progress Kemp](https://support.kemptechnologies.com/hc)|[Tutorial: Azure AD SSO integration with Kemp LoadMaster Azure AD integration](../saas-apps/kemp-tutorial.md)|
+|[Perimeter 81 Ltd.]()|[Tutorial: Azure AD SSO integration with Perimeter 81](../saas-apps/perimeter-81-tutorial.md)|
+|[Silverfort](https://www.silverfort.com/)|[Tutorial: Configure Secure Hybrid Access with Azure AD and Silverfort](silverfort-azure-ad-integration.md)|
+|[Strata Identity, Inc.](https://www.strata.io/)|[Integrate Azure AD SSO with Maverics Identity Orchestrator SAML Connector](../saas-apps/maverics-identity-orchestrator-saml-connector-tutorial.md)|
 
-- [Fortinet](../saas-apps/fortigate-ssl-vpn-tutorial.md)
+### Partners with pre-built solutions and integration documentation
 
-- [Palo Alto Networks Global Protect](../saas-apps/paloaltoadmin-tutorial.md)
+|Partner company site|Integration documentation|
+|---|---|
+|[Amazon Web Service, Inc.](https://aws.amazon.com/)|[Tutorial: Azure AD SSO integration with AWS ClientVPN](../saas-apps/aws-clientvpn-tutorial.md)|
+|[Check Point Software Technologies Ltd.](https://www.checkpoint.com/)|[Tutorial: Azure AD single SSO integration with Check Point Remote Secure Access VPN](../saas-apps/check-point-remote-access-vpn-tutorial.md)|
+|[Cisco Systems, Inc.](https://www.cisco.com/)|[Tutorial: Azure AD SSO integration with Cisco AnyConnect](../saas-apps/cisco-anyconnect.md)|
+|[Cloudflare, Inc.](https://www.cloudflare.com/)|[Tutorial: Configure Cloudflare with Azure AD for secure hybrid access](cloudflare-azure-ad-integration.md)|
+|[Fortinet, Inc.](https://www.fortinet.com/)|[Tutorial: Azure AD SSO integration with FortiGate SSL VPN](../saas-apps/fortigate-ssl-vpn-tutorial.md)|
+|[Palo Alto Networks](https://www.paloaltonetworks.com/)|[Tutorial: Azure AD SSO integration with Palo Alto Networks Admin UI](../saas-apps/paloaltoadmin-tutorial.md)|
+|[Pulse Secure, Acquired by Ivanti](https://www.pulsesecure.net/)|[Tutorial: Azure AD SSO integration with Pulse Connect Secure (PCS)](../saas-apps/pulse-secure-pcs-tutorial.md)</br>[Tutorial: Azure AD SSO integration with Pulse Secure Virtual Traffic Manager](../saas-apps/pulse-secure-virtual-traffic-manager-tutorial.md)</br>**Note**: Pulse Secure is part of Ivanti. See, [Ivanti, Pulse Secure](https://www.ivanti.com/company/history/pulse-secure?psredirect)|
 
-- [Pulse Secure Pulse Connect Secure (PCS)](../saas-apps/pulse-secure-pcs-tutorial.md)
+|[Zsclaer, Inc.](https://www.zscaler.com/)|[Tutorial: Integrate Zscaler Private Access with Azure AD](../saas-apps/zscalerprivateaccess-tutorial.md)|
 
-- [Pulse Secure Virtual Traffic Manager (VTM)](../saas-apps/pulse-secure-virtual-traffic-manager-tutorial.md)
-
-- [Zscaler Private Access (ZPA)](../saas-apps/zscalerprivateaccess-tutorial.md)
 
@@ -3,7 +3,7 @@ title: Guide for running C# Azure Functions in an isolated worker process
 description: Learn how to use a .NET isolated worker process to run your C# functions in Azure, which supports non-LTS versions of .NET and .NET Framework apps.  
 ms.service: azure-functions
 ms.topic: conceptual 
-ms.date: 11/01/2022
+ms.date: 01/16/2023
 ms.custom: template-concept 
 recommendations: false
 #Customer intent: As a developer, I need to know how to create functions that run in an isolated worker process so that I can run my function code on current (not LTS) releases of .NET.
@@ -157,7 +157,7 @@ The following example performs clean-up actions if a cancellation request has be
 
 You can compile your function app as [ReadyToRun binaries](/dotnet/core/deploying/ready-to-run). ReadyToRun is a form of ahead-of-time compilation that can improve startup performance to help reduce the effect of [cold-start](event-driven-scaling.md#cold-start) when running in a [Consumption plan](consumption-plan.md).
 
-ReadyToRun is available in .NET 3.1, .NET 6 (both in-process and isolated worker process), and .NET 7, and it requires [version 3.0 or later](functions-versions.md) of the Azure Functions runtime.
+ReadyToRun is available in .NET 6 and later versions and requires [version 4.0 or later](functions-versions.md) of the Azure Functions runtime.
 
 To compile your project as ReadyToRun, update your project file by adding the `<PublishReadyToRun>` and `<RuntimeIdentifier>` elements. The following is the configuration for publishing to a Windows 32-bit function app.