Merge pull request #16555 from LouisBerner/v-loberner-update-artwork-for-azure-local-rebranding-4

Updated artwork for Azure Local rebranding and WDAC updates.

Author: Jill Grant

azure-local/TOC.yml

@@ -382,7 +382,7 @@ items:
     items:
     - name: Manage security defaults
       href: manage/manage-secure-baseline.md
-    - name: Manage application control (WDAC)
+    - name: Manage Application Control
       href: manage/manage-wdac.md
     - name: Manage BitLocker encryption
       href: manage/manage-bitlocker.md

azure-local/concepts/security-features.md

@@ -5,7 +5,7 @@ author: alkohli
 ms.author: alkohli
 ms.topic: conceptual
 ms.service: azure-stack-hci
-ms.date: 11/15/2024
+ms.date: 12/11/2024
 ---
 
 # Security features for Azure Local, version 23H2
@@ -16,7 +16,7 @@ ms.date: 11/15/2024
 
 Azure Local is a secure-by-default product that has more than 300 security settings enabled right from the start. Default security settings provide a consistent security baseline to ensure that devices start in a known good state.
 
-This article provides a brief conceptual overview of the various security features associated with your Azure Local instance. Features include security defaults, Windows Defender for Application Control (WDAC), volume encryption via BitLocker, secret rotation, local built-in user accounts, Microsoft Defender for Cloud, and more.
+This article provides a brief conceptual overview of the various security features associated with your Azure Local instance. Features include security defaults, Application Control, volume encryption via BitLocker, secret rotation, local built-in user accounts, Microsoft Defender for Cloud, and more.
 
 ## Security defaults
 
@@ -34,16 +34,16 @@ Secure baseline on Azure Local:
 
 For more information, see [Manage security defaults on Azure Local](../manage/manage-secure-baseline.md).
 
-## Windows Defender Application Control
+## Application Control
 
-WDAC is a software-based security layer that reduces attack surface by enforcing an explicit list of software that is allowed to run. WDAC is enabled by default and limits the applications and code that you can run on the core platform. For more information, see [Manage Windows Defender Application Control for Azure Local, version 23H2](../manage/manage-wdac.md#manage-wdac-settings-with-powershell).
+Application Control is a software-based security layer that reduces attack surface by enforcing an explicit list of software that is allowed to run. Application Control is enabled by default and limits the applications and code that you can run on the core platform. For more information, see [Manage Application Control for Azure Local, version 23H2](../manage/manage-wdac.md#manage-application-control-settings-with-powershell).
 
-WDAC provides two main operation modes, Enforcement mode and Audit mode. In Enforcement mode, untrusted code is blocked and events are recorded. In Audit mode, untrusted code is allowed to run and events are recorded. To learn more about WDAC-related events, see [List of Events](/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations).
+Application Control provides two main operation modes, Enforcement mode and Audit mode. In Enforcement mode, untrusted code is blocked and events are recorded. In Audit mode, untrusted code is allowed to run and events are recorded. To learn more about Application Control-related events, see [List of Events](/windows/security/application-security/application-control/windows-defender-application-control/operations/event-id-explanations).
 
 > [!IMPORTANT]
-> To minimize security risk, always run WDAC in Enforcement mode.
+> To minimize security risk, always run Application Control in Enforcement mode.
 
-### About WDAC policy design
+### About Application Control policy design
 
 Microsoft provides base signed policies on Azure Local for both Enforcement mode and Audit mode. Additionally, policies include a predefined set of platform behavior rules and block rules to apply to the application control layer.
 
@@ -57,7 +57,7 @@ Azure Local base policies include the following sections:
 
 #### Option rules
 
-This section discussed the option rules enabled by the base policy. 
+This section discussed the option rules enabled by the base policy.
 
 For the enforced policy, the following option rules are enabled by default:
 

azure-local/includes/hci-switch-wdac-policy-mode.md

@@ -3,15 +3,15 @@ author: ManikaDhiman
 ms.author: alkohli
 ms.service: azure-stack
 ms.topic: include
-ms.date: 11/18/2024
+ms.date: 12/10/2024
 ms.reviewer: alkohli
 ---
 
 1. Connect to your Azure Local machine.
 
 1. Run the following PowerShell command using local administrator credentials or deployment user (AzureStackLCMUser) credentials.
 
-1. Run the following cmdlet to check the WDAC policy mode that is currently enabled:
+1. Run the following cmdlet to check the Application Control policy mode that is currently enabled:
 
    ```powershell
    Get-AsWdacPolicyMode
@@ -43,27 +43,27 @@ ms.reviewer: alkohli
 
    ```azurepowershell
    PS C:\> Get-AsWdacPolicyMode
-   VERBOSE: Getting WDAC Policy Mode on Node01
-   VERBOSE: WDAC Policy Mode on Node01 is Enforced.
-   VERBOSE: Getting WDAC Policy Mode on Node01
-   VERBOSE: WDAC Policy Mode on Node01 is Enforced.
+   VERBOSE: Getting Application Control Policy Mode on Node01.
+   VERBOSE: Application Control Policy Mode on Node01 is Enforced.
+   VERBOSE: Getting Application Control Policy Mode on Node01.
+   VERBOSE: Application Control Policy Mode on Node01 is Enforced.
 
    NodeName     PolicyMode
    --------     ----------
    Node01 	Enforced
    Node01 	Enforced
 
    PS C:\> Enable-AsWdacPolicy -Mode Audit
-   WARNING: Setting WDAC Policy to Audit Mode on all nodes. This will not protect your system against untrusted applications
+   WARNING: Setting Application Control Policy to Audit Mode on all nodes. This will not protect your system against untrusted applications
    VERBOSE: Action plan instance ID specified: 6826fbf2-cb00-450e-ba08-ac24da6df4aa
-   VERBOSE: Started an action plan 6826fbf2-cb00-450e-ba08-ac24da6df4aa to set WDAC Policy to Audit Mode.
+   VERBOSE: Started an action plan 6826fbf2-cb00-450e-ba08-ac24da6df4aa to set Application Control Policy to Audit Mode.
    6826fbf2-cb00-450e-ba08-ac24da6df4aa
 
    PS C:\> Get-AsWdacPolicyMode
-   VERBOSE: Getting WDAC Policy Mode on Node01
-   VERBOSE: WDAC Policy Mode on Node01 is Audit.
-   VERBOSE: Getting WDAC Policy Mode on Node01
-   VERBOSE: WDAC Policy Mode on Node01 is Audit.
+   VERBOSE: Getting Application Control Policy Mode on Node01.
+   VERBOSE: Application Control Policy Mode on Node01 is Audit.
+   VERBOSE: Getting Application Control Policy Mode on Node01.
+   VERBOSE: Application Control Policy Mode on Node01 is Audit.
 
    NodeName     PolicyMode
    --------     ----------

azure-local/manage/manage-secure-baseline.md

@@ -5,7 +5,7 @@ author: alkohli
 ms.author: alkohli
 ms.topic: how-to
 ms.service: azure-stack-hci
-ms.date: 11/18/2024
+ms.date: 12/12/2024
 ---
 
 # Manage security defaults for Azure Local, version 23H2

azure-local/manage/manage-security-post-upgrade.md

@@ -5,7 +5,7 @@ author: alkohli
 ms.author: alkohli
 ms.topic: how-to
 ms.service: azure-stack-hci
-ms.date: 11/18/2024
+ms.date: 12/11/2024
 ---
 
 # Manage security after upgrading Azure Local
@@ -112,15 +112,15 @@ After you've upgraded to version 23H2, consider enabling Application Control. Th
 
 For new deployments, Application Control is enabled in *Enforced* mode (blocking nontrusted binaries), whereas for upgraded systems we recommend that you follow these steps:
 
-1. [Enable Application Control in *Audit* mode (assuming unknown software might be present)](./manage-wdac.md#switch-wdac-policy-modes).
+1. [Enable Application Control in *Audit* mode (assuming unknown software might be present)](./manage-wdac.md#switch-application-control-policy-modes).
 1. [Monitor Application Control events](/windows/security/application-security/application-control/app-control-for-business/operations/event-id-explanations).
-1. [Create the necessary supplemental policies](./manage-wdac.md#create-a-wdac-supplemental-policy).
+1. [Create the necessary supplemental policies](./manage-wdac.md#create-an-application-control-supplemental-policy).
 1. Repeat steps #2 and #3 as necessary until no further audit events are observed. Switch to *Enforced* mode.
 
     > [!WARNING]
     > Failure to create the necessary AppControl policies to enable additional third party software will prevent that software from running.
 
-For instructions to enable in *Enforced* mode, see [Manage Windows Defender Application Control for Azure Local](./manage-wdac.md#switch-wdac-policy-modes).
+For instructions to enable in *Enforced* mode, see [Manage Windows Defender Application Control for Azure Local](./manage-wdac.md#switch-application-control-policy-modes).
 
 ## Next steps
 

azure-local/manage/manage-wdac.md

@@ -1,38 +1,38 @@
 ---
-title: Manage Windows Defender Application Control for Azure Local, version 23H2
-description: This article describes how to use Windows Defender Application Control on Azure Local, version 23H2.
+title: Manage Application Control for Azure Local, version 23H2
+description: This article describes how to use Application Control on Azure Local, version 23H2.
 author:  alkohli
 ms.author:  alkohli
 ms.topic: how-to
-ms.date: 11/17/2024
+ms.date: 12/10/2024
 ms.service: azure-stack-hci
 ---
 
-# Manage Windows Defender Application Control for Azure Local, version 23H2
+# Manage Application Control for Azure Local, version 23H2
 
 [!INCLUDE [hci-applies-to-23h2](../includes/hci-applies-to-23h2.md)]
 
-This article describes how to use Windows Defender Application Control (WDAC) to reduce the attack surface of Azure Local. For more information, see [Manage baseline security settings on Azure Local, version 23H2](../whats-new.md).
+This article describes how to use Application Control to reduce the attack surface of Azure Local. For more information, see [Manage baseline security settings on Azure Local, version 23H2](../whats-new.md).
 
 ## Prerequisites
 
 Before you begin, make sure that you have access to an Azure Local, version 23H2 instance that is deployed, registered, and connected to Azure.
 
-## View WDAC settings via Azure portal
+## View Application Control settings via Azure portal
 
-To view the WDAC settings in the Azure portal, make sure that you have applied the MCSB initiative. For more information, see [Apply Microsoft Cloud Security Benchmark initiative](./manage-security-with-defender-for-cloud.md#apply-microsoft-cloud-security-benchmark-initiative).
+To view the Application Control settings in the Azure portal, make sure that you have applied the MCSB initiative. For more information, see [Apply Microsoft Cloud Security Benchmark initiative](./manage-security-with-defender-for-cloud.md#apply-microsoft-cloud-security-benchmark-initiative).
 
-You can use WDAC policies to control which drivers and apps are allowed to run on your system. You can only view the WDAC settings via Azure portal. To manage the settings, see [Manage WDAC settings with PowerShell](manage-wdac.md#manage-wdac-settings-with-powershell).
+You can use Application Control policies to manage which drivers and apps are allowed to run on your system. You can only view Application Control settings via Azure portal. To manage the settings, see [Manage Application Control settings with PowerShell](manage-wdac.md#manage-application-control-settings-with-powershell).
 
-:::image type="content" source="media/manage-wdac/manage-wdac.png" alt-text="Screenshot that shows the Application control (WDAC) page on Azure portal." lightbox="media/manage-wdac/manage-wdac.png":::
+:::image type="content" source="media/manage-wdac/manage-wdac.png" alt-text="Screenshot that shows the Application Control page on Azure portal." lightbox="media/manage-wdac/manage-wdac.png":::
 
-## Manage WDAC settings with PowerShell
+## Manage Application Control settings with PowerShell
 
-### Enable WDAC policy modes
+### Enable Application Control policy modes
 
-You can enable WDAC during or after deployment. Use PowerShell to enable or disable WDAC after deployment.
+You can enable Application Control during or after deployment. Use PowerShell to enable or disable Application Control after deployment.
 
-Connect to one of the machines and use the following cmdlets to enable the desired WDAC policy in "Audit" or "Enforced" mode.
+Connect to one of the machines and use the following cmdlets to enable the desired Application Control policy in "Audit" or "Enforced" mode.
 
 In this build release there are two cmdlets:
 
@@ -45,30 +45,30 @@ This is useful when:
 
 - You started with default, recommended settings.
 - You must install or run new third party software. You can switch your policy modes to create a supplemental policy.
-- You started with WDAC disabled during deployment and now you want to enable WDAC to increase security protection or to validate that your software runs properly.
-- Your software or scripts are blocked by WDAC. In this case you can use audit mode to understand and troubleshoot the issue.
+- You started with Application Control disabled during deployment and now you want to enable Application Control to increase security protection or to validate that your software runs properly.
+- Your software or scripts are blocked by Application Control. In this case you can use audit mode to understand and troubleshoot the issue.
 
 > [!NOTE]
-> When your application is blocked, WDAC creates a corresponding event. Review the Event log to understand details of the policy that's blocking your application. For more information, see the [Windows Defender Application Control operational guide](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide).
+> When your application is blocked, Application Control creates a corresponding event. Review the Event log to understand details of the policy that's blocking your application. For more information, see the [Application Control operational guide](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-operational-guide).
 
-### Switch WDAC policy modes
+### Switch Application Control policy modes
 
-Follow these steps to switch between WDAC policy modes. These PowerShell commands interact with the Orchestrator to enable the selected modes.
+Follow these steps to switch between Application Control policy modes. These PowerShell commands interact with the Orchestrator to enable the selected modes.
 
 [!INCLUDE [Switch WDAC policy mode](../includes/hci-switch-wdac-policy-mode.md)]
 
 <!--- ## Support for OEM extensions --->
 
-### Create a WDAC policy to enable third party software
+### Create an Application Control policy to enable third party software
 
-While using WDAC in enforcement mode, for your non-Microsoft signed software to run, build on the Microsoft-provided base policy by creating a WDAC supplemental policy. Additional information can be found in the [public WDAC documentation](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies#supplemental-policy-creation).
+While using Application Control in enforcement mode, for your non-Microsoft signed software to run, build on the Microsoft-provided base policy by creating an Application Control supplemental policy. Additional information can be found in the [public Application Control documentation](/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies#supplemental-policy-creation).
 
 > [!NOTE]
-> To run or install new software, you might need to switch WDAC to audit mode first (see steps above), install your software, test that it works correctly, create the new supplemental policy, and then switch WDAC back to enforced mode.
+> To run or install new software, you might need to switch Application Control to audit mode first (see steps above), install your software, test that it works correctly, create the new supplemental policy, and then switch Application Control back to enforced mode.
 
 Create a new policy in the Multiple Policy Format as shown below. Then use ```Add-ASWDACSupplementalPolicy -Path Policy.xml``` to convert it to a supplemental policy and deploy it across nodes in the cluster.
 
-#### Create a WDAC supplemental policy
+#### Create an Application Control supplemental policy
 
 Use the following steps to create a supplemental policy: