MicrosoftDocs
diff --git a/‎defender-endpoint/configure-endpoints-mdm.md‎
Lines changed: 20 additions & 12 deletions b/‎defender-endpoint/configure-endpoints-mdm.md‎
Lines changed: 20 additions & 12 deletions
diff --git a/‎defender-endpoint/data-storage-privacy.md‎
Lines changed: 2 additions & 2 deletions b/‎defender-endpoint/data-storage-privacy.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎defender-endpoint/device-discovery.md‎
Lines changed: 5 additions & 2 deletions b/‎defender-endpoint/device-discovery.md‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎defender-endpoint/ios-troubleshoot.md‎
Lines changed: 2 additions & 2 deletions b/‎defender-endpoint/ios-troubleshoot.md‎
Lines changed: 2 additions & 2 deletions
@@ -14,7 +14,7 @@ ms.custom: admindeeplinkDEFENDER
 ms.topic: conceptual
 ms.subservice: onboard
 search.appverid: met150
-ms.date: 03/28/2024
+ms.date: 08/12/2024
 ---
 
 # Onboard Windows devices to Defender for Endpoint using Intune 
@@ -65,31 +65,39 @@ For security reasons, the package used to Offboard devices will expire 7 days af
 > [!NOTE]
 > Onboarding and offboarding policies must not be deployed on the same device at the same time, otherwise this will cause unpredictable collisions.
 
-1. Get the offboarding package from <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft Defender portal</a>:
+1. Get the offboarding package from the [Microsoft Defender portal](https://security.microsoft.com) as follows:
 
-   2. In the navigation pane, select **Settings** \> **Endpoints** \> **Device management** \> **Offboarding**.
+   1. In the navigation pane, select **Settings** \> **Endpoints** \> **Device management** \> **Offboarding**.
 
-   3. Select Windows 10 or Windows 11 as the operating system.
+   2. Select **Windows 10 or Windows 11** as the operating system.
 
-   4. In the **Deployment method** field, select **Mobile Device Management / Microsoft Intune**.
+   3. In the **Deployment method** field, select **Mobile Device Management / Microsoft Intune**.
 
-   5. Click **Download package**, and save the .zip file.
+   4. Click **Download package**, and save the .zip file.
 
-2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named *WindowsDefenderATP_valid_until_YYYY-MM-DD.offboarding*.
+2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named `WindowsDefenderATP_valid_until_YYYY-MM-DD.offboarding`.
 
-3. Use the Microsoft Intune custom configuration policy to deploy the following supported OMA-URI settings.
+3. In Microsoft Intune admin center, create a custom configuration policy.
 
-   - OMA-URI: ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Offboarding
-   - Date type: String
-   - Value: [Copy and paste the value from the content of the WindowsDefenderATP_valid_until_YYYY-MM-DD.offboarding file]
+   1. In the navigation pane, select **Devices** \> **By platform** \> **Windows** \> **Manage Devices** \> **Configuration**.
+   2. Under **Policies** click **Create** \> **New Policy**.
+   3. In the **Create a profile** slide out, select **Windows 10 and later** as **Platform** and **Templates** as **Profile Type**.
+   4. Under **Template Name**, click the **Custom** template and click **Create**.
+   5. Enter a value for **Name** and click **Next**. 
+   6. Under **Configuration settings**, click **Add** and use the following OMA-URI settings.
+      - Name: Provide a name
+      - OMA-URI: `./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Offboarding`
+      - Date type: String
+      - Value: *Copy and paste the value from the content of the WindowsDefenderATP_valid_until_YYYY-MM-DD.offboarding file*
+   7. Make the appropriate group assignments, applicability rules, and on the **Review + create** step, click the **Create** button to finish the policy.
 
 For more information on Microsoft Intune policy settings, see [Windows 10 policy settings in Microsoft Intune](/mem/intune/configuration/custom-settings-windows-10).
 
 > [!NOTE]
 > The **Health Status for offboarded devices** policy uses read-only properties and can't be remediated.
 
 > [!IMPORTANT]
-> Offboarding causes the device to stop sending sensor data to the portal but data from the device, including reference to any alerts it has had will be retained for up to 6 months.
+> Offboarding causes the device to stop sending sensor data to Defender for Endpoint, but data from the device, including references to any alerts it has, is retained for up to 6 months.
 
 ## Related articles
 
 
@@ -16,7 +16,7 @@ ms.collection:
 - essentials-compliance
 ms.topic: conceptual
 search.appverid: met150
-ms.date: 05/14/2024
+ms.date: 08/12/2024
 ---
 
 # Microsoft Defender for Endpoint data storage and privacy
@@ -63,7 +63,7 @@ In all scenarios, data is encrypted using 256-bit [AES encryption](https://en.wi
 
 ## Data storage location
 
-Defender for Endpoint operates in the Microsoft Azure data centers in the European Union, the United Kingdom, the United States, Australia, or Switzerland. Customer data collected by the service might be stored in: (a) the geo-location of the tenant as identified during provisioning or, (b) the geo-location as defined by the data storage rules of an online service if this online service is used by Defender for Endpoint to process such data. For more information, see [Where your Microsoft 365 customer data is stored](/microsoft-365/enterprise/o365-data-locations).
+Defender for Endpoint operates in the Microsoft Azure data centers in the European Union, the United Kingdom, the United States, Australia, Switzerland, or India. Customer data collected by the service might be stored in: (a) the geo-location of the tenant as identified during provisioning or, (b) the geo-location as defined by the data storage rules of an online service if this online service is used by Defender for Endpoint to process such data. For more information, see [Where your Microsoft 365 customer data is stored](/microsoft-365/enterprise/o365-data-locations).
 
 Customer data in pseudonymized form may also be stored in the central storage and processing systems in the United States.
 
 
@@ -91,11 +91,14 @@ Network devices aren't managed as standard endpoints, as Defender for Endpoint d
 
 For more information, see [Network devices](network-devices.md).
 
-## Device discovery Integration
+## Device discovery integration
 
 To address the challenge of gaining enough visibility to locate, identify, and secure your complete OT/IOT asset inventory Defender for Endpoint now supports the following integration:
 
-- **Microsoft Defender for IoT**: This integration combines Defender for Endpoint's device discovery capabilities, with the agentless monitoring capabilities of Microsoft Defender for IoT, to secure enterprise IoT devices connected to an IT network (for example, Voice over Internet Protocol (VoIP), printers, and smart TVs). For more information, see [Enable Enterprise IoT security with Defender for Endpoint](/azure/defender-for-iot/organizations/eiot-defender-for-endpoint/).
+- **Microsoft Defender for IoT**: This integration combines Defender for Endpoint's device discovery capabilities with Microsoft Defender for IoT in the Microsoft Defender portal (Preview) to secure:
+
+    - OT devices, such as servers or packaging systems. For more information, see [onboard Defender for IoT in the Defender portal](/defender-for-iot/get-started).
+    - Enterprise IoT devices connected to an IT network (for example, Voice over Internet Protocol (VoIP), printers, and smart TVs). For more information, see [Enable Enterprise IoT security with Defender for Endpoint](/azure/defender-for-iot/organizations/eiot-defender-for-endpoint).
 
 ## Vulnerability assessment on discovered devices
 
 
@@ -32,8 +32,8 @@ ms.date: 06/19/2024
 This article provides troubleshooting information to help you address issues that might arise with Microsoft Defender for Endpoint on iOS.
 
 > [!NOTE]
-> - Defender for Endpoint on iOS would use a VPN in order to provide the Web Protection feature. This is not a regular VPN and is a local/self-looping VPN that does not take traffic outside the device.
-> - For customers who don't want to set up a VPN, there's an option to disable Web Protection and deploy Defender for Endpoint without that feature. In such scenario, Defender sends the heartbeat to the Microsoft Defender portal whenever user opens the app.
+> - Defender for Endpoint on iOS requires configuring its VPN to activate the Web Protection feature and to send periodic status signals while the app operates in the background. This VPN is local and pass-through, meaning it does not route traffic through a remote VPN server.
+> - Customers who opt not to set up a Defender for Endpoint VPN can disable Web Protection and still deploy Defender for Endpoint. In such cases, Defender for Endpoint will only send status signals to the Microsoft Defender portal when the user opens the app. If the app is not opened for 7 days, the device may be marked as inactive in the Microsoft Defender Portal.
 
 ## Apps don't work when VPN is turned on