Merge branch 'public' into patch-3

Author: chrisda

defender-business/get-defender-business.md

@@ -9,7 +9,7 @@ audience: Admin
 ms.topic: overview
 ms.service: defender-business
 ms.localizationpriority: medium
-ms.date: 06/07/2024
+ms.date: 02/28/2025
 ms.reviewer: efratka
 f1.keywords: NOCSH
 ms.collection:
@@ -35,12 +35,30 @@ Sections include:
 
 To get Defender for Business, you can choose from several options:
 
+- Work with a Microsoft partner who can help you get everything set up and configured.
 - Try or buy the standalone version of Defender for Business.
 - Get Microsoft 365 Business Premium, which includes Defender for Business.
-- Work with a Microsoft partner who can help you get everything set up and configured.
 
 Use the following tabs to learn more about each option.
 
+## [Work with a Microsoft partner](#tab/findpartner)
+
+Microsoft has a list of solution providers who are authorized to sell offerings, including Microsoft 365 Business Premium and Microsoft Defender for Business. If you'd prefer to work with a Microsoft partner, you can follow these steps to find a solution provider in your area:
+
+1. Go to [Browse Partners](https://appsource.microsoft.com/en-us/marketplace/partner-dir).
+
+2. In the **Filters** pane, specify search criteria, such as:
+
+   - Your location
+   - Your organization's size
+   - **Focus areas**, such as **Security** and/or **Threat Protection**
+
+   - **Services**, such as **Licensing** or **Managed Services (MSP)**
+
+   As soon as you select one or more criteria, the list of partners updates.
+
+3. Review the list of results. Select a provider to learn more about their expertise and the services they provide.
+
 ## [Get Defender for Business (standalone)](#tab/getmdb)
 
 Defender for Business provides advanced security protection for your company's devices. For more information, see [What is Microsoft Defender for Business](mdb-overview.md)?
@@ -77,24 +95,6 @@ Microsoft 365 Business Premium includes Defender for Business, Microsoft Defende
 > [!IMPORTANT]
 > Make sure to complete all the steps described in [Microsoft 365 Business Premium – productivity and cybersecurity for small business](/Microsoft-365/business-premium/m365bp-overview).
 
-## [Work with a Microsoft partner](#tab/findpartner)
-
-Microsoft has a list of solution providers who are authorized to sell offerings, including Microsoft 365 Business Premium and Microsoft Defender for Business. If you'd prefer to work with a Microsoft partner, you can follow these steps to find a solution provider in your area:
-
-1. Go to the [Browse Partners](https://appsource.microsoft.com/en-us/marketplace/partner-dir).
-
-2. In the **Filters** pane, specify search criteria, such as:
-
-   - Your location
-   - Your organization's size
-   - **Focus areas**, such as **Security** and/or **Threat Protection**
-
-   - **Services**, such as **Licensing** or **Managed Services (MSP)**
-
-   As soon as you select one or more criteria, the list of partners updates.
-
-3. Review the list of results. Select a provider to learn more about their expertise and the services they provide.
-
 ---
 
 ## How to get Microsoft Defender for Business servers
@@ -113,7 +113,7 @@ Microsoft Defender for Business servers is an add-on to Defender for Business th
 >
 > - In order to add on Microsoft Defender for Business servers, you'll need at least one paid license for [Defender for Business](mdb-overview.md) (standalone) or [Microsoft 365 Business Premium](/Microsoft-365/business-premium/m365bp-overview).
 > - There's a limit of 60 Microsoft Defender for Business servers licenses per subscription to Microsoft 365 Business Premium or Defender for Business.
-> - If preferred, you could use [Microsoft Defender for Servers Plan 1 or Plan 2](/azure/defender-for-cloud/plan-defender-for-servers) instead to onboard your servers. To learn more, see [What happens if I have a mix of Microsoft endpoint security subscriptions](mdb-faq.yml#what-happens-if-i-have-a-mix-of-microsoft-endpoint-security-subscriptions)?
+> - If preferred, you could use [Microsoft Defender for Servers Plan 1 or Plan 2](/azure/defender-for-cloud/plan-defender-for-servers) instead to onboard your servers. 
 
 ## Portals you use for setup and management
 

defender-business/mdb-faq.yml

@@ -9,7 +9,7 @@ audience: Admin
 ms.topic: how-to
 ms.service: defender-business
 ms.localizationpriority: medium
-ms.date: 06/07/2024
+ms.date: 02/28/2025
 ms.reviewer: nehabha
 f1.keywords: NOCSH
 ms.collection:

defender-business/mdb-manage-devices.md

@@ -20,9 +20,7 @@ ms.collection:
 
 # Change your endpoint security subscription
 
-[Microsoft Defender for Business](mdb-overview.md) and [Microsoft Defender for Endpoint](/defender-endpoint/microsoft-defender-endpoint) are endpoint security subscriptions that your organization can use to protect devices, such as computers, tablets, and phones. As your organization grows, you might have a mix of subscriptions and licenses. For example, you might have some Defender for Business licenses, and some Defender for Endpoint licenses.
-
-This article describes how to apply either Defender for Business or Defender for Endpoint Plan 2 features and capabilities across all your organization's devices. (To learn more about mixed-licensing scenarios with Defender for Endpoint Plan 1 and Plan 2, see [Manage Microsoft Defender for Endpoint subscription settings across client devices](/defender-endpoint/defender-endpoint-subscription-settings).)
+[Microsoft Defender for Business](mdb-overview.md) and [Microsoft Defender for Endpoint](/defender-endpoint/microsoft-defender-endpoint) are endpoint security subscriptions that your organization can use to protect devices, such as computers, tablets, and phones. As your organization grows, you might be thinking about changing from Defender for Business to Defender for Endpoint. This article describes how to apply *either* Defender for Business *or* Defender for Endpoint Plan 2 features and capabilities across all your organization's devices. 
 
 ## Before you begin
 
@@ -44,16 +42,13 @@ This article describes how to apply either Defender for Business or Defender for
    > - You don't have enough Defender for Endpoint Plan 2 licenses for all users in your organization
    > - The ability to change your subscription settings hasn't rolled out to your organization yet
 
-4. On the **Subscription settings** flyout, choose whether to use only Defender for Business or Defender for Endpoint Plan 2 across your organization's devices.
+4. On the **Subscription settings** flyout, choose whether to use only Defender for Business or Defender for Endpoint Plan 2 across your organization's devices. Keep the following important points in mind before you save your changes:
 
-   > [!IMPORTANT]
-   > Keep the following important points in mind before you save your changes:
-   > - Make sure you have enough licenses for the subscription you're using for all users in your organization.
-   > - If you select **Only Microsoft Defender for Endpoint Plan 2**, the simplified configuration experience for Defender for Business is replaced with advanced settings that you can configure in Defender for Endpoint. If this change is applied, you can't undo it.
-   > - It can take up to six hours for your changes to be applied.
-   > - Make sure to review your security policies and settings. To get help with Defender for Endpoint policies and settings, see [Configure Defender for Endpoint capabilities](/defender-endpoint/onboard-configure). To get help with Defender for Business policies and settings, see [Review and edit your security policies and settings in Defender for Business](mdb-configure-security-settings.md).
+   - Make sure you have enough licenses for the subscription you're using for all users in your organization.
+   - If you select **Only Microsoft Defender for Endpoint Plan 2**, the simplified configuration experience for Defender for Business is replaced with advanced settings that you can configure in Defender for Endpoint. If this change is applied, you can't undo it.
+   - It can take up to six hours for your changes to be applied.
+   - Make sure to review your security policies and settings. To get help with Defender for Endpoint policies and settings, see [Configure Defender for Endpoint capabilities](/defender-endpoint/onboard-configure). To get help with Defender for Business policies and settings, see [Review and edit your security policies and settings in Defender for Business](mdb-configure-security-settings.md).
 
-   
 ## Review license usage
 
 The license usage report is estimated based on sign-in activities on the device. Defender for Endpoint Plan 2 licenses are assigned to users, and each user can have up to five concurrent, onboarded devices. To learn more about license terms, see [Microsoft Licensing](https://www.microsoft.com/licensing/default).
@@ -66,10 +61,9 @@ To reduce management overhead, there's no requirement for device-to-user mapping
 
 3. Review your available and assigned licenses. The calculation is based on detected users who have accessed devices that are onboarded to Defender for Business (or Defender for Endpoint).
 
-## More information
+## See also
 
 - [Licensing and product terms for Microsoft 365 subscriptions](https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MCA).
-- [Microsoft Defender for Endpoint](/defender-endpoint/microsoft-defender-endpoint)
-- [Microsoft Defender for Business](mdb-overview.md) (endpoint protection for small and medium-sized businesses)
+- [Manage Microsoft Defender for Endpoint Plan 1 and Plan 2 subscription settings across client devices](/defender-endpoint/defender-endpoint-subscription-settings)
 
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]

defender-business/mdb-manage-subscription.md

@@ -9,7 +9,7 @@ audience: Admin
 ms.topic: overview
 ms.service: defender-business
 ms.localizationpriority: medium
-ms.date: 06/07/2024
+ms.date: 02/28/2025
 ms.reviewer: nehabha
 f1.keywords: NOCSH
 ms.collection:
@@ -47,13 +47,13 @@ The following table lists the basic requirements you need to configure and use D
 
 > [!NOTE]
 >
-> 1. To onboard servers, we recommend using [Microsoft Defender for Business servers](get-defender-business.md#how-to-get-microsoft-defender-for-business-servers). Alternately, you could use [Microsoft Defender for Servers Plan 1 or Plan 2](/azure/defender-for-cloud/plan-defender-for-servers). To learn more, see [What happens if I have a mix of Microsoft endpoint security subscriptions?](mdb-faq.yml#what-happens-if-i-have-a-mix-of-microsoft-endpoint-security-subscriptions) and [Onboard devices to Microsoft Defender for Business](mdb-onboard-devices.md).
+> 1. To onboard servers, we recommend using [Microsoft Defender for Business servers](get-defender-business.md#how-to-get-microsoft-defender-for-business-servers). Alternately, you could use [Microsoft Defender for Servers Plan 1 or Plan 2](/azure/defender-for-cloud/plan-defender-for-servers). For more information, see [Onboard devices to Microsoft Defender for Business](mdb-onboard-devices.md).
 >
 > 2. [Microsoft Entra ID](/azure/active-directory/fundamentals/active-directory-whatis) is used to manage user permissions and device groups. Microsoft Entra ID is included in your Defender for Business subscription.
 >    - If you don't have a Microsoft 365 subscription before you start your trial, Microsoft Entra ID will be provisioned for you during the activation process.
 >    - If you do have another Microsoft 365 subscription when you start your Defender for Business trial, you can use your existing Microsoft Entra service.
 >
-> 3. Security defaults are included in Defender for Business. If you prefer to use Conditional Access policies instead, you'll need Microsoft Entra ID P1 or P2 Plan 1 (included in [Microsoft 365 Business Premium](/Microsoft-365/business-premium/m365bp-overview). To learn more, see [Multi-factor authentication](/Microsoft-365/business-premium/m365bp-turn-on-mfa).
+> 3. Security defaults are included in Defender for Business. If you prefer to use Conditional Access policies instead, you'll need Microsoft Entra ID P1 or P2 Plan 1 (included in [Microsoft 365 Business Premium](/Microsoft-365/business-premium/m365bp-overview)). To learn more, see [Multi-factor authentication](/Microsoft-365/business-premium/m365bp-turn-on-mfa).
 
 ## Next steps
 

defender-business/mdb-requirements.md

@@ -12,7 +12,7 @@ ms.collection:
 - tier1
 - essentials-get-started
 ms.localizationpriority: high
-ms.date: 06/19/2024
+ms.date: 02/28/2025
 ms.service: defender-business
 search.appverid:
 - MOE150
@@ -39,35 +39,28 @@ Defender for Business is a new endpoint security solution designed especially fo
 
 Here's how to set up your trial subscription:
 
-1. [Add users and assign licenses](#step-1-add-users-and-assign-licenses).
-2. [Visit the Microsoft Defender portal](#step-2-visit-the-microsoft-365-defender-portal).
-3. [Use the setup wizard](#step-3-use-the-setup-wizard-in-defender-for-business-recommended).
-4. [Set up and configure Defender for Business](#step-4-set-up-and-configure-defender-for-business).
+1. [Visit the Microsoft Defender portal](#step-1-visit-the-microsoft-defender-portal).
+2. [Use the setup wizard](#step-2-use-the-setup-wizard-in-defender-for-business).
+3. [Set up and configure Defender for Business](#step-3-set-up-and-configure-defender-for-business).
 
-### Step 1: Add users and assign licenses
-
-After you sign up for Defender for Business, the first step is to **[add users and assign licenses](mdb-add-users.md)**.
-
-<a name='step-2-visit-the-microsoft-365-defender-portal'></a>
-
-### Step 2: Visit the Microsoft Defender portal
+### Step 1: Visit the Microsoft Defender portal
 
 The Microsoft Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) is the one-stop shop where you use and manage Defender for Business. It includes callouts to help you get started, cards that surface relevant information, and a navigation bar that provides easy access to the various features and capabilities.
 
 - **[Visit the Microsoft Defender portal](mdb-get-started.md)**.
 - **[Explore the navigation bar](mdb-get-started.md#the-navigation-bar)** on the left side of the screen to access your incidents, view reports, and manage your security policies and settings.
 
-### Step 3: Use the setup wizard in Defender for Business (recommended)
+### Step 2: Use the setup wizard in Defender for Business
 
 Defender for Business was designed to save small and medium-sized businesses time and effort. You can do initial setup and configuration through a setup wizard. The setup wizard helps you grant access to your security team, set up email notifications for your security team, and onboard your company's Windows devices. **[Use the setup wizard](mdb-setup-configuration.md)**.
 
 > [!NOTE]
-> You can only use the setup wizard once.
+> You don't have to use the wizard, but it's highly recommended. You can only use the setup wizard once.
 
 #### Setup wizard flow: what to expect
 
 > [!TIP]
-> **Using the setup wizard is optional.** If you choose not to use the wizard, or if the wizard is closed before your setup process is complete, you can complete the setup and configuration process on your own. See [Step 4: Set up and configure Defender for Business](#step-4-set-up-and-configure-defender-for-business).
+> **Using the setup wizard is optional.** If you choose not to use the wizard, or if the wizard is closed before your setup process is complete, you can complete the setup and configuration process on your own. See [Step 3: Set up and configure Defender for Business](#step-3-set-up-and-configure-defender-for-business).
 
 1. **[Assign user permissions](mdb-roles-permissions.md#view-and-edit-role-assignments)**. Grant your security team access to the Microsoft Defender portal.
 
@@ -78,17 +71,17 @@ Defender for Business was designed to save small and medium-sized businesses tim
    > [!NOTE]
    > When you use the setup wizard, the system detects if you have Windows devices that are already enrolled in Intune. You'll be asked if you want to use automatic onboarding for all or some of those devices. You can onboard all Windows devices at once or select specific devices at first and then add more devices later.
 
-   To onboard other devices, see [Step 4: Set up and configure Defender for Business](#step-4-set-up-and-configure-defender-for-business).
+   To onboard other devices, see [Step 3: Set up and configure Defender for Business](#step-3-set-up-and-configure-defender-for-business).
 
 4. **[View and edit your security policies](mdb-configure-security-settings.md)**. Defender for Business includes default security policies for next-generation protection and firewall protection that can be applied to your company's devices. These preconfigured security policies use recommended settings, so you're protected as soon as your devices are onboarded to Defender for Business. And you can edit the policies or create new ones.
 
-### Step 4: Set up and configure Defender for Business
+### Step 3: Set up and configure Defender for Business
 
 If you choose not to use the setup wizard, see the following diagram that depicts the [overall setup and configuration process](mdb-setup-configuration.md) for Defender for Business.
 
 [:::image type="content" source="media/mdb-setup-process-2.png" alt-text="Setup and configuration process for Defender for Business.":::](mdb-setup-configuration.md)
 
-If you used the setup wizard but you need to onboard more devices, such as non-Windows devices, go directly to [step 4](mdb-onboard-devices.md) in the following procedure:
+If you used the setup wizard but you need to onboard more devices, such as non-Windows devices, go directly to [onboard devices](mdb-onboard-devices.md).
 
 1. **[Review the requirements](mdb-requirements.md)** to configure and use Defender for Business.
 
@@ -110,7 +103,7 @@ Defender for Business includes pre-configured security policies that use recomme
 
 Security policies to review and configure include:
 
-- [Next-generation protection policies](mdb-next-generation-protection.md) which determine antivirus and antimalware protection for your company's devices
+- [Next-generation protection policies](mdb-next-generation-protection.md) which determine antivirus and anti-malware protection for your company's devices
 - [Firewall protection and rules](mdb-firewall.md) which determine what network traffic is allowed to flow to and from your company's devices
 - [Web content filtering](mdb-web-content-filtering.md) which prevents people from visiting certain websites (URLs) based on categories, such as adult content or legal liability
 - [Advanced features](mdb-portal-advanced-feature-settings.md#view-settings-for-advanced-features) such as automated investigation and response and endpoint detection and response (EDR) in block mode
@@ -119,17 +112,17 @@ Security policies to review and configure include:
 
 For the next 30 days, here's guidance from the product team on key features to try:
 
-1. [Use your Microsoft Defender Vulnerability Management dashboard](#1-use-the-defender-vulnerability-management-dashboard).
+1. [Use your dashboard](#1-use-the-dashboard).
 
 2. [View and respond to detected threats](#2-view-and-respond-to-detected-threats).
 
 3. [Review security policies](#3-review-security-policies).
 
 4. [Prepare for ongoing security management](#4-prepare-for-ongoing-security-management).
 
-### 1. Use the Defender Vulnerability Management dashboard
+### 1. Use the dashboard
 
-Defender for Business includes a Defender Vulnerability Management dashboard that's designed to save your security team time and effort. Learn how to [use your Defender Vulnerability Management dashboard](mdb-view-tvm-dashboard.md).
+Defender for Business includes a dashboard that's designed to save your security team time and effort. Learn how to [use your dashboard](mdb-view-tvm-dashboard.md).
 
 - View your exposure score, which is associated with devices in your organization.
 - View your top security recommendations, such as address impaired communications with devices, turn on firewall protection, or update Microsoft Defender Antivirus definitions.