Updates from: 06/08/2022 01:27:00
Category Microsoft Docs article Related commit history on GitHub Change details
commerce Add Licenses Using Product Key https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/licenses/add-licenses-using-product-key.md
search.appverid: MET150 description: "Learn how to add licenses to or extend your subscription with a product key." Previously updated : 04/07/2021 Last updated : 06/06/2022 # Add licenses to or extend a subscription paid for using a product key
commerce Buy Licenses https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/licenses/buy-licenses.md
- adminvideo search.appverid: MET150 description: "Use these steps to buy more licenses or reduce the number of licenses for your Microsoft 365 for business subscription." Previously updated : 09/16/2021 Last updated : 06/06/2022 # Buy or remove licenses
compliance Alert Policies https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/alert-policies.md
The table also indicates the Office 365 Enterprise and Office 365 US Government
|**Email messages containing malicious URL removed after delivery**|Generates an alert when any messages containing a malicious URL are delivered to mailboxes in your organization. If this event occurs, Microsoft removes the infected messages from Exchange Online mailboxes using [Zero-hour auto purge](../security/office-365-security/zero-hour-auto-purge.md). This policy has an **Informational** severity setting and automatically triggers [automated investigation and response in Office 365](../security/office-365-security/office-365-air.md). For more information on this new policy, see [New alert policies in Microsoft Defender for Office 365](new-defender-alert-policies.md).|Threat management|Yes|E5/G5 or Defender for Office 365 P2 add-on subscription| |**Email messages from a campaign removed after delivery**|Generates an alert when any messages associated with a [Campaign](../security/office-365-security/campaigns.md) are delivered to mailboxes in your organization. If this event occurs, Microsoft removes the infected messages from Exchange Online mailboxes using [Zero-hour auto purge](../security/office-365-security/zero-hour-auto-purge.md). This policy has an **Informational** severity setting and automatically triggers [automated investigation and response in Office 365](../security/office-365-security/office-365-air.md). For more information on this new policy, see [New alert policies in Microsoft Defender for Office 365](new-defender-alert-policies.md).|Threat management|Yes|E5/G5 or Defender for Office 365 P2 add-on subscription| |**Email messages removed after delivery**|Generates an alert when any malicious messages that do not contain a malicious entity (URL or File), or associated with a Campaign, are delivered to mailboxes in your organization. If this event occurs, Microsoft removes the infected messages from Exchange Online mailboxes using [Zero-hour auto purge](../security/office-365-security/zero-hour-auto-purge.md). This policy has an **Informational** severity setting and automatically triggers [automated investigation and response in Office 365](../security/office-365-security/office-365-air.md). For more information on this new policy, see [New alert policies in Microsoft Defender for Office 365](new-defender-alert-policies.md).|Threat management|Yes|E5/G5 or Defender for Office 365 P2 add-on subscription|
+|**Messages containing malicious entity not removed after delivery**|Generates an alert when any message containing malicious content (file, URL, campaign, no entity), is delivered to mailboxes in your organization. If this event occurs, Microsoft attempted to remove the infected messages from Exchange Online mailboxes using [Zero-hour auto purge](../security/office-365-security/zero-hour-auto-purge.md), but the message was not removed due to a failure. Additional investigation is recommended. This policy has a **Medium** severity setting and automatically triggers [automated investigation and response in Office 365](../security/office-365-security/office-365-air.md).|Threat management|Yes|E5/G5 or Defender for Office 365 P2 add-on subscription|
|**Email reported by user as malware or phish**|Generates an alert when users in your organization report messages as phishing email using the Report Message add-in. This policy has an **Low** severity setting. For more information about this add-in, see [Use the Report Message add-in](https://support.office.com/article/b5caa9f1-cdf3-4443-af8c-ff724ea719d2). For Defender for Office 365 P2, E5, G5 customers, this alert automatically triggers [automated investigation and response in Office 365](../security/office-365-security/office-365-air.md).|Threat management|Yes|E1/F1/G1, E3/F3/G3, or E5/G5| |**Email sending limit exceeded**|Generates an alert when someone in your organization has sent more mail than is allowed by the outbound spam policy. This is usually an indication the user is sending too much email or that the account may be compromised. This policy has a **Medium** severity setting. If you get an alert generated by this alert policy, it's a good idea to [check whether the user account is compromised](../security/office-365-security/responding-to-a-compromised-email-account.md).|Threat management|No|E1/F1/G1, E3/F3/G3, or E5/G5| |**Form blocked due to potential phishing attempt**|Generates an alert when someone in your organization has been restricted from sharing forms and collecting responses using Microsoft Forms due to detected repeated phishing attempt behavior. This policy has a **High severity** setting.|Threat management|No|E1, E3/F3, or E5|
compliance Apply Retention Labels Automatically https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/apply-retention-labels-automatically.md
You might need to use this option if you're required to capture and retain all c
Cloud attachments, sometimes also known as modern attachments, are a sharing mechanism that uses embedded links to files that are stored in the cloud. They support centralized storage for shared content with collaborative benefits, such as version control. Cloud attachments are not attached copies of a file or a URL text link to a file. You might find it helpful to refer to the visual checklists for supported cloud attachments in [Outlook](/office365/troubleshoot/retention/cannot-retain-cloud-attachments#cloud-attachments-in-outlook) and [Teams](/office365/troubleshoot/retention/cannot-retain-cloud-attachments#cloud-attachments-in-teams).
-When you choose the option to apply a retention label to cloud attachments, for compliance purposes, a copy of that file is created at the time of sharing. Your selected retention label is then applied to the copy that can then be identified using eDiscovery. Users are not aware of the copy that is stored in the Preservation Hold library. The retention label is not applied to the message itself, or to the original file.
+When you choose the option to apply a retention label to cloud attachments, for compliance purposes, a copy of that file is created at the time of sharing. Your selected retention label is then applied to the copy that can then be [identified using eDiscovery](advanced-ediscovery-cloud-attachments.md). Users are not aware of the copy that is stored in the Preservation Hold library. The retention label is not applied to the message itself, or to the original file.
If the file is modified and shared again, a new copy of the file as a new version is saved in the Preservation Hold library. For more information, including why you should use the **When items were labeled** label setting, see [How retention works with cloud attachments](retention-policies-sharepoint.md#how-retention-works-with-cloud-attachments).
To consider when auto-applying retention labels to cloud attachments:
- The following items aren't supported as cloud attachments that can be retained: - SharePoint sites, pages, lists, forms, folders, document sets, and OneNote pages. - Files shared by users who don't have access to those files.
- - Files that are deleted before the cloud attachment is sent. This can happen if a user copies and pastes a previously shared attachment from another message, without first confirming that the file is still available. Or, somebody forwards an old message when the file is now deleted.
+ - Files that are deleted or moved before the cloud attachment is sent. For example, a user copies and pastes a previously shared attachment from another message, without first confirming that the file is still available. Or, somebody forwards an old message when the file is now deleted.
- Files that are shared by guests or users outside your organization. - Files in draft emails and messages that aren't sent. - Empty files.
compliance Compliance Easy Trials Compliance Playbook https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-easy-trials-compliance-playbook.md
Set up Audit (Premium) for users - to verify that the Advanced Auditing app is a
> [!TIP] > Trial best practice: Create within the first 30 days
-Audit log retention policies are part of the new Audit (Premium) capabilities in Microsoft 365. An audit log retention policy lets you specify how long to retain audit logs in your organization.
+Audit log retention policies are part of the new Audit (Premium) capabilities in Microsoft Purview. An audit log retention policy lets you specify how long to retain audit logs in your organization.
1. Before you create an audit log retention policy ΓÇô [key things to know](audit-log-retention-policies.md#before-you-create-an-audit-log-retention-policy) before creating your policy. 1. [Create an audit log retention policy](audit-log-retention-policies.md#create-an-audit-log-retention-policy)
To access eDiscovery (Premium) or be added as a member of an eDiscovery (Premium
> [!TIP] > Trial best practice: Create within the first 30 days
-More organizations use the eDiscovery (Premium) solution in Microsoft 365 for critical eDiscovery processes. This includes responding to regulatory requests, investigations, and litigation.
+More organizations use the eDiscovery (Premium) solution in Microsoft Purview for critical eDiscovery processes. This includes responding to regulatory requests, investigations, and litigation.
1. Manage eDiscovery (Premium) ΓÇô [learn how to configure eDiscovery (Premium), manage cases by using the Security & Compliance Center, manage a workflow in eDiscovery (Premium), and analyze eDiscovery (Premium) search results](/learn/modules/manage-advanced-ediscovery). 1. [Create an eDiscovery case using Advance eDiscovery's new case format](advanced-ediscovery-new-case-format.md)
compliance Compliance Quick Tasks https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-quick-tasks.md
Title: "Quick tasks for getting started with Microsoft Purview"-- NOCSH
+ Title: "Quick tasks for getting started with compliance in Microsoft Purview"
+description: "Learn about tasks that will help you quickly get started with compliance in Microsoft Purview."
audience: ITPro
+f1.keywords:
+- NOCSH
- m365-security-compliance - m365initiative-compliance
- admindeeplinkDEFENDER - intro-get-started ms.localizationpriority: medium
-description: "Learn about tasks that will help you quickly get started with compliance in Microsoft 365."
-# Quick tasks for getting started with Microsoft Purview
+# Quick tasks for getting started with compliance in Microsoft Purview
[!include[Purview banner](../includes/purview-rebrand-banner.md)] If you're new to Microsoft Purview and wondering where to start, this article provides guidance on the basics and prioritizes important compliance tasks. This article will help you quickly get started with managing and monitoring your data, protecting information, and minimizing insider risks.
-This article is also helpful if you're figuring out how best to manage risks, protect your data, and remain compliant with regulations and standards with a newly remote workforce. Employees are now collaborating and connecting with each other in new ways, and this means your existing compliance processes and controls may need to adapt. Identifying and managing these new compliance risks within your organization is critical to safeguarding your data and minimizing threats and risks.
+This article is also helpful if you're figuring out how best to manage risks, protect your data, and remain compliant with regulations and standards with a newly remote workforce. Employees are now collaborating and connecting with each other in new ways, and this change means your existing compliance processes and controls may need to adapt. Identifying and managing these new compliance risks within your organization is critical to safeguarding your data and minimizing threats and risks.
-After youΓÇÖve completed these basic compliance tasks, consider expanding compliance coverage in your organization by implementing additional Microsoft Purview solutions.
+After you've completed these basic compliance tasks, consider expanding compliance coverage in your organization by implementing additional Microsoft Purview solutions.
## Task 1: Configure compliance permissions
-ItΓÇÖs important to manage who in your organization has access to the Microsoft Purview compliance portal to view content and perform management tasks. Microsoft 365 provides administrative roles specific to compliance and for using the tools included in the Microsoft Purview compliance portal.
+It's important to manage who in your organization has access to the Microsoft Purview compliance portal to view content and perform management tasks. Microsoft 365 provides administrative roles specific to compliance and for using the tools included in the Microsoft Purview compliance portal.
-Start by assigning compliance permissions to the people in your organization so that they can perform these tasks and to prevent unauthorized people from having access to areas outside of their responsibilities. YouΓÇÖll want to make sure that youΓÇÖve assigned the proper people to the **Compliance data administrator** and the **Compliance administrator** admin roles before you start to configure and implement compliance solutions included with Microsoft 365. YouΓÇÖll also need to assign users to the Azure Active Directory global reader role to view data in Compliance Manager.
+Start by assigning compliance permissions to the people in your organization so that they can perform these tasks and to prevent unauthorized people from having access to areas outside of their responsibilities. You'll want to make sure that you've assigned the proper people to the **Compliance data administrator** and the **Compliance administrator** admin roles before you start to configure and implement compliance solutions included with Microsoft 365. You'll also need to assign users to the Azure Active Directory global reader role to view data in Compliance Manager.
-For step-by-step guidance to configure permissions and assign people to admin roles, see [Permissions in the Security & Compliance Center](../security/office-365-security/permissions-in-the-security-and-compliance-center.md).
+For step-by-step guidance to configure permissions and assign people to admin roles, see [Permissions in the Security & Compliance Center](/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center).
## Task 2: Know your state of compliance
-ItΓÇÖs difficult to know where to go if you donΓÇÖt know where you are. Meeting your compliance needs includes understanding your current level of risk and what updates may be needed in these ever changing times. Whether your organization is new to compliance requirements or has deep experience with standards and regulations that govern your industry, the single best thing you can do to improve compliance is to understand where your organization stands.
+It's difficult to know where to go if you don't know where you are. Meeting your compliance needs includes understanding your current level of risk and what updates may be needed in these ever changing times. Whether your organization is new to compliance requirements or has deep experience with standards and regulations that govern your industry, the single best thing you can do to improve compliance is to understand where your organization stands.
-[Microsoft Purview Compliance Manager](compliance-manager.md) can help you understand your organization's compliance posture and highlight areas that may need improvement. Compliance Manager uses a centralized dashboard to calculate a risk-based score, measuring your progress in completing actions that help reduce risks around data protection and regulatory standards. You can also use Compliance Manager as a tool to track all your risk assessments. It provides workflow capabilities to help you efficiently complete your risk assessments through a common tool.
+[Microsoft Purview Compliance Manager](/microsoft-365/compliance/compliance-manager) can help you understand your organization's compliance posture and highlight areas that may need improvement. Compliance Manager uses a centralized dashboard to calculate a risk-based score, measuring your progress in completing actions that help reduce risks around data protection and regulatory standards. You can also use Compliance Manager as a tool to track all your risk assessments. It provides workflow capabilities to help you efficiently complete your risk assessments through a common tool.
-For step-by-step guidance to get started with Compliance Manager, see [Get started with Compliance Manager](compliance-manager-setup.md).
+For step-by-step guidance to get started with Compliance Manager, see [Get started with Compliance Manager](/microsoft-365/compliance/compliance-manager-setup).
> [!IMPORTANT]
-> Security and compliance are tightly integrated for most organizations. ItΓÇÖs important that your organization addresses basic security, threat protection, and identity and access management areas to help provide a defense in-depth approach to both security and compliance.
+> Security and compliance are tightly integrated for most organizations. It's important that your organization addresses basic security, threat protection, and identity and access management areas to help provide a defense in-depth approach to both security and compliance.
>
-> Check your [Microsoft 365 Secure Score](../security/defender/microsoft-secure-score.md) in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a> and completing the tasks outlined in the following articles:
+> Check your [Microsoft 365 Secure Score](/microsoft-365/security/defender/microsoft-secure-score) in the <a href="https://go.microsoft.com/fwlink/p/?linkid=2077139" target="_blank">Microsoft 365 Defender portal</a> and completing the tasks outlined in the following articles:
>
-> - [Security roadmap - Top priorities for the first 30 days, 90 days, and beyond](../security/office-365-security/security-roadmap.md)
-> - [Top 12 tasks for security teams to support working from home](../security/top-security-tasks-for-remote-work.md)
+> - [Security roadmap - Top priorities for the first 30 days, 90 days, and beyond](/microsoft-365/security/office-365-security/security-roadmap)
+> - [Top 12 tasks for security teams to support working from home](/microsoft-365/security/top-security-tasks-for-remote-work)
## Task 3: Enable auditing for your organization
Now that you've determined your organization's current state and who can manage
Insights provided by the audit log are a valuable tool in helping to match your compliance requirements to solutions that can help you manage and monitor compliance areas needing improvement. Audit logging must be enabled before activities are recorded and before you can search the audit log. When enabled, user and admin activity from your organization is recorded in the audit log and retained for 90 days, and up to one year depending on the license assigned to users.
-For step-by-step instructions to turn on auditing, see [Turn audit log search on or off](turn-audit-log-search-on-or-off.md).
+For step-by-step instructions to turn on auditing, see [Turn audit log search on or off](/microsoft-365/compliance/turn-audit-log-search-on-or-off).
## Task 4: Create policies to alert you about potential compliance issues
-Microsoft provides several built-in alert policies that help identify admin permissions abuse, malware activity, potential external and internal threats, and information governance risks. These policies are turned on by default, but you may need to configure custom alerts to help manage compliance requirements specific to your organization.
+Microsoft provides several built-in alert policies that help identify admin permissions abuse, malware activity, potential external and internal threats, and data lifecycle management risks. These policies are turned on by default, but you may need to configure custom alerts to help manage compliance requirements specific to your organization.
Use alert policy and alert dashboard tools to create custom alert policies and view the alerts generated when users perform activities that match the policy conditions. Some examples could be to use alert policies to track user and admin activities affecting compliance requirements, permissions, and data loss incidents in your organization.
-For step-by-step guidance to create custom alert policies, see [Alert policies in the security and compliance center](alert-policies.md).
+For step-by-step guidance to create custom alert policies, see [Alert policies in the security and compliance center](/microsoft-365/compliance/alert-policies).
## Task 5: Classify and protect sensitive data To get their work done, people in your organization collaborate with others both inside and outside the organization. This means that content no longer stays behind a firewallΓÇöit can roam everywhere, across devices, apps, and services. And when it roams, you want it to do so in a secure, protected way that meets your organization's business and compliance policies.
-[Sensitivity labels](sensitivity-labels.md) let you classify and protect your organization's data, while making sure that user productivity and their ability to collaborate isn't hindered. Use sensitivity labels to enforce encryption and usage restrictions apply visual markings, and protect information across platforms and devices, on-premises and in the cloud.
+[Sensitivity labels](/microsoft-365/compliance/sensitivity-labels) let you classify and protect your organization's data, while making sure that user productivity and their ability to collaborate isn't hindered. Use sensitivity labels to enforce encryption and usage restrictions apply visual markings, and protect information across platforms and devices, on-premises and in the cloud.
-For step-by-step guidance to configure and use sensitivity labels, see [Get started with sensitivity labels](get-started-with-sensitivity-labels.md).
+For step-by-step guidance to configure and use sensitivity labels, see [Get started with sensitivity labels](/microsoft-365/compliance/get-started-with-sensitivity-labels).
## Task 6: Configure retention policies
-A [retention policy](retention.md) lets you proactively decide whether to retain content, delete content, or bothΓÇöretain and then delete the content at the end of a specified retention period. These actions might be needed to comply with industry regulations and internal policies, as well as reduce your risk in the event of litigation or a security breach.
+A [retention policy](/microsoft-365/compliance/retention) lets you proactively decide whether to retain content, delete content, or bothΓÇöretain and then delete the content at the end of a specified retention period. These actions might be needed to comply with industry regulations and internal policies, and to reduce your risk in the event of litigation or a security breach.
When content is subject to a retention policy, people can continue to edit and work with the content as if nothing's changed. The content is retained in place, in its original location. But if someone edits or deletes content that's subject to the retention policy, a copy of the original content is saved to a secure location where it's retained while the retention policy for that content is in effect. You can quickly put retention policies in place for multiple services in your Microsoft 365 environment that include Teams and Yammer messages, Exchange mail, SharePoint sites, and OneDrive accounts. There are no limits to the number of users, mailboxes or sites that a retention policy can automatically include. But if you need to get more selective, you can do so by configuring either an adaptive scope that's query-based to dynamically target specific instances, or a static scope that specifies specific instances to always include or always exclude.
-For step-by-step guidance to configure retention policies, see [Create and configure retention policies](create-retention-policies.md). Because retention policies form the cornerstone of a data lifecycle management strategy for Microsoft 365 apps and services, also see [Get started with data lifecycle management](get-started-with-data-lifecycle-management.md).
+For step-by-step guidance to configure retention policies, see [Create and configure retention policies](/microsoft-365/compliance/create-retention-policies). Because retention policies form the cornerstone of a data lifecycle management strategy for Microsoft 365 apps and services, also see [Get started with data lifecycle management](/microsoft-365/compliance/get-started-with-data-lifecycle-management).
-## Task 7: Configure sensitive information and offensive language policies
+## Task 7: Configure sensitive information and inappropriate language policies
-Protecting sensitive information and detecting and acting on workplace harassment incidents is an important part of compliance with internal policies and standards. [Communication compliance](communication-compliance.md) in Microsoft 365 helps minimize these risks by helping you quickly detect, capture, and take remediation actions for email and Microsoft Teams communications. These include inappropriate communications containing profanity, threats, and harassment and communications that share sensitive information inside and outside of your organization.
+Protecting sensitive information and detecting and acting on workplace harassment incidents is an important part of compliance with internal policies and standards. [Communication compliance](/microsoft-365/compliance/communication-compliance) in Microsoft Purview helps minimize these risks by helping you quickly detect, capture, and take remediation actions for email and Microsoft Teams communications. These include inappropriate communications containing profanity, threats, and harassment and communications that share sensitive information inside and outside of your organization.
-A pre-defined *Offensive language and anti-harassment* policy template allows you to scan internal and external communications for policy matches so they can be examined by designated reviewers. Reviewers can investigate scanned email, Microsoft Teams, Yammer, or third-party communications in your organization and take appropriate remediation actions to make sure they're compliant with your organization's standards.
+A pre-defined *Detect inappropriate text* policy template allows you to scan internal and external communications for policy matches so they can be examined by designated reviewers. Reviewers can investigate scanned email, Microsoft Teams, Yammer, or third-party communications in your organization and take appropriate remediation actions to make sure they're compliant with your organization's standards.
-The pre-defined *Sensitive information* policy template helps you quickly create a policy to scan email and Microsoft Teams communications containing defined sensitive information types or keywords to help make sure that important data isn't shared with people that shouldn't have access. These activities could include unauthorized communication about confidential projects or industry-specific rules on insider trading or other collusion activities.
+The pre-defined *Detect sensitive info* policy template helps you quickly create a policy to scan email and Microsoft Teams communications containing defined sensitive information types or keywords to help make sure that important data isn't shared with people that shouldn't have access. These activities could include unauthorized communication about confidential projects or industry-specific rules on insider trading or other collusion activities.
-For step-by-step guidance to plan and configure communication compliance, see [Plan for communication compliance](communication-compliance-plan.md) and [Get started with communication compliance](communication-compliance-configure.md). For communication compliance licensing information, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#communication-compliance).
+For step-by-step guidance to plan and configure communication compliance, see [Plan for communication compliance](/microsoft-365/compliance/communication-compliance-plan) and [Get started with communication compliance](/microsoft-365/compliance/communication-compliance-configure). For communication compliance licensing information, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#communication-compliance).
## Task 8: See what's happening with your sensitive items
-Sensitivity labels, sensitive information types, retention labels and policies and trainable classifiers can be used to classify and label sensitive items across Exchange, SharePoint, and OneDrive as you've seen in the previous tasks. The last step in your quick task journey is to see which items have been labeled and what actions your users are taking on those sensitive items. [content explorer](data-classification-content-explorer.md) and [activity explorer](data-classification-activity-explorer.md) provide this visibility.
+Sensitivity labels, sensitive information types, retention labels and policies and trainable classifiers can be used to classify and label sensitive items across Exchange, SharePoint, and OneDrive as you've seen in the previous tasks. The last step in your quick task journey is to see which items have been labeled and what actions your users are taking on those sensitive items. [content explorer](/microsoft-365/compliance/data-classification-content-explorer) and [activity explorer](/microsoft-365/compliance/data-classification-activity-explorer) provide this visibility.
### Content explorer
-Content explorer allows you to view, in their native format, all the items that have been classified as a sensitive information type or belonging to a certain classification by a trainable classifier, as well as all items that have sensitivity or retention label applied.
-For step-by-step guidance to using content explorer, see [Know your data - data classification overview](data-classification-overview.md), and [Get started with content explorer](data-classification-content-explorer.md).
+Content explorer allows you to view, in their native format, all the items that have been classified as a sensitive information type or belonging to a certain classification by a trainable classifier, and all items that have sensitivity or retention label applied.
+
+For step-by-step guidance to using content explorer, see [Know your data - data classification overview](/microsoft-365/compliance/data-classification-overview), and [Get started with content explorer](/microsoft-365/compliance/data-classification-content-explorer).
### Activity explorer+ Activity explorer helps you monitor what's being done with your classified and labeled sensitive items across:+ - SharePoint - Exchange - OneDrive
There are over 30 different filters available for use, some are:
- file path - DLP policy
-For step-by-step guidance to using activity explorer, see [Get started with activity explorer](data-classification-activity-explorer.md).
+For step-by-step guidance to using activity explorer, see [Get started with activity explorer](/microsoft-365/compliance/data-classification-activity-explorer).
## Next steps
-Now that youΓÇÖve configured the basics for compliance management for your organization, consider the following compliance solutions in Microsoft 365 to help you protect sensitive information and detect and act on additional insider risks.
+Now that you've configured the basics for compliance management for your organization, consider the following compliance solutions in Microsoft Purview to help you protect sensitive information and detect and act on additional insider risks.
### Configure retention labels
-Whereas retention policies automatically apply to all items at the container level (such as SharePoint sites, user mailboxes, and so on), [retention labels](retention.md#retention-labels) apply to individual items, such as a SharePoint document or an email message. You can apply these labels manually or automatically.
+Whereas retention policies automatically apply to all items at the container level (such as SharePoint sites, user mailboxes, and so on), [retention labels](/microsoft-365/compliance/retention#retention-labels) apply to individual items, such as a SharePoint document or an email message. You can apply these labels manually or automatically.
-Retention labels can be used as part of your data governance strategy to retain what you need and delete what you don't. Use these labels when you need exceptions to your retention policies when specific documents or emails need different retention or deletion settings. For example, your SharePoint policy retains all documents for three years, but specific business documents must be retained for five years. For more information, see [Create retention labels for exceptions to your retention policies](create-retention-labels-data-lifecycle-management.md).
+Retention labels can be used as part of your data governance strategy to retain what you need and delete what you don't. Use these labels when you need exceptions to your retention policies when specific documents or emails need different retention or deletion settings. For example, your SharePoint policy retains all documents for three years, but specific business documents must be retained for five years. For more information, see [Create retention labels for exceptions to your retention policies](/microsoft-365/compliance/create-retention-labels-data-lifecycle-management).
-However, retention labels, when used with [records management](records-management.md), provide many more management options to support documents and emails at the item level. This level of data management is well-suited to high-value items for business, legal, or regulatory record-keeping requirements. For more information, see [Get started with records management](get-started-with-records-management.md).
+However, retention labels, when used with [records management](/microsoft-365/compliance/records-management), provide many more management options to support documents and emails at the item level. This level of data management is well-suited to high-value items for business, legal, or regulatory record-keeping requirements. For more information, see [Get started with records management](/microsoft-365/compliance/get-started-with-records-management).
### Identify and define sensitive information types
-Define sensitive information types based on the pattern contained in information in your organizationΓÇÖs data. Use [built-in sensitive information types](./sensitive-information-type-entity-definitions.md) help identify and protect credit card numbers, bank account numbers, passport numbers, and more. Or create your own [custom sensitivity information types](create-a-custom-sensitive-information-type.md) specific to your organization.
+Define sensitive information types based on the pattern contained in information in your organization's data. Use [built-in sensitive information types](./sensitive-information-type-entity-definitions.md) help identify and protect credit card numbers, bank account numbers, passport numbers, and more. Or create your own [custom sensitivity information types](/microsoft-365/compliance/create-a-custom-sensitive-information-type) specific to your organization.
For step-by-step guidance to define custom sensitive information types, see [Create a custom sensitive information type in the Security & Compliance Center](./create-a-custom-sensitive-information-type.md). ### Prevent data loss
-[Microsoft Purview Data Loss Prevention (DLP) policies](dlp-learn-about-dlp.md) allow you to identify, monitor, and automatically protect sensitive information across your Microsoft 365 organization. Use DLP policies to identify sensitive items across Microsoft services, prevent the accidental sharing of sensitive items, and help users learn how to stay compliant without interrupting their workflow.
+[Microsoft Purview Data Loss Prevention (DLP) policies](/microsoft-365/compliance/dlp-learn-about-dlp) allow you to identify, monitor, and automatically protect sensitive information across your Microsoft 365 organization. Use DLP policies to identify sensitive items across Microsoft services, prevent the accidental sharing of sensitive items, and help users learn how to stay compliant without interrupting their workflow.
-For step-by-step guidance to configure DLP policies, [Create, test, and tune a DLP policy](create-test-tune-dlp-policy.md). For data loss management licensing information, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#office-365-data-loss-prevention-for-exchange-online-sharepoint-online-and-onedrive-for-business).
+For step-by-step guidance to configure DLP policies, [Create, test, and tune a DLP policy](/microsoft-365/compliance/create-test-tune-dlp-policy). For data loss management licensing information, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#office-365-data-loss-prevention-for-exchange-online-sharepoint-online-and-onedrive-for-business).
### Detect and act on insider risks More and more, employees have increasing access to create, manage, and share data across a broad spectrum of platforms and services. In most cases, organizations have limited resources and tools to identify and mitigate organization-wide risks while also meeting compliance requirements and employee privacy standards. These risks may include data theft by departing employees and data leaks of information outside your organization by accidental oversharing or malicious intent.
-[Insider risk management](insider-risk-management-policies.md) uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators and to take action to mitigate these risks.
+[Insider risk management](/microsoft-365/compliance/insider-risk-management-policies) uses the full breadth of service and 3rd-party indicators to help you quickly identify, triage, and act on risky user activity. By using logs from Microsoft 365 and Microsoft Graph, insider risk management allows you to define specific policies to identify risk indicators and to take action to mitigate these risks.
-For step-by-step guidance to plan and configure insider risk management policies, see [Plan for insider risk management](insider-risk-management-plan.md) and [Get started with insider risk management](insider-risk-management-configure.md). For insider risk management licensing information, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#insider-risk-management).
+For step-by-step guidance to plan and configure insider risk management policies, see [Plan for insider risk management](/microsoft-365/compliance/insider-risk-management-plan) and [Get started with insider risk management](/microsoft-365/compliance/insider-risk-management-configure). For insider risk management licensing information, see [Microsoft 365 licensing guidance for security & compliance](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-365-security-compliance-licensing-guidance#insider-risk-management).
compliance Whats New https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/whats-new.md
Whether it be adding new solutions to the [Microsoft Purview compliance portal](
> > And visit the [Microsoft 365 Roadmap](https://www.microsoft.com/microsoft-365/roadmap) to learn about Microsoft 365 features that were launched, are rolling out, are in development, have been cancelled, or previously released.
+## May 2022
+
+### Communication compliance
+
+- [Communication compliance reports and audits](communication-compliance-reports-audits.md) - updated file size limits for exported reports.
+- [Communication compliance policies](communication-compliance-policies.md) - clarified user-reported messages disable/enable process and clarified processing for Teams and Exchange.
+
+### Compliance Manager
+
+- [Alerts and alert policies](compliance-manager-alert-policies.md) - new section explaining the default score change policy for all orgs.
+- [Working with improvement actions](compliance-manager-improvement-actions.md) - clarified status states for implementation status and test status, making a distinction for the latter between automatically tested actions and manually tested actions.
+- [Templates list](compliance-manager-templates-list.md) - added two new templates in the Europe, Middle East, and Africa (EMEA) region: Qatar National Information Assurance (NIA) and UAE Data Privacy Law.
+
+### Compliance offerings & service assurance
+
+- [Microsoft Security Development Lifecycle](/compliance/assurance/assurance-microsoft-security-development-lifecycle) - new SDL assurance topic for Microsoft services.
+
+### Data lifecycle management and records management
+
+- Currently rolling out in preview: New [relabel option at the end of the retention period](retention-settings.md#relabeling-at-the-end-of-the-retention-period).
+- New deployment guidance: [Deploy a data governance solution with Microsoft Purview](data-governance-solution.md)
+- Correction in the documentation to confirm that resource mailboxes are supported for Exchange retention and deletion for both static scopes and adaptive scopes. For static scopes, resource mailboxes are included by default in an org-wide policy (the All default).
+- New documentation for end users: [Manage email storage with online archive mailboxes](https://support.services.microsoft.com/office/manage-email-storage-with-online-archive-mailboxes-1cae7d17-7813-4fe8-8ca2-9a5494e9a721)
+
+### Data loss prevention
+
+- [Send email notifications and policy tips for DLP policies](use-notifications-and-policy-tips.md) - added new information on what triggers a notification and who can receive them.
+
+### Information barriers
+
+- [Learn about information barriers](information-barriers.md), [Get started with information barriers](information-barriers-policies.md) - refactored structure of topics and added clarification for Exchange Online support and limitations, updated to include support for new IB UI experience.
+
+### Insider risk management
+
+- [Get started with insider risk management settings](insider-risk-management-settings.md) - added guidance for new Defender for Cloud App indicators, new anomaly as a triggering event in custom thresholds, new file extension prioritization and sensitivity labels policy support.
+- [Insider risk management cases](insider-risk-management-cases.md) - clarified escalation to eDiscovery case guidance.
+
+### Microsoft Priva
+
+- [Learn about the free Priva trial](/privacy/priva/priva-trial) - updated link to new universal Microsoft 365 trial terms and conditions and minor updates to clarify roles and eligibility.
+- [Get started with Priva](/privacy/priva/priva-setup) - added section indicating limitations to Priva availability.
+
+### Sensitive Information Types
+
+- [Learn about exact data match based sensitive information types](sit-learn-about-exact-data-match-based-sits.md) - from a customer escalation, added the regions that EDM is supported in and the procedures to find the region of your tenant.
+- [Create EDM SIT rule package](sit-get-started-exact-data-match-create-rule-package.md) - added 'working with specific types of data' from the schema article.
+- [Create Schema for EDM SIT](sit-get-started-exact-data-match-create-schema.md) - removed 'working with specific types of data'.
+- [Use named entities in your DLP policies](named-entities-use.md) - added support statement for Microsoft Defender for Cloud Apps.
+
+### Sensitivity labels
+
+- New option at the end of the label creation or editing process, to automatically [convert auto-labeling settings into an auto-labeling policy](apply-sensitivity-label-automatically.md#convert-your-label-settings-into-an-auto-labeling-policy).
+- Auto-labeling policies for SharePoint and OneDrive can now apply labels with encryption when the account that last modified the file no longer exists in Azure AD.
+- Container labels are supported for Office 365 Content Delivery Networks (CDNs).
+- Clarifications for [removing and deleting labels](create-sensitivity-labels.md#removing-and-deleting-labels).
+- New [common scenarios](get-started-with-sensitivity-labels.md#common-scenarios-for-sensitivity-labels):
+ - Label SQL database columns by using the same sensitivity labels as those used for files and emails so that the organization has a unified labeling solution that continues to protect structured data when it's exported
+ - Apply a sensitivity label to a file after receiving an alert that content containing personal data is being shared and needs protection
+ ## April 2022 ### Communication compliance
To meet the challenges of today's decentralized, data-rich workplace, we're intr
- [Adaptive scopes](retention.md#adaptive-or-static-policy-scopes-for-retention) for retention policies and retention label policies are now generally available (GA). The instructions for [configuring an adaptive scope](retention-settings.md#to-configure-an-adaptive-scope) now include more information for SharePoint site scopes: Blog post reference for using custom site properties and how to use the site property SiteTemplate to include or exclude specific site types with the advanced query builder. - [Policy lookup](retention.md#policy-lookup) in the data lifecycle management solution is now generally available (GA.-- PowerShell alternative to the records management setting that allows users to delete labeled items in SharePoint and OneDrive by using AllowFilesWithKeepLabelToBeDeletedSPO and AllowFilesWithKeepLabelToBeDeletedODB from [Get-PnPTenant](/powershell/module/sharepoint-pnp/get-pnptenant) and [Set-PnPTenant]( /powershell/module/sharepoint-pnp/set-pnptenant).
+- PowerShell alternative to the records management setting that allows users to delete labeled items in SharePoint and OneDrive by using AllowFilesWithKeepLabelToBeDeletedSPO and AllowFilesWithKeepLabelToBeDeletedODB from [Get-PnPTenant](https://pnp.github.io/powershell/cmdlets/Get-PnPTenant.html) and [Set-PnPTenant](https://pnp.github.io/powershell/cmdlets/Set-PnPTenant.html).
### Sensitivity labels
To meet the challenges of today's decentralized, data-rich workplace, we're intr
### Sensitivity labels - Mandatory labeling and a default label for Power BI are now generally available (GA)-
-## November 2021
-
-### Compliance Manager
-
-New content updates can be viewed in [What's new in Microsoft Purview Compliance Manager](compliance-manager-whats-new.md).
-
-### Device Onboarding
-
-The following articles were added for device onboarding:
--- [Onboard macOS devices into Microsoft 365 overview (preview)](device-onboarding-macos-overview.md)-- [Onboard and offboard macOS devices into Microsoft Purview solutions using Intune (preview)](device-onboarding-offboarding-macos-intune.md)-- [Onboard and offboard macOS devices into Compliance solutions using Intune for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-intune-mde.md)-- [Onboard and offboard macOS devices into Microsoft Purview solutions using JAMF Pro (preview)](device-onboarding-offboarding-macos-jamfpro.md)-- [Onboard and offboard macOS devices into Compliance solutions using JAMF Pro for Microsoft Defender for Endpoint customers (preview)](device-onboarding-offboarding-macos-jamfpro-mde.md)-
-### eDiscovery
--- [Use the new case format in eDiscovery (Premium)](advanced-ediscovery-new-case-format.md) new case format was released to general availability and renamed from "large case format"-
-### Retention and records management
-- Rolling out: New record management settings that control whether labeled items in SharePoint and OneDrive can be deleted by users. Previously, retention labels configured to retain content and that didn't mark items as records prevented users from deleting labeled content in SharePoint when this action was allowed in OneDrive. For more information, see [How retention works for SharePoint and OneDrive](retention-policies-sharepoint.md#how-retention-works-for-sharepoint-and-onedrive).-
-### Sensitive Information Types
-
-Added the following new articles:
--- [Learn about exact data match based sensitive information types](sit-learn-about-exact-data-match-based-sits.md)-- [Get started with exact data match based sensitive information types](sit-get-started-exact-data-match-based-sits-overview.md)-- [Export source data for exact data match based sensitive information type](sit-get-started-exact-data-match-export-data.md)-- [Create the schema for exact data match based sensitive information types](sit-get-started-exact-data-match-create-schema.md)-- [Hash and upload the sensitive information source table for exact data match sensitive information types](sit-get-started-exact-data-match-hash-upload.md)-- [Create exact data match sensitive information type/rule package](sit-get-started-exact-data-match-create-rule-package.md)-- [Test an exact data match sensitive information type](sit-get-started-exact-data-match-test.md)-- [Manage your exact data match schema](sit-use-exact-data-manage-schema.md)-- [Refresh your sensitive information source table file](sit-use-exact-data-refresh-data.md)-
-### Sensitivity labels
-- The scope name for [Microsoft Purview Data Map labels](/azure/purview/create-sensitivity-label) is now "Schematized data assets".
enterprise Portallaunchscheduler https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/PortalLaunchScheduler.md
Title: "Launch your portal using the Portal launch scheduler"
+ Title: Launch your portal using the Portal launch scheduler
search.appverid: - SPO160 - MET150
-description: "This article describes how you can launch your portal using the Portal launch scheduler"
+description: This article describes how you can launch your portal using the Portal launch scheduler.
# Launch your portal using the SharePoint Portal launch scheduler
Site permissions must be set up separately from waves as part of the launch. For
> - The number of waves required is automatically determined by the expected number of users. > - Before scheduling a portal launch, the [Page Diagnostics for SharePoint tool](https://aka.ms/perftool) must be run to verify that the home page of the site is healthy. > - At the end of the launch, all users with permissions to the site will be able to access the new site.
-> - If your organization is using [Viva Connections](/SharePoint/viva-connections), users may see your organization's icon in the Microsoft Teams app bar, however when the icon is selected users will not be able to access the portal until their wave has launched.
+> - If your organization is using [Viva Connections](https://microsoft.sharepoint.com/teams/MicrosoftViva/SitePages/Viva-Connections.aspx), users may see your organization's icon in the Microsoft Teams app bar, however when the icon is selected users will not be able to access the portal until their wave has launched.
> - This feature is not available for Office 365 Germany, Office 365 operated by 21Vianet (China), or Microsoft 365 US Government plans. ## Understand the differences between Portal launch scheduler options:
enterprise Additional Office365 Ip Addresses And Urls https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/additional-office365-ip-addresses-and-urls.md
Title: "Other endpoints not included in the Office 365 IP Address and URL Web service"
+ Title: Other endpoints not included in the Office 365 IP Address and URL Web service
Apart from DNS, these instances are all optional for most customers unless you n
|Row|Purpose|Destination|Type| ||||| |1|**[Import Service](https://support.office.com/article/use-network-upload-to-import-your-organization-pst-files-to-office-365-103f940c-0468-4e1a-b527-cc8ad13a5ea6) for PST and file ingestion**|Refer to the [Import Service](https://support.office.com/article/use-network-upload-to-import-your-organization-pst-files-to-office-365-103f940c-0468-4e1a-b527-cc8ad13a5ea6) for more requirements.|Uncommon outbound scenario|
-|2|**[Microsoft Support and Recovery Assistant for Office 365](https://diagnostics.office.com/#/)**|<https://autodiscover.outlook.com> <br> <https://officecdn.microsoft.com> <br> <https://api.diagnostics.office.com> <br> <https://apibasic.diagnostics.office.com> <br> <https://autodiscover-s.outlook.com> <br> <https://cloudcheckenabler.azurewebsites.net> <br> <https://login.live.com> <br> <https://login.microsoftonline.com> <br> <https://login.windows.net> <br> <https://o365diagtelemetry.trafficmanager.net> <br> <https://odc.officeapps.live.com> <br> <https://offcatedge.azureedge.net> <br> <https://officeapps.live.com> <br> <https://outlook.office365.com> <br> <https://outlookdiagnostics.azureedge.net>|Outbound server traffic|
+|2|**[Microsoft Support and Recovery Assistant for Office 365](https://diagnostics.office.com/#/)**|`https://autodiscover.outlook.com` <br> <https://officecdn.microsoft.com> <br> <https://api.diagnostics.office.com> <br> `https://apibasic.diagnostics.office.com` <br> <https://autodiscover-s.outlook.com> <br> `https://cloudcheckenabler.azurewebsites.net` <br> <https://login.live.com> <br> <https://login.microsoftonline.com> <br> <https://login.windows.net> <br> <https://o365diagtelemetry.trafficmanager.net> <br> <https://odc.officeapps.live.com> <br> <https://offcatedge.azureedge.net> <br> <https://officeapps.live.com> <br> <https://outlook.office365.com> <br> <https://outlookdiagnostics.azureedge.net>|Outbound server traffic|
|3|**Azure AD Connect (w/SSO option)** <p> WinRM & remote PowerShell|Customer STS environment (AD FS Server and AD FS Proxy) \| TCP ports 80 & 443|Inbound server traffic| |4|**STS** such as AD FS Proxy server(s) (for federated customers only)|Customer STS (such as AD FS Proxy) \| Ports TCP 443 or TCP 49443 w/ClientTLS|Inbound server traffic| |5|**[Exchange Online Unified Messaging/SBC integration](/exchange/voice-mail-unified-messaging/telephone-system-integration-with-um/configuration-notes-for-session-border-controllers)**|Bidirectional between on-premises Session Border Controller and \*.um.outlook.com|Outbound server-only traffic|
Apart from DNS, these instances are all optional for most customers unless you n
|20|**[Azure AD Connect](/azure/active-directory/hybrid/)** with 21 ViaNet in China to sync on-premises user accounts to Azure AD.|\*.digicert.com:80 <BR> \*.entrust.net:80 <BR> \*.chinacloudapi.cn:443 <br> secure.aadcdn.partner.microsoftonline-p.cn:443 <br> \*.partner.microsoftonline.cn:443 <p> Also see [Troubleshoot ingress with Azure AD connectivity issues](https://docs.azure.cn/zh-cn/active-directory/hybrid/tshoot-connect-connectivity).|Outbound server-only traffic| |21|**Microsoft Stream** (needs the Azure AD user token). <br> Office 365 Worldwide (including GCC)|\*.cloudapp.net <br> \*.api.microsoftstream.com <br> \*.notification.api.microsoftstream.com <br> amp.azure.net <br> api.microsoftstream.com <br> az416426.vo.msecnd.net <br> s0.assets-yammer.com <br> vortex.data.microsoft.com <br> web.microsoftstream.com <br> TCP port 443|Inbound server traffic| |22|Use **MFA server** for multi-factor authentication requests, both new installations of the server and setting it up with Active Directory Domain Services (AD DS).|See [Getting started with the Azure AD multi-factor authentication Server](/azure/active-directory/authentication/howto-mfaserver-deploy#plan-your-deployment).|Outbound server-only traffic|
-|23|**Microsoft Graph Change Notifications** <p> Developers can use [change notifications](/graph/webhooks?context=graph%2fapi%2f1.0&view=graph-rest-1.0) to subscribe to events in the Microsoft Graph.|Public Cloud: 52.159.23.209, 52.159.17.84, 52.147.213.251, 52.147.213.181, 13.85.192.59, 13.85.192.123, 13.89.108.233, 13.89.104.147, 20.96.21.67, 20.69.245.215, 137.135.11.161, 137.135.11.116, 52.159.107.50, 52.159.107.4, 52.229.38.131, 52.183.67.212, 52.142.114.29, 52.142.115.31, 51.124.75.43, 51.124.73.177, 20.44.210.83, 20.44.210.146, 40.80.232.177, 40.80.232.118, 20.48.12.75, 20.48.11.201, 104.215.13.23, 104.215.6.169, 52.148.24.136, 52.148.27.39, 40.76.162.99, 40.76.162.42, 40.74.203.28, 40.74.203.27, 13.86.37.15, 52.154.246.238, 20.96.21.98, 20.96.21.115, 137.135.11.222, 137.135.11.250, 52.159.109.205, 52.159.102.72, 52.151.30.78, 52.191.173.85, 51.104.159.213, 51.104.159.181, 51.138.90.7, 51.138.90.52, 52.148.115.48, 52.148.114.238, 40.80.233.14, 40.80.239.196, 20.48.14.35, 20.48.15.147, 104.215.18.55, 104.215.12.254, 20.199.102.157, 20.199.102.73, 13.87.81.123, 13.87.81.35, 20.111.9.46, 20.111.9.77, 13.87.81.133, 13.87.81.141 <p> Microsoft Cloud for US Government: 52.244.33.45, 52.244.35.174, 52.243.157.104, 52.243.157.105, 52.182.25.254, 52.182.25.110, 52.181.25.67, 52.181.25.66, 52.244.111.156, 52.244.111.170, 52.243.147.249, 52.243.148.19, 52.182.32.51, 52.182.32.143, 52.181.24.199, 52.181.24.220 <p> Microsoft Cloud China operated by 21Vianet: 42.159.72.35, 42.159.72.47, 42.159.180.55, 42.159.180.56, 40.125.138.23, 40.125.136.69, 40.72.155.199, 40.72.155.216 <br> TCP port 443 <p> Note: Developers can specify different ports when creating the subscriptions.|Inbound server traffic|
+|23|**Microsoft Graph Change Notifications** <p> Developers can use [change notifications](/graph/webhooks?context=graph%2fapi%2f1.0&view=graph-rest-1.0&preserve-view=true) to subscribe to events in the Microsoft Graph.|Public Cloud: 52.159.23.209, 52.159.17.84, 52.147.213.251, 52.147.213.181, 13.85.192.59, 13.85.192.123, 13.89.108.233, 13.89.104.147, 20.96.21.67, 20.69.245.215, 137.135.11.161, 137.135.11.116, 52.159.107.50, 52.159.107.4, 52.229.38.131, 52.183.67.212, 52.142.114.29, 52.142.115.31, 51.124.75.43, 51.124.73.177, 20.44.210.83, 20.44.210.146, 40.80.232.177, 40.80.232.118, 20.48.12.75, 20.48.11.201, 104.215.13.23, 104.215.6.169, 52.148.24.136, 52.148.27.39, 40.76.162.99, 40.76.162.42, 40.74.203.28, 40.74.203.27, 13.86.37.15, 52.154.246.238, 20.96.21.98, 20.96.21.115, 137.135.11.222, 137.135.11.250, 52.159.109.205, 52.159.102.72, 52.151.30.78, 52.191.173.85, 51.104.159.213, 51.104.159.181, 51.138.90.7, 51.138.90.52, 52.148.115.48, 52.148.114.238, 40.80.233.14, 40.80.239.196, 20.48.14.35, 20.48.15.147, 104.215.18.55, 104.215.12.254, 20.199.102.157, 20.199.102.73, 13.87.81.123, 13.87.81.35, 20.111.9.46, 20.111.9.77, 13.87.81.133, 13.87.81.141 <p> Microsoft Cloud for US Government: 52.244.33.45, 52.244.35.174, 52.243.157.104, 52.243.157.105, 52.182.25.254, 52.182.25.110, 52.181.25.67, 52.181.25.66, 52.244.111.156, 52.244.111.170, 52.243.147.249, 52.243.148.19, 52.182.32.51, 52.182.32.143, 52.181.24.199, 52.181.24.220 <p> Microsoft Cloud China operated by 21Vianet: 42.159.72.35, 42.159.72.47, 42.159.180.55, 42.159.180.56, 40.125.138.23, 40.125.136.69, 40.72.155.199, 40.72.155.216 <br> TCP port 443 <p> Note: Developers can specify different ports when creating the subscriptions.|Inbound server traffic|
|24|**Network Connection Status Indicator**<p>Used by Windows 10 and 11 to determine if the computer is connected to the internet (does not apply to non-Windows clients). When this URL cannot be reached, Windows will assume it is not connected to the Internet and M365 Apps for Enterprise will not try to verify activation status, causing connections to Exchange and other services to fail.|www.msftconnecttest.com <br> 13.107.4.52<p>Also see [Manage connection endpoints for Windows 11 Enterprise](/windows/privacy/manage-windows-11-endpoints) and [Manage connection endpoints for Windows 10 Enterprise, version 21H2](/windows/privacy/manage-windows-21h2-endpoints).|Outbound server-only traffic| |
enterprise Assign Licenses To User Accounts With Microsoft 365 Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/assign-licenses-to-user-accounts-with-microsoft-365-powershell.md
Title: "Assign Microsoft 365 licenses to user accounts with PowerShell"
+ Title: Assign Microsoft 365 licenses to user accounts with PowerShell
enterprise Configure Services And Applications https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/configure-services-and-applications.md
Title: "Configure Microsoft 365 Enterprise services and applications"
+ Title: Configure Microsoft 365 Enterprise services and applications
enterprise Create User Accounts With Microsoft 365 Powershell https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/create-user-accounts-with-microsoft-365-powershell.md
When you create user accounts in PowerShell, certain account properties are alwa
|**UserPrincipalName** <br/> |Yes <br/> |This is the account name that's used to sign in to Microsoft 365 services. For example, *CalebS\@contoso.onmicrosoft.com*. <br/> | |**FirstName** <br/> |No <br/> || |**LastName** <br/> |No <br/> ||
-|**LicenseAssignment** <br/> |No <br/> |This is the licensing plan (also known as the license plan or SKU) from which an available license is assigned to the user account. The license defines the Microsoft 365 services that are available to the account. You don't have to assign a license to a user when you create the account, but the account must have a license to access Microsoft 365 services. You have 30 days to license the user account after you create it. |
+|**LicenseAssignment** <br/> |No <br/> |This is the licensing plan (also known as the [license plan or SKU](/azure/active-directory/enterprise-users/licensing-service-plan-reference)) from which an available license is assigned to the user account. The license defines the Microsoft 365 services that are available to the account. You don't have to assign a license to a user when you create the account, but the account must have a license to access Microsoft 365 services. You have 30 days to license the user account after you create it. |
|**Password** <br/> |No <br/> | If you don't specify a password, a random password is assigned to the user account, and the password is visible in the results of the command. If you specify a password, it needs to be 8 to 16 ASCII text characters of the following types: lowercase letters, uppercase letters, numbers, and symbols.<br/> | |**UsageLocation** <br/> |No <br/> |This is a valid ISO 3166-1 alpha-2 country code. For example, *US* for the United States, and *FR* for France. It's important to provide this value, because some Microsoft 365 services aren't available in certain countries. You can't assign a license to a user account unless the account has this value configured. For more information, see [About license restrictions](https://go.microsoft.com/fwlink/p/?LinkId=691730).<br/> |
New-MsolUser -DisplayName <display name> -FirstName <first name> -LastName <last
>PowerShell Core doesn't support the Microsoft Azure Active Directory Module for Windows PowerShell module and cmdlets that have *Msol* in their name. Run these cmdlets from Windows PowerShell. >
-To list the available licensing plan names, use this command:
+To list the available [licensing plan names](/azure/active-directory/enterprise-users/licensing-service-plan-reference), use this command:
````powershell Get-MsolAccountSku
New-MsolUser -DisplayName "Caleb Sills" -FirstName Caleb -LastName Sills -UserPr
[Manage Microsoft 365 with PowerShell](manage-microsoft-365-with-microsoft-365-powershell.md)
-[Getting started with PowerShell for Microsoft 365](getting-started-with-microsoft-365-powershell.md)
+[Getting started with PowerShell for Microsoft 365](getting-started-with-microsoft-365-powershell.md)
enterprise Cross Tenant Mailbox Migration https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/cross-tenant-mailbox-migration.md
To obtain the tenant ID of a subscription, sign in to the [Microsoft 365 admin c
# Enable customization if tenant is dehydrated $dehydrated=Get-OrganizationConfig | select isdehydrated
- if ($dehydrated -eq $true) {Enable-OrganizationCustomization}
+ if ($dehydrated.isdehydrated -eq $true) {Enable-OrganizationCustomization}
$AppId = "[guid copied from the migrations app]" $Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $AppId, (ConvertTo-SecureString -String "[this is your secret password you saved in the previous steps]" -AsPlainText -Force) New-MigrationEndpoint -RemoteServer outlook.office.com -RemoteTenant "sourcetenant.onmicrosoft.com" -Credentials $Credential -ExchangeRemoteMove:$true -Name "[the name of your migration endpoint]" -ApplicationId $AppId
enterprise High Availability Federated Authentication Phase 2 Configure Domain Controllers https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/high-availability-federated-authentication-phase-2-configure-domain-controllers.md
Title: "High availability federated authentication Phase 2 Configure domain controllers"
+ Title: High availability federated authentication Phase 2 Configure domain controllers
First, you need to fill out the **Virtual machine name** column of Table M and m
**Table M - Virtual machines for the high availability federated authentication for Microsoft 365 in Azure**
-For the complete list of virtual machine sizes, see [Sizes for virtual machines](/azure/virtual-machines/virtual-machines-windows-sizes).
+For the complete list of virtual machine sizes, see [Sizes for virtual machines](/azure/virtual-machines/sizes).
The following Azure PowerShell command block creates the virtual machines for the two domain controllers. Specify the values for the variables, removing the \< and > characters. Note that this Azure PowerShell command block uses values from the following tables:
enterprise Managing Office 365 Endpoints https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/managing-office-365-endpoints.md
Title: "Managing Office 365 endpoints"
+ Title: Managing Office 365 endpoints
Office 365 doesn't provide IP addresses of all required network endpoints. Some
[Microsoft Public IP Space](https://www.microsoft.com/download/details.aspx?id=53602)
-[Network infrastructure requirements for Microsoft Intune](/intune/get-started/network-infrastructure-requirements-for-microsoft-intune)
+[Network infrastructure requirements for Microsoft Intune](/mem/intune/fundamentals/intune-endpoints)
[ExpressRoute and Power BI](https://powerbi.microsoft.com/documentation/powerbi-admin-power-bi-expressroute/)
enterprise Microsoft 365 Network Connectivity Principles https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-network-connectivity-principles.md
Title: "Microsoft 365 network connectivity principles"
+ Title: Microsoft 365 network connectivity principles
In the new model, endpoints are segregated into three categories, **Optimize**,
- Ensure that IP addresses returned by DNS name resolution match the routing egress path for these endpoints. - Prioritize these endpoints for SD-WAN integration for direct, minimal latency routing into the nearest Internet peering point of the Microsoft global network. -- **Default** endpoints represent Office 365 services and dependencies that do not require any optimization, and can be treated by customer networks as normal Internet bound traffic. Some endpoints in this category may not be hosted in Microsoft datacenters. Examples include *https://odc.officeapps.live.com* and *https://appexsin.stb.s-msn.com*.
+- **Default** endpoints represent Office 365 services and dependencies that do not require any optimization, and can be treated by customer networks as normal Internet bound traffic. Some endpoints in this category may not be hosted in Microsoft datacenters. Examples include *https://odc.officeapps.live.com* and *`https://appexsin.stb.s-msn.com`*.
For more information about Office 365 network optimization techniques, see the article [Managing Office 365 endpoints](managing-office-365-endpoints.md).
enterprise Microsoft 365 Vpn Implement Split Tunnel https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-vpn-implement-split-tunnel.md
Title: "Implementing VPN split tunneling for Microsoft 365"
+ Title: Implementing VPN split tunneling for Microsoft 365
This section provides links to detailed guides for implementing split tunneling
- **Cisco Anyconnect**: [Optimize Anyconnect Split Tunnel for Office365](https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/215343-optimize-anyconnect-split-tunnel-for-off.html) - **Palo Alto GlobalProtect**: [Optimizing Microsoft 365 Traffic via VPN Split Tunnel Exclude Access Route](https://live.paloaltonetworks.com/t5/Prisma-Access-Articles/GlobalProtect-Optimizing-Office-365-Traffic/ta-p/319669) - **F5 Networks BIG-IP APM**: [Optimizing Microsoft 365 traffic on Remote Access through VPNs when using BIG-IP APM](https://devcentral.f5.com/s/articles/SSL-VPN-Split-Tunneling-and-Office-365)-- **Citrix Gateway**: [Optimizing Citrix Gateway VPN split tunnel for Office365](https://docs.citrix.com/citrix-gateway/13/optimizing-citrix-gateway-vpn-split-tunnel-for-office365.html)
+- **Citrix Gateway**: [Optimizing Citrix Gateway VPN split tunnel for Office365](https://docs.citrix.com/en-us/citrix-gateway/current-release/optimizing-citrix-gateway-vpn-split-tunnel-for-office365.html)
- **Pulse Secure**: [VPN Tunneling: How to configure split tunneling to exclude Microsoft 365 applications](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44417) - **Check Point VPN**: [How to configure Split Tunnel for Microsoft 365 and other SaaS Applications](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk167000)
enterprise Move Sharepoint Between Geo Locations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/move-sharepoint-between-geo-locations.md
Title: "Move a SharePoint site to a different geo location"
+ Title: Move a SharePoint site to a different geo location
Time must be specified in Coordinated Universal Time (UTC) for both parameters.
SharePoint site geo move requires that you connect and perform the move from the SharePoint Admin URL in the geo location where the site is.
-For example, if the site URL is <https://contosohealthcare.sharepoint.com/sites/Turbines>, connect to the SharePoint Admin URL at <https://contosohealthcare-admin.sharepoint.com>:
+For example, if the site URL is `https://contosohealthcare.sharepoint.com/sites/Turbines`, connect to the SharePoint Admin URL at `https://contosohealthcare-admin.sharepoint.com`:
```powershell Connect-SPOService -Url https://contosohealthcare-admin.sharepoint.com
This will return *Success* if the site is ready to be moved or *Fail* if any of
By default, initial URL for the site will change to the URL of the destination geo location. For example:
-<https://Contoso.sharepoint.com/sites/projectx> to <https://ContosoEUR.sharepoint.com/sites/projectx>
+`https://Contoso.sharepoint.com/sites/projectx` to `https://ContosoEUR.sharepoint.com/sites/projectx`
For sites with no Microsoft 365 group association, you can also rename the site by using the `-DestinationUrl` parameter. For example:
-<https://Contoso.sharepoint.com/sites/projectx> to <https://ContosoEUR.sharepoint.com/sites/projecty>
+<https://Contoso.sharepoint.com/sites/projectx> to `https://ContosoEUR.sharepoint.com/sites/projecty`
To start the site move, run:
enterprise Multi Geo Add Group With Pdl https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/multi-geo-add-group-with-pdl.md
Title: "Create a Microsoft 365 Group with a specific preferred data location"
+ Title: Create a Microsoft 365 Group with a specific preferred data location
f1.keywords:
- NOCSH ms.localizationpriority: medium
-description: "Learn how to create a Microsoft 365 group with a specified preferred data location in a multi-geo environment."
+description: Learn how to create a Microsoft 365 group with a specified preferred data location in a multi-geo environment.
- seo-marvel-apr2020 - admindeeplinkSPO
-# Create a Microsoft 365 Group with a specific preferred data location
+# Create a Microsoft 365 group with a specific preferred data location
-When users in a multi-geo environment create a Microsoft 365 Group, the group preferred data location (PDL) is automatically set to that of the user. Global, SharePoint, and Exchange Administrators can create groups in any region they select.
+When users in a multi-geo environment create a Microsoft 365 group, the group preferred data location (PDL) is automatically set to that of the user. Global, SharePoint, and Exchange Administrators can create groups in any region they select.
If you need to create a group with a specific PDL, you can do that using from the <a href="https://go.microsoft.com/fwlink/?linkid=2185219" target="_blank">SharePoint admin center</a> or through the Exchange Online New-UnifiedGroup Microsoft PowerShell cmdlet. When you do this, both the group mailbox and SharePoint site associated with the group will be provisioned in the specified PDL.
-To create a Microsoft 365 Group with the PDL that you specify, go to the <a href="https://go.microsoft.com/fwlink/?linkid=2185219" target="_blank">SharePoint admin center</a> in the geo location where you want to create the group site.
+To create a Microsoft 365 group with the PDL that you specify, go to the <a href="https://go.microsoft.com/fwlink/?linkid=2185219" target="_blank">SharePoint admin center</a> in the geo location where you want to create the group site.
For example:
-If you want to create a group site in your Australia location, you can go to https://ContosoAUS-admin.sharepoint.com/_layouts/15/online/AdminHome.aspx#/siteManagement
+If you want to create a group site in your Australia location, you can go to `https://ContosoAUS-admin.sharepoint.com/_layouts/15/online/AdminHome.aspx#/siteManagement`
1. Select **+ Create**. 2. Follow the process to create a group site.
enterprise Multi Geo Tenant Configuration https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/multi-geo-tenant-configuration.md
Title: "Microsoft 365 Multi-Geo tenant configuration"
+ Title: Microsoft 365 Multi-Geo tenant configuration
If your company's users are not synchronized from an on-premises Active Director
The procedures in this section require the [Microsoft Azure Active Directory Module for Windows PowerShell Module](https://www.powershellgallery.com/packages/MSOnline/1.1.166.0). If you already have this module installed, please ensure you update to the latest version.
-1. [Connect and sign in](/powershell/connect-to-microsoft-365-powershell.md#connect-with-the-microsoft-azure-active-directory-module-for-windows-powershell) with a set of global administrator credentials for your tenant.
+1. [Connect and sign in](/connect-to-microsoft-365-powershell?view=o365-worldwide#connect-with-the-microsoft-azure-active-directory-module-for-windows-powershell&preserve-view=true) with a set of global administrator credentials for your tenant.
-2. Use the [Set-MsolUser](/powershell/msonline/v1/set-msoluser) cmdlet to set the preferred data location for each of your users. For example:
+2. Use the [Set-MsolUser](/powershell/module/msonline/set-msoluser?view=azureadps-1.0&preserve-view=true) cmdlet to set the preferred data location for each of your users. For example:
```powershell Set-MsolUser -UserPrincipalName Robyn.Buckley@Contoso.com -PreferredDatalocation EUR
Select OneDrive from the Microsoft 365 app launcher and confirm that you are aut
**OneDrive Mobile App**:
-Log into your OneDrive mobile App with your test account credentials. Confirm that you can see your OneDrive for Business files and can interact with them from your mobile device.
+Log in to your OneDrive mobile App with your test account credentials. Confirm that you can see your OneDrive for Business files and can interact with them from your mobile device.
**OneDrive sync client**:
enterprise Navigation Options For Sharepoint Online https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/navigation-options-for-sharepoint-online.md
Title: "Navigation options for SharePoint Online"
+ Title: Navigation options for SharePoint Online
Under **Site Settings** > **Look and Feel** > **Navigation**, you can validate i
Caching can be enabled or disabled at the site collection level and at the site level, and is enabled for both by default. To enable at the site collection level, under **Site Settings** > **Site Collection Administration** > **Site Collection Navigation**, check the box for **Enable caching**.
-![Enable caching at site level.](../media/structural-nav/structural-nav-caching-site-coll.png)
+![Enable caching at site collection level.](../media/structural-nav/structural-nav-caching-site-coll.png)
To enable at the site level, under **Site Settings** > **Navigation**, check the box for **Enable caching**.
The [above code](#about-the-javascript-file) has the following dependencies:
- jQuery - https://jquery.com/ - KnockoutJS - https://knockoutjs.com/-- Linq.js - https://linqjs.codeplex.com/, or github.com/neuecc/linq.js
+- Linq.js - `https://linqjs.codeplex.com/`, or github.com/neuecc/linq.js
The current version of LinqJS does not contain the ByHierarchy method used in the above code and will break the navigation code. To fix this, add the following method to the Linq.js file before the line `Flatten: function ()`.
enterprise Page Diagnostics For Spo https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/page-diagnostics-for-spo.md
Title: "Use the Page Diagnostics tool for SharePoint Online"
+ Title: Use the Page Diagnostics tool for SharePoint Online
The Page Diagnostics tool is designed to analyze SharePoint site pages only, not
This isn't an error in the tool as there's no value in assessing libraries or system pages. Please navigate to a SharePoint site page to use the tool. If this error occurs on a SharePoint page, please check the master page to ensure that the SharePoint metatags haven't been removed.
-To provide feedback about the tool, select the ellipsis at the top right corner of the tool and then select [Give feedback](https://go.microsoft.com/fwlink/?linkid=874109).
+To provide feedback about the tool, select the ellipsis at the top right corner of the tool and then select **Give feedback**.
> [!div class="mx-imgBorder"] > ![Give feedback.](../media/page-diagnostics-for-spo/pagediag-feedback.png)
enterprise Project Server 2007 End Of Support https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/project-server-2007-end-of-support.md
Title: "Project Server 2007 end of support roadmap"
+ Title: Project Server 2007 end of support roadmap
search.appverid:
- PJU120 - PJW120 ms.assetid: d379018f-72b7-4284-b40a-6c23c8ae38fe
-description: "On October 10, 2017, support ended for Project Server 2007, Project Portfolio Server, and Project 2007. Use this article to plan your upgrade now."
+description: On October 10, 2017, support ended for Project Server 2007, Project Portfolio Server, and Project 2007. Use this article to plan your upgrade now.
# Project Server 2007 end of support roadmap
Additional resources:
After you verify that your data migrated successfully, the next step is to migrate to Project Server 2016.
-For a comprehensive description of what you need to do to upgrade from Project Server 2013 to Project Server 2016, see [Upgrade to Project Server 2016](//project/upgrading-to-project-server-2016).
+For a comprehensive description of what you need to do to upgrade from Project Server 2013 to Project Server 2016, see [Upgrade to Project Server 2016](/project/upgrading-to-project-server-2016).
Key resources:
enterprise Protect Your Global Administrator Accounts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/protect-your-global-administrator-accounts.md
Microsoft provides capabilities to help protect your organization, but they're e
3. Protect privileged accounts with Zero Trust identity and device access recommendations.
+> [!NOTE]
+> To secure your privileged roles, check out [Best practices for Azure AD roles](/azure/active-directory/roles/best-practices) to secure privileged access to your tenant.
+ ## 1. Create dedicated, privileged, cloud-based user accounts and use them only when necessary Instead of using everyday user accounts that have been assigned administrator roles, create dedicated user accounts that have the admin roles in Azure AD.
Multi-factor authentication (MFA) requires additional information beyond the acc
- A smart card (virtual or physical) (requires federated authentication) - A biometric device - Oauth token-- >[!Note] >For organizations that must adhere to National Institute of Standards and Technology (NIST) standards, the use of a phone call or text message-based additional verification methods are restricted. Click [here](https://pages.nist.gov/800-63-FAQ/#q-b01) for the details.
enterprise Sharepoint 2007 End Of Support https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/sharepoint-2007-end-of-support.md
Title: "SharePoint Server 2007 end of support roadmap"
+ Title: SharePoint Server 2007 end of support roadmap
Make sure your environment meets hardware and software requirements, and then fo
- **Hardware/software requirements for**:
- [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/hardware-and-software-requirements-0) | [SharePoint Server 2016](/SharePoint/install/hardware-and-software-requirements)
+ [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2013](/sharepoint/install/hardware-software-requirements-2013) | [SharePoint Server 2016](/SharePoint/install/hardware-and-software-requirements)
- **Software boundaries and limits for**:
- [SharePoint Server 2007](/previous-versions/office/sharepoint-2007-products-and-technologies/cc262787(v=office.12)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262787(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/software-boundaries-and-limits) | [SharePoint Server 2016](/SharePoint/install/software-boundaries-and-limits-0)
+ [SharePoint Server 2007](/previous-versions/office/sharepoint-2007-products-and-technologies/cc262787(v=office.12)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262787(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/software-boundaries-and-limits) | [SharePoint Server 2016](/sharepoint/install/software-boundaries-limits-2019)
- **The upgrade process overview for**:
Make sure that your environment meets hardware and software requirements. Then f
- **Hardware/software requirements for:**
- [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/hardware-and-software-requirements-0) | [SharePoint Server 2016](/SharePoint/install/hardware-and-software-requirements)
+ [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262485(v=office.14)) | [SharePoint Server 2013](/sharepoint/install/hardware-software-requirements-2013) | [SharePoint Server 2016](/SharePoint/install/hardware-and-software-requirements)
- **Software boundaries and limits for:**
- [SharePoint Server 2007](/previous-versions/office/sharepoint-2007-products-and-technologies/cc262787(v=office.12)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262787(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/software-boundaries-and-limits) | [SharePoint Server 2016](/SharePoint/install/software-boundaries-and-limits-0)
+ [SharePoint Server 2007](/previous-versions/office/sharepoint-2007-products-and-technologies/cc262787(v=office.12)) | [SharePoint Server 2010](/previous-versions/office/sharepoint-server-2010/cc262787(v=office.14)) | [SharePoint Server 2013](/SharePoint/install/software-boundaries-and-limits) | [SharePoint Server 2016](/sharepoint/install/software-boundaries-limits-2019)
- **The upgrade process overview for:**
enterprise Tenant Roadmap Microsoft 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/tenant-roadmap-microsoft-365.md
To plan for your tenant implementation:
- [Plan for client app support](microsoft-365-client-support-certificate-based-authentication.md) - [Determine how to use hybrid modern authentication](hybrid-modern-auth-overview.md) - [Plan for Office 2007 and Office 2010 upgrades](plan-upgrade-previous-versions-office.md)-- [Understand tenant isolation](/compliance/assurance/microsoft-365-isolation-controls)
+- [Understand tenant isolation](/microsoft-365-isolation-in-microsoft-365?view=o365-worldwide&preserve-view=true)
### Deploy
enterprise Use Powershell To Perform A Staged Migration To Microsoft 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/use-powershell-to-perform-a-staged-migration-to-microsoft-365.md
Title: "Use PowerShell to perform a staged migration to Microsoft 365"
Previously updated : 07/17/2020 Last updated : 06/07/2022 audience: Admin
You can use the **New-MigrationBatch** cmdlet in Exchange Online PowerShell to c
New-MigrationBatch -Name StagedBatch1 -SourceEndpoint StagedEndpoint -AutoStart ```
-This example also creates a migration batch called "StagedBatch1" and uses the migration endpoint that was created in the previous step. Because the _AutoStart_ parameter isn't included, the migration batch has to be manually started on the migration dashboard or by using **Start-MigrationBatch** cmdlet. As previously stated, only one cutover migration batch can exist at a time.
+This example also creates a migration batch called "StagedBatch1" and uses the migration endpoint that was created in the previous step. Because the _AutoStart_ parameter isn't included, the migration batch has to be manually started on the migration dashboard or by using **Start-MigrationBatch** cmdlet. As previously stated, only one cutover migration batch can exist at a time.
```powershell New-MigrationBatch -Name StagedBatch1 -SourceEndpoint StagedEndpoint
Activate Microsoft 365 user accounts for the migrated accounts by assigning lice
- **Decommission on-premises Exchange servers.** After you've verified that all email is being routed directly to the Microsoft 365 mailboxes, and you no longer need to maintain your on-premises email organization or don't plan on implementing an SSO solution, you can uninstall Exchange from your servers and remove your on-premises Exchange organization.
- For more information, see the following:
+> [!NOTE]
+> Decommissioning Exchange can have unintended consequences. Before decommissioning your on-premises Exchange organization, we recommend that you contact Microsoft Support.
+
+For more information, see the following:
- - [Modify or Remove Exchange 2010](/previous-versions/office/exchange-server-2010/ee332361(v=exchg.141))
+- [Modify or Remove Exchange 2010](/previous-versions/office/exchange-server-2010/ee332361(v=exchg.141))
- - [How to Remove an Exchange 2007 Organization](/previous-versions/office/exchange-server-2007/aa998313(v=exchg.80))
+- [How to Remove an Exchange 2007 Organization](/previous-versions/office/exchange-server-2007/aa998313(v=exchg.80))
- - [How to Uninstall Exchange Server 2003](/previous-versions/tn-archive/bb125110(v=exchg.65))
+- [How to Uninstall Exchange Server 2003](/previous-versions/tn-archive/bb125110(v=exchg.65))
enterprise Use Powershell To Perform An Imap Migration To Microsoft 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/use-powershell-to-perform-an-imap-migration-to-microsoft-365.md
The following restrictions apply to IMAP migrations:
### Step 1: Prepare for an IMAP migration <a name="BK_Step1"> </a> -- **If you have a domain for you IMAP organization, add it as an accepted domain of your Microsoft 365 organization.** If you want to use the same domain you already own for your Microsoft 365 mailboxes, you first have to add it as an accepted domain to Microsoft 365. After you have added it, you can create your users in Microsoft 365. For more information, see[Verify your domain](../admin/setup/add-domain.md).
+- **If you have a domain for your IMAP organization, add it as an accepted domain of your Microsoft 365 organization.** If you want to use the same domain you already own for your Microsoft 365 mailboxes, you first have to add it as an accepted domain to Microsoft 365. After you have added it, you can create your users in Microsoft 365. For more information, see[Verify your domain](../admin/setup/add-domain.md).
- **Add each user to Microsoft 365 so that they have a mailbox.** For instructions, see[Add users to Microsoft 365 for business](../admin/add-users/add-users.md).
For more information about the **Get-MigrationBatch** cmdlet, see[Get-MigrationB
## See also
-[IMAP Migration Troubleshooter](/exchange/troubleshoot/move-or-migrate-mailboxes/troubleshoot-issues-with-imap-mailbox-migration)
+[IMAP Migration Troubleshooter](/exchange/troubleshoot/move-or-migrate-mailboxes/troubleshoot-issues-with-imap-mailbox-migration)
security TOC https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/TOC.md
###### [Run antivirus scan](respond-machine-alerts.md#run-microsoft-defender-antivirus-scan-on-devices) ###### [Restrict app execution](respond-machine-alerts.md#restrict-app-execution) ###### [Isolate devices from the network](respond-machine-alerts.md#isolate-devices-from-the-network)
+###### [Contain devices from the network](respond-machine-alerts.md#contain-devices-from-the-network)
###### [Consult a threat expert](respond-machine-alerts.md#consult-a-threat-expert) ###### [Check activity details in Action center](respond-machine-alerts.md#check-activity-details-in-action-center)
security Respond Machine Alerts https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/respond-machine-alerts.md
ms.technology: mde
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] **Applies to:**+ - [Microsoft Defender for Endpoint Plans 1 and 2](defender-endpoint-plan-1-2.md) - [Microsoft Defender for Business](/microsoft-365/security/defender-business/mdb-overview) + Quickly respond to detected attacks by isolating devices or collecting an investigation package. After taking action on devices, you can check activity details on the Action center. Response actions run along the top of a specific device page and include:
Response actions run along the top of a specific device page and include:
- Run antivirus scan - Restrict app execution - Isolate device
+- Contain device
- Consult a threat expert - Action center
When a device is being isolated, the following notification is displayed to info
:::image type="content" source="images/atp-notification-isolate.png" alt-text="A no network connection message" lightbox="images/atp-notification-isolate.png":::
+## Contain devices from the network
+
+When you have identified an unmanaged device that is compromised or potentially compromised, you might want to contain that device from the network. When you contain a device any Microsoft Defender for Endpoint onboarded device will block incoming and outgoing communication with that device. This action can help prevent neighboring devices from becoming compromised while the security operations analyst locates, identifies, and remediates the threat on the compromised device.
+
+> [!NOTE]
+> Blocking incoming and outgoing communication with a 'contained' device is supported on onboarded Microsoft Defender for Endpoint Windows 10 and Windows Server 2019+ devices.
+
+### How to contain a device
+
+1. Go to the **Device inventory** page and select the device to contain
+2. Select **Contain device** from the actions menu in the device flyout
++
+3. On the contain device popup, type a comment, and select **Confirm**.
++
+### Contain a device from the device page
+
+A device can also be contained from the device page by selecting **Contain device** from the action bar:
++
+> [!NOTE]
+>It can take up to 5 minutes for the details about a newly contained device to reach Microsoft Defender for Endpoint onboarded devices.
+
+> [!Important]
+>
+> - If a contained device changes its IP address, then all Microsoft Defender for Endpoint onboarded devices will recognize this and start blocking communications with the new IP address. The original IP address will no longer be blocked (It may take up to 5 mins to see these changes).
+>
+> - In cases where the contained deviceΓÇÖs IP is used by another device on the network, there will be a warning while containing the device, with a link to advanced hunting (with a pre-populated query). This will provide visibility to the other devices using the same IP to help you make a conscious decision if youΓÇÖd like to continue with containing the device.
+>
+> - In cases where the contained device is a network device, a warning will appear with a message that this may cause network connectivity issues (for example, containing a router that is acting as a default gateway). At this point, youΓÇÖll be able to choose whether to contain the device or not.
+
+After you contain a device, if the behavior isn't as expected, verify the Base Filtering Engine(BFE) service is enabled on the Defender for Endpoint onboarded devices.
+
+### Stop containing a device
+
+You'll be able to stop containing a device at any time.
+
+1. Select the device from the **Device inventory** or open the device page
+2. Select **Release from containment** from the action menu
+
+This action will restore this device's connection to the network.
+ ## Consult a threat expert You can consult a Microsoft threat expert for more insights regarding a potentially compromised device or already compromised ones. Microsoft Threat Experts can be engaged directly from within the Microsoft 365 Defender for timely and accurate response. Experts provide insights not just regarding a potentially compromised device, but also to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, or a threat intelligence context that you see on your portal dashboard.
security Microsoft 365 Defender https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-365-defender.md
- intro-overview ms.technology: m365d
+adobe-target: true
# Microsoft 365 Defender
security Find And Release Quarantined Messages As A User https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/find-and-release-quarantined-messages-as-a-user.md
description: Users can learn how to view and manage quarantined messages in Exchange Online Protection (EOP) that should have been delivered to them. ms.technology: mdo ms.prod: m365-security
+adobe-target: true
# Find and release quarantined messages as a user in EOP
security Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/overview.md
description: Security in Office 365, from EOP to Defender for Office 365 Plans 1 and 2, Standard vs. Strict security configurations, and more. Understand what you have, and how to secure your properties. ms.technology: mdo ms.prod: m365-security
+adobe-target: true
# Microsoft Defender for Office 365 security overview
security View Email Security Reports https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/view-email-security-reports.md
No details table is available below the chart.
If you click **Filter**, the following filters are available: - **Date (UTC)** **Start date** and **End date**.-- **Detection**:
- - **Email malware**
- - **Email phish**
- - **Email spam**
- - **Content malware**
+- **Detection**: The same values as in the chart.
- **Protected by**: **MDO** (Defender for Office 365) and **EOP**. - **Tag**: **All** or the specified user tag (including priority accounts). For more information about user tags, see [User tags](user-tags.md). - **Direction**:
When you're finished configuring the filters, click **Apply**, **Cancel**, or **
In the **View data by Email \> Phish** and **Chart breakdown by Detection Technology** view, the following information is shown in the chart: -- **URL malicious reputation**<sup>\*</sup>: Malicious URL reputation generated from Defender for Office 365 detonations in other Microsoft 365 customers. - **Advanced filter**: Phishing signals based on machine learning.
+- **Campaign**<sup>\*</sup>: Messages identified as part of a [campaign](campaigns.md).
+- **File detonation**<sup>\*</sup>: [Safe Attachments](safe-attachments.md) detected a malicious attachment during detonation analysis.
+- **File detonation reputation**<sup>\*</sup>: File attachments previously detected by [Safe Attachments](safe-attachments.md) detonations in other Microsoft 365 organizations.
+- **File reputation**: The message contains a file that was previously identified as malicious in other Microsoft 365 organizations.
+- **Fingerprint matching**: The message closely resembles a previous detected malicious message.
- **General filter**: Phishing signals based on analyst rules.-- **Spoof intra-org**: Sender is trying to spoof the recipient domain.-- **Spoof external domain**: Sender is trying to spoof some other domain.-- **Spoof DMARC**: DMARC authentication failure on messages.-- **Impersonation brand**: Impersonation of well-known brands based on senders.-- **Mixed analysis detection**-- **File reputation**-- **Fingerprint matching**-- **URL detonation reputation**<sup>\*</sup>-- **URL detonation**<sup>\*</sup>-- **Impersonation user**<sup>\*</sup>-- **Impersonation domain**<sup>\*</sup>: Impersonation of domains that the customer owns or defines.-- **Mailbox intelligence impersonation**<sup>\*</sup>: Impersonation of users defined by admin or learned through mailbox intelligence.-- **File detonation**<sup>\*</sup>-- **File detonation reputation**<sup>\*</sup>-- **Campaign**<sup>\*</sup>
+- **Impersonation brand**: Sender impersonation of well-known brands.
+- **Impersonation domain**<sup>\*</sup>: Impersonation of sender domains that you own or specified for protection in [anti-phishing policies](set-up-anti-phishing-policies.md#impersonation-settings-in-anti-phishing-policies-in-microsoft-defender-for-office-365).
+- **Impersonation user**<sup>\*</sup>: Impersonation of protected senders that you specified in [anti-phishing policies](set-up-anti-phishing-policies.md#impersonation-settings-in-anti-phishing-policies-in-microsoft-defender-for-office-365) or learned through mailbox intelligence.
+- **Mailbox intelligence impersonation**<sup>\*</sup>: Impersonation detections from mailbox intelligence in [anti-phishing policies](set-up-anti-phishing-policies.md#impersonation-settings-in-anti-phishing-policies-in-microsoft-defender-for-office-365).
+- **Mixed analysis detection**: Multiple filters contributed to the message verdict.
+- **Spoof DMARC**: The message failed [DMARC authentication](use-dmarc-to-validate-email.md).
+- **Spoof external domain**: Sender email address spoofing using a domain that's external to your organization.
+- **Spoof intra-org**: Sender email address spoofing using a domain that's internal to your organization.
+- **URL detonation**<sup>\*</sup>: [Safe Links](safe-links.md) detected a malicious URL in the message during detonation analysis.
+- **URL detonation reputation**<sup>\*</sup>: URLs previously detected by [Safe Links](safe-links.md) detonations in other Microsoft 365 organizations.
+- **URL malicious reputation**: The message contains a URL that was previously identified as malicious in other Microsoft 365 organizations.
<sup>\*</sup> Defender for Office 365 only
In the details table below the chart, the following information is available:
- **Subject** - **Sender** - **Recipients**-- **Detection technology**
+- **Detection technology**: The same detection technology values from the chart.
- **Delivery status** - **Sender IP** - **Tags**: For more information about user tags, see [User tags](user-tags.md).
On the **Threat protection status** page, the ![Create schedule icon.](../../med
In the **View data by Email \> Spam** and **Chart breakdown by Detection Technology** view, the following information is shown in the chart: -- **URL malicious reputation**-- **Advanced filter**-- **General filter**
+- **Advanced filter**: Phishing signals based on machine learning.
+- **Bulk**: The [bulk complaint level (BCL)](bulk-complaint-level-values.md) of the message exceeds the defined threshold for spam.
+- **Domain reputation**: The message was from a domain that was previously identified as sending spam in other Microsoft 365 organizations.
+- **Fingerprint matching**: The message closely resembles a previous detected malicious message.
+- **IP reputation**: The message was from a source that was previously identified as sending spam in other Microsoft 365 organizations.
- **Mixed analysis detection**: Multiple filters contributed to the verdict for the message.-- **Fingerprint matching**: The message was marked as bad due to previous messages.-- **Domain reputation**: This message was considered spam based on the sender domain reputation.-- **Bulk**: Items detected as exceeding the bulk setting for the user.-- **IP reputation**: The message was considered spam based on the sending IP address reputation.
+- **URL malicious reputation**: The message contains a URL that was previously identified as malicious in other Microsoft 365 organizations.
In the details table below the chart, the following information is available:
In the details table below the chart, the following information is available:
- **Subject** - **Sender** - **Recipients**-- **Detection technology**
+- **Detection technology**: The same detection technology values from the chart.
- **Delivery status** - **Sender IP** - **Tags**: For more information about user tags, see [User tags](user-tags.md).
On the **Threat protection status** page, the ![Create schedule icon.](../../med
In the **View data by Email \> Malware** and **Chart breakdown by Detection Technology** view, the following information is shown in the chart: -- **File detonation**<sup>\*</sup>: Detection by Safe Attachments.-- **File detonation reputation**<sup>\*</sup>: All malicious file reputation generated by Defender for Office 365 detonations.-- **File reputation**
+- **File detonation**<sup>\*</sup>: [Safe Attachments](safe-attachments.md) detected a malicious attachment during detonation analysis.
+- **File detonation reputation**<sup>\*</sup>: File attachments previously detected by [Safe Attachments](safe-attachments.md) detonations in other Microsoft 365 organizations.
+- **File reputation**: The message contains a file that was previously identified as malicious in other Microsoft 365 organizations.
- **Anti-malware engine**<sup>\*</sup>: Detection from anti-malware engines.-- **Anti-malware policy file type block**: Email messages automatically filtered due to the file type identified in the message (common attachment filtering).-- **URL malicious reputation**<sup>\*</sup>-- **URL detonation**<sup>\*</sup>-- **URL detonation reputation**<sup>\*</sup>-- **Campaign**<sup>\*</sup>
+- **Anti-malware policy file type block**: The message was blocked due to the file type of the attachment ([common attachment filtering in anti-malware policies](anti-malware-protection.md)).
+- **URL detonation**<sup>\*</sup>: [Safe Links](safe-links.md) detected a malicious URL in the message during detonation analysis.
+- **URL detonation reputation**<sup>\*</sup>>: URLs previously detected by [Safe Links](safe-links.md) detonations in other Microsoft 365 organizations.
+- **Campaign**<sup>\*</sup>: Messages identified as part of a [campaign](campaigns.md).
+
+<sup>\*</sup> Defender for Office 365 only
In the details table below the chart, the following information is available:
In the details table below the chart, the following information is available:
- **Subject** - **Sender** - **Recipients**-- **Detection technology**
+- **Detection technology**: The same detection technology values from the chart.
- **Delivery Status** - **Sender IP** - **Tags**: For more information about user tags, see [User tags](user-tags.md).
In the details table below the chart, the following information is available:
- **Subject** - **Sender** - **Recipients**-- **Detection technology**
+- **Detection technology**: The same detection technology values from the chart.
- **Delivery status** - **Sender IP** - **Tags**: For more information about user tags, see [User tags](user-tags.md).
In the details table below the chart, the following information is available:
If you click **Filter**, the following filters are available: - **Date (UTC)** **Start date** and **End date**-- **Detection**:
- - **URL malicious reputation**<sup>\*</sup>: Malicious URL reputation generated from Defender for Office 365 detonations in other Microsoft 365 customers.
- - **Advanced filter**: Phishing signals based on machine learning.
- - **General filter**: Phishing signals based on analyst rules.
- - **Spoof intra-org**: Sender is trying to spoof the recipient domain.
- - **Spoof external domain**: Sender is trying to spoof some other domain.
- - **Spoof DMARC**: DMARC authentication failure on messages.
- - **Impersonation brand**: Impersonation of well-known brands based on senders.
- - **Mixed analysis detection**
- - **File reputation**
- - **Fingerprint matching**
- - **URL detonation reputation**<sup>\*</sup>
- - **URL detonation**<sup>\*</sup>
- - **Impersonation user**<sup>\*</sup>
- - **Impersonation domain**<sup>\*</sup>: Impersonation of domains that the customer owns or defines.
- - **Mailbox intelligence impersonation**<sup>\*</sup>: Impersonation of users defined by admin or learned through mailbox intelligence.
- - **File detonation**<sup>\*</sup>
- - **File detonation reputation**<sup>\*</sup>
- - **Campaign**<sup>\*</sup>
+- **Detection**: Detection technology values as previously described in this article and at [Detection technologies](/office/office-365-management-api/office-365-management-activity-api-schema#detection-technologies).
- **Protected by**: **MDO** (Defender for Office 365) or **EOP** - **Direction**: - **All**
In the details table below the chart, the following information is available:
- **Subject** - **Sender** - **Recipients**-- **Detection technology**
+- **Detection technology**: The same detection technology values from the chart.
- **Delivery status** - **Sender IP** - **Tags**: For more information about user tags, see [User tags](user-tags.md).
In the details table below the chart, the following information is available:
If you click **Filter**, the following filters are available: - **Date (UTC)** **Start date** and **End date**-- **Detection**:
- - **URL malicious reputation**<sup>\*</sup>: Malicious URL reputation generated from Defender for Office 365 detonations in other Microsoft 365 customers.
- - **Advanced filter**: Phishing signals based on machine learning.
- - **General filter**: Phishing signals based on analyst rules.
- - **Spoof intra-org**: Sender is trying to spoof the recipient domain.
- - **Spoof external domain**: Sender is trying to spoof some other domain.
- - **Spoof DMARC**: DMARC authentication failure on messages.
- - **Impersonation brand**: Impersonation of well-known brands based on senders.
- - **Mixed analysis detection**
- - **File reputation**
- - **Fingerprint matching**
- - **URL detonation reputation**<sup>\*</sup>
- - **URL detonation**<sup>\*</sup>
- - **Impersonation user**<sup>\*</sup>
- - **Impersonation domain**<sup>\*</sup>: Impersonation of domains that the customer owns or defines.
- - **Mailbox intelligence impersonation**<sup>\*</sup>: Impersonation of users defined by admin or learned through mailbox intelligence.
- - **File detonation**<sup>\*</sup>
- - **File detonation reputation**<sup>\*</sup>
- - **Campaign**<sup>\*</sup>
+- **Detection**: Detection technology values as previously described in this article and at [Detection technologies](/office/office-365-management-api/office-365-management-activity-api-schema#detection-technologies).
- **Protected by**: **MDO** (Defender for Office 365) or **EOP** - **Direction**: - **All**
In the **View data by Content \> Malware** view, the following information is sh
- **Anti-malware engine**: Malicious files detected in SharePoint, OneDrive, and Microsoft Teams by the [built-in virus detection in Microsoft 365](virus-detection-in-spo.md). - **MDO detonation**: Malicious files detected by [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](mdo-for-spo-odb-and-teams.md).-- **File reputation**
+- **File reputation**: The message contains a file that was previously identified as malicious in other Microsoft 365 organizations.
In the details table below the chart, the following information is available: - **Date (UTC)** - **Attachment filename** - **Workload**-- **Detection technology**
+- **Detection technology**: The same detection technology values from the chart.
- **File size** - **Last modifying user** If you click **Filter**, the following filters are available: -- **Date (UTC)** **Start date** and **End date**-- **Detection**: **Anti-malware engine**, **MDO detonation**, and **File detonation**
+- **Date (UTC)** **Start date** and **End date**.
+- **Detection**: The same values as in the chart.
- **Workload**: **Teams**, **SharePoint**, and **OneDrive** When you're finished configuring the filters, click **Apply**, **Cancel**, or **Clear filters**.
security What S The Difference Between Junk Email And Bulk Email https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/what-s-the-difference-between-junk-email-and-bulk-email.md
Title: What&apos;s the difference between junk email and bulk email?
+ Title: What's the difference between junk email and bulk email?
f1.keywords: - NOCSH