Merge pull request #195 from TheJonCallahan/main

Updates for Windows Update, Remote Help, and Endpoint Analytics

src/react/docs/workshop-guidance/devices/RMD_141.md

@@ -2,9 +2,24 @@
 
 ## Overview
 
+### Update Rings
+**Update Rings** in Intune allow administrators to manage how and when Windows 10/11 devices receive updates. These rings are essentially policies that define the deployment schedule for feature and quality updates. Key aspects include:
+
+* Admins can specify deferral periods, deadlines, and active hours to minimize disruption.
+* Updates can be deployed in phases to different groups of devices, reducing the risk of widespread issues.
+* Ensures devices are up-to-date with the latest security patches, aligning with Zero Trust principles by maintaining a secure and compliant environment.
+
+### Windows Autopatch
+**Windows Autopatch** is a service that automates the process of keeping Windows and Microsoft 365 apps up-to-date. It leverages Intune for device management and allow for the management and operation of update rings via **Autopatch Groups**:
+
+* Devices are grouped into these rings to receive updates at different times, allowing for early detection of issues before a broader rollout.
+* Microsoft manages the update process, reducing the administrative burden and ensuring timely updates
+* Autopatch uses Intune’s capabilities for device management, reporting, and compliance
+
 
 
 ## Reference
 
-* 
+* [Update rings for Windows 10 and later policy in Intune](https://learn.microsoft.com/en-us/mem/intune/protect/windows-10-update-rings)
+* [Windows Autopatch Overview](https://learn.microsoft.com/en-us/windows/deployment/windows-autopatch/)
 

src/react/docs/workshop-guidance/devices/RMD_142.md

@@ -2,9 +2,13 @@
 
 ## Overview
 
+Feature Update policies in Intune allow you to control which Windows feature updates are installed on your devices. You can specify a target version for Windows 10 or Windows 11, ensuring devices update to and remain on that version until you change the policy. This helps maintain stability and compatibility across your devices. Additionally, safeguard holds can temporarily block updates if there are known issues, preventing potential disruption.
+
+Intune provides built-in reports to monitor the status of feature updates. These reports help you track which devices have successfully updated and identify any issues. To utilize these reports, you need to enable Windows diagnostic data collection on your devices. Key reports include the Feature Update Status report, which shows the update status of devices, and the Update Compliance report, which provides insights into overall compliance with your update policies.
 
 
 ## Reference
 
-* 
+* [Feature updates for Windows 10 and later policy in Intune](https://learn.microsoft.com/en-us/mem/intune/protect/windows-10-feature-updates)
+* [Windows Update reports for Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/protect/windows-update-reports)
 

src/react/docs/workshop-guidance/devices/RMD_143.md

@@ -2,9 +2,9 @@
 
 ## Overview
 
-
+Intune can expedite the installation of the most recent Windows 10/11 security updates using Quality Update policies, which allow you to quickly deploy critical updates, such as security patches for zero-day vulnerabilities. This feature temporarily overrides any deferral settings to ensure that the update is installed as soon as possible
 
 ## Reference
 
-* 
+* [Expedite Windows quality updates in Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/protect/windows-10-expedite-updates)
 

src/react/docs/workshop-guidance/devices/RMD_146.md

@@ -2,9 +2,14 @@
 
 ## Overview
 
+Using **Microsoft Store** apps with Intune offers streamlined app management and enhanced security, crucial for a Zero Trust environment. Intune allows administrators to centrally deploy, update, and monitor apps from the Microsoft Store.
 
+The Microsoft Store supports Universal Windows Platform (UWP) apps, desktop apps packaged in .msix, and now Win32 apps packaged in .exe or .msi installers.
+
+Microsoft Store applications keep updating automatically, by default.
 
 ## Reference
 
-* 
+* [Add Microsoft Store apps to Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/apps/store-apps-microsoft)
+* [Configure access to the Microsoft Store app](https://learn.microsoft.com/en-us/windows/configuration/store/?tabs=intune)
 

src/react/docs/workshop-guidance/devices/RMD_147.md

@@ -2,9 +2,25 @@
 
 ## Overview
 
+### Line of Business (LOB) apps
 
+**Line of Business (LOB) apps** in Intune are custom or in-house applications that are deployed using installation files like .msi, .appx, or .msix. LOB apps allow organizations to deploy tailored applications that are not available in public app stores. LOB apps do not support complex deployments or apps, especially for apps with dependencies or complex installation requirements. LOB apps also require manual updates and maintenance.
+
+### Win32 apps
+
+**Win32 apps** in Intune allows you to install, configure, protect, and monitor your Windows applications on devices at your organization. Win32 app management offer extensive customization and control over installation parameters, making them suitable for complex enterprise applications.
+
+Win32 app management in Microsoft Intune provides support for the following capabilities:
+
+* Management of traditional desktop apps
+* Support for several app types
+* Control for complex app installations
+* Support for detection rules, dependencies, and requirements
+* Support for 32-bit and 64-bit Windows operating system architecture
+* Support for Windows S mode devices
 
 ## Reference
 
-* 
+* [Add a Windows line-of-business app to Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/apps/lob-apps-windows)
+* [Win32 app management in Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/apps/apps-win32-app-management)
 

src/react/docs/workshop-guidance/devices/RMD_149.md

@@ -2,9 +2,15 @@
 
 ## Overview
 
+Microsoft Intune has discontinued future investments in managing and deploying **Windows Information Protection (WIP)**.
 
+Support for the Windows Information Protection without enrollment scenario in Microsoft Intune has been removed.
 
-## Reference
+For more information, see [End of support guidance for Windows Information Protection](https://aka.ms/Intune-WIP-support).
+
+For information about Intune MAM on Windows, see [MAM for Windows](https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new-archive#mam-for-windows-general-availability) and [App protection policy settings for Windows](https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy-settings-windows).
 
-* 
+## Reference
 
+* [MAM for Windows](https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new-archive#mam-for-windows-general-availability)
+* [End of support guidance for Windows Information Protection](https://aka.ms/Intune-WIP-support)

src/react/docs/workshop-guidance/devices/RMD_150.md

@@ -2,9 +2,13 @@
 
 ## Overview
 
+**Endpoint Analytics** in Intune provides insights into the performance and health of your devices. It helps identify issues that might be affecting user productivity, such as long boot times or software configurations that aren't optimized. By collecting and analyzing data from your devices, Endpoint Analytics enables IT to proactively address these issues before they impact users.
 
+To use Endpoint Analytics, you need to enable data collection on your devices. This involves creating a policy in Intune that targets the devices you want to monitor. The data collected includes information about boot times, application performance, and other metrics that can help you understand and improve the user experience.
+
+Endpoint Analytics supports the Zero Trust security model by providing visibility into device health and performance. Zero Trust assumes that breaches can occur at any time, so continuous monitoring and assessment are crucial
 
 ## Reference
 
-* 
+* [What is Endpoint analytics?](https://learn.microsoft.com/en-us/mem/analytics/overview)
 

src/react/docs/workshop-guidance/devices/RMD_167.md

@@ -2,9 +2,10 @@
 
 ## Overview
 
+**Remote Help** in Intune is a cloud-based solution that allows IT support staff to remotely assist users with their devices. This feature enables secure, real-time connections between helpdesk personnel and end-users, facilitating troubleshooting and issue resolution. Remote Help uses strong authentication and security controls to ensure that only authorized personnel can access and assist with devices1.
 
+Remote Help is available as an Intune add-on. For more information, see [Use Intune Suite add-on capabilities](https://learn.microsoft.com/mem/intune/fundamentals/intune-add-ons).
 
 ## Reference
 
-* 
-
+* [Use Remote Help with Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/fundamentals/remote-help)

src/react/docs/workshop-guidance/devices/RMD_168.md

@@ -2,9 +2,16 @@
 
 ## Overview
 
+There are two primary options for management of Microsoft 365 apps for Windows in Intune, **Policies for Office apps** and **ADMX management**:
 
+* **Policies for Office apps** in Intune allow administrators to configure and enforce settings for Microsoft 365 applications. These policies can control features like macro settings, protected view, and trusted locations, ensuring that Office apps comply with organizational security standards. They are straightforward to implement and manage directly within the Intune admin center, making them ideal for organizations looking for a seamless way to enforce Office app configurations.
+
+* **ADMX management** in Intune involves using Administrative Templates to configure group policy settings for Windows and Office applications. ADMX templates provide a more granular level of control, allowing administrators to manage thousands of settings, including those for third-party applications. This method is beneficial for organizations with complex policy requirements or those needing to import custom ADMX files.
+
+Customers might prefer Office app policies for their simplicity and ease of use, especially if they only need to manage standard Office settings. On the other hand, ADMX management is suitable for more complex environments requiring detailed configuration and control over a broader range of settings.
 
 ## Reference
 
-* 
+* [Policies for Office apps - Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/apps/app-office-policies)
+* [Use ADMX templates on Windows 10/11 devices in Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/configuration/administrative-templates-window)
 

src/react/docs/workshop-guidance/devices/RMD_188.md

@@ -2,9 +2,14 @@
 
 ## Overview
 
+Drivers Update policies in Intune allow you to manage and deploy driver and firmware updates for Windows devices. These policies help ensure that devices have the latest drivers and firmware, which are essential for optimal performance and security. You can configure these policies to automatically approve recommended updates or require manual approval before deployment.
 
+To manage these updates, Intune leverages the Windows Update for Business deployment service. This service identifies applicable updates for your devices and provides detailed reporting on update status, alerts, and recommendations for remediation. This helps you monitor the health and performance of your devices and ensures that updates are applied consistently across your organization.
+
+Managing drivers and firmware updates is crucial. Zero Trust assumes that breaches can occur at any time, so maintaining up-to-date drivers and firmware is essential to minimize vulnerabilities.
 
 ## Reference
 
-* 
+* [Windows Driver update management in Microsoft Intune](https://learn.microsoft.com/en-us/mem/intune/protect/windows-driver-updates-overview)
+* [Manage Windows driver and firmware updates with Microsoft Intune](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/manage-windows-driver-and-firmware-updates-with-microsoft-intune/ba-p/3851402)