Select and deploy a security agent on your IoT device
Defender for IoT provides reference architectures for security agents that monitor and collect data from IoT devices. To learn more, see Security agent reference architecture.
Agents are developed as open-source projects, and are available in one flavor:
C#.
In this article, you learn how to:
- Compare security agent flavors
- Discover supported agent platforms
- Choose the right agent flavor for your solution
Understand security agent options
Every Defender for IoT security agent flavor offers the same set of features, and supports similar configuration options.
The C-based security agent has a lower memory footprint, and is the ideal choice for devices with fewer available resources.
| C-based security agent | C#-based security agent | |
|---|---|---|
| Open-source | Available under MIT license in GitHub | |
| Development language | C | C# |
| Supported Windows platforms? | No | Yes |
| Windows prerequisites | --- | WMI |
| Supported Linux platforms? | Yes, x64 and x86 | Yes, x64 only |
| Linux prerequisites | libunwind8, libcurl3, uuid-runtime, auditd, audispd-plugins | libunwind8, libcurl3, uuid-runtime, auditd, audispd-plugins, sudo, netstat, iptables |
| Disk footprint | 10.5 MB | 90 MB |
| Memory footprint (on average) | 5.5 MB | 33 MB |
| Authentication to IoT Hub | Yes | Yes |
| Security data collection | Yes | Yes |
| Event aggregation | Yes | Yes |
| Remote configuration through Defender-IoT-micro-agent twin | Yes | Yes |
Security agent installation guidelines
For Windows: The Install SecurityAgent.ps1 script must be executed from an Administrator PowerShell window.
For Linux: The InstallSecurityAgent.sh must be run as superuser. We recommend prefixing the installation command with "sudo".
Choose an agent flavor
Answer the following questions about your IoT devices to select the correct agent:
Are you using Windows Server or Windows IoT Core?
Are you using a Linux distribution with x86 architecture?
Are you using a Linux distribution with x64 architecture?
Both agent flavors can be used.
Deploy a C-based security agent for Linux and/or Deploy a C#-based security agent for Linux.
Both agent flavors offer the same set of features and support similar configuration options. See Security agent comparison to learn more.
Supported platforms
The following list includes all currently supported platforms.
| Defender for IoT agent | Operating System | Architecture |
|---|---|---|
| C | Ubuntu 16.04 | x64 |
| C | Ubuntu 18.04 | x64, ARMv7 |
| C | Debian 9 | x64, x86 |
| C# | Ubuntu 16.04 | x64 |
| C# | Ubuntu 18.04 | x64, ARMv7 |
| C# | Debian 9 | x64 |
| C# | Windows Server 2016 | X64 |
| C# | Windows 10 IoT Core, build 17763 | x64 |
Next steps
To learn more about configuration options, continue to the how-to guide for agent configuration.