Share via

Defender For IOT - Migration Strategy (OT Solution)

Hernus Bornman 21 Reputation points
2022-03-01T11:13:17.863+00:00

Hi all,

I have been requested to migrate the OT solution (Defender for IOT Stack) to a alternative Subscription.
I have noted that you cannot move the Workspace to a alternative subscription. (Resource)

Is there a existing Strategy on moving the Stack, or is it preferred to re-deploy the stack (IOT Hub + Defender for IOT + Sentinel).
And reactivate the Sensor after the deployment has concluded.

Customer A: Currently Deployed
Customer B: To migrate to

Conclusion:
Migrate "Customer A" Defender for IOT stack to the "Customer B" Subscription.

Resources:

Azure IoT
Azure IoT
A category of Azure services for internet of things devices.
385 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,210 questions
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
996 questions
Accepted answer
  1. VipulSparsh-MSFT 16,236 Reputation points Microsoft Employee
    2022-03-07T02:26:37.443+00:00

    @Hernus Bornman Thanks for reaching out. There is no specific migration strategy.

    You can move the resources under 1 resource group, that resource group can then be moved to a different subscription.
    In your case, you will also have to make sure that you see the subscription of the tenant you want it to be moved under the same tenant where the resources are currently.
    For this you will need to follow : https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/move-resource-group-and-subscription#use-the-portal

    "If the tenant IDs for the source and destination subscriptions aren't the same, use the following methods to reconcile the tenant IDs:

    Transfer ownership of an Azure subscription to another account
    How to associate or add an Azure subscription to Azure Active Directory"

    Basically here are the steps which needs to be done :

    Step 1 : If dependent resources are distributed across different resource groups, first move them into one resource group.
    Step 2 : Move the resource and dependent resources together from the source subscription to the target subscription.
    Step* *** 3*: Optionally, redistribute the dependent resources to different resource groups within the target subscription.

    You can use the azure portal to move the resources to another subscription. Read more here : https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/move-resource-group-and-subscription#use-the-portal

    180460-image.png

    180350-image.png

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest