Manage Defender for IoT plans for Enterprise IoT security monitoring

Enterprise IoT security monitoring with Defender for IoT is managed by an Enterprise IoT plan on your Azure subscription. While you can view your plan in Microsoft Defender for IoT, onboarding and canceling a plan is done with Microsoft Defender for Endpoint in Microsoft 365 Defender.

For each monthly price plan, you'll be asked to define the number of committed devices. Committed devices are the approximate number of devices that will be monitored in your enterprise.

For information about OT networks, see Manage Defender for IoT plans for OT security monitoring.

Prerequisites

Before performing the procedures in this article, make sure that you have:

• A Microsoft Defender for Endpoint P2 license

• An Azure subscription. If you need to, sign up for a free account.

• The following user roles:

  • In Azure Active Directory: Global administrator for your Microsoft 365 tenant

  • In Azure RBAC: Security admin, Contributor, or Owner for the Azure subscription that you'll be using for the integration

Calculate committed devices for Enterprise IoT monitoring

If you're adding an Enterprise IoT plan with a monthly commitment, you'll be asked to enter the number of committed devices.

We recommend that you make an initial estimate of your committed devices when onboarding your plan. You can skip this procedure if you're adding a trial plan.

To calculate committed devices::

1. In the navigation pane of the https://security.microsoft.com portal, select Assets > Devices to open the Device inventory page.

2. Add the total number of devices listed on both the Network devices and IoT devices tabs.

   For example:

   

3. Round up your total to a multiple of 100.

For example:

• In the Microsoft 365 Defender Device inventory, you have 473 network devices and 1206 IoT devices.
• Added together, the total is 1679 devices.
• Rounded up to a multiple of 100 is 1700.

Use 1700 as the estimated number of committed devices.

For more information, see the Defender for Endpoint Device discovery overview.

Note

Devices listed on the Computers & Mobile tab, including those managed by Defender for Endpoint or otherwise, are not included in the number of committed devices for Defender for IoT.

Onboard an Enterprise IoT plan

This procedure describes how to add an Enterprise IoT plan to your Azure subscription from Microsoft 365 Defender.

To add an Enterprise IoT plan:

1. In the navigation pane of the https://security.microsoft.com portal, select Settings > Device discovery > Enterprise IoT.

2. Select the following options for your plan:

   • Select an Azure subscription: Select the Azure subscription that you want to use for the integration. You'll need a Security admin, Contributor, or Owner role for the subscription.

     Tip

     If your subscription isn't listed, check your account details and confirm your permissions with the subscription owner.

   • Price plan: Select a trial or monthly commitment.

     Microsoft Defender for IoT provides a 30-day free trial for evaluation purposes, with an unlimited number of devices. For more information, see the Microsoft Defender for IoT pricing page.

     Monthly commitments require that you enter the number of committed devices that you'd calculated earlier.

3. Select the I accept the terms and conditions option and then select Save.

   For example:

   

After you've onboarded your plan, you'll see it listed in Defender for IoT in the Azure portal. Go to the Defender for IoT Plans and pricing page and find your subscription with the new Enterprise IoT plan listed. For example:

Edit your Enterprise IoT plan

To edit your plan, such as to edit your commitment level or the number of committed devices, first cancel the plan and then onboard a new plan.

Cancel your Enterprise IoT plan

You'll need to cancel your plan if you want to edit the details of your plan, such as the price plan or the number of committed devices, or if you no longer need the service.

You'd also need to cancel your plan and onboard again if you need to work with a new payment entity or Azure subscription.

To cancel your Enterprise IoT plan:

1. In the navigation pane of the https://security.microsoft.com portal, select Settings > Device discovery > Enterprise IoT.

2. Select Cancel plan. For example:

   

After you cancel your plan, the integration stops and you'll no longer get added security value in Microsoft 365 Defender, or detect new Enterprise IoT devices in Defender for IoT.

The cancellation takes effect one hour after confirming the change. This change will appear on your next monthly statement, and you will be charged based on the length of time the plan was in effect.

If you're canceling your plan as part of an editing procedure, make sure to onboard a new plan back with the new details.

Important

If you've registered an Enterprise IoT network sensor (Public preview), device data collected by the sensor remains in your Microsoft 365 Defender instance. If you're canceling the Enterprise IoT plan because you no longer need the service, make sure to manually delete data from Microsoft 365 Defender as needed.

Next steps

For more information, see:

• Defender for IoT subscription billing

• Manage sensors with Defender for IoT in the Azure portal

• Create an additional Azure subscription

• Upgrade your Azure subscription