Introduction
Microsoft Defender for IoT provides comprehensive threat detection for IoT/OT environments, with multiple deployment options that include cloud-connected, fully on-premises, or hybrid environments.
This module describes the high-level steps required to plan your deployment of Defender for IoT for operational technology (OT) monitoring.
Example scenario
Suppose you work for a car manufacturer with offices and production sites across the globe. You're tasked with implementing a system to monitor traffic and secure your manufacturing automation systems, from the access panels to the pneumatic and packaging systems. To take the organization's operational technology security visibility to the next level, your team chooses to use Microsoft Defender for IoT.
You need to create a deployment plan so that your organization can monitor traffic from various systems, across several sites in different geographic areas around the world. You’ll need to decide on how you’re going to connect your network sensors to the cloud, and what users and user role assignments to provision.
What will we be doing?
You'll identify the steps and roles involved in the different stages of a Microsoft Defender for IoT deployment. You'll then plan basic details about deploying an OT monitoring system, such as:
Sites and zones: Decide how you'll segment a network you want to monitor using sites and zones representing locations all around the world.
Sensor management: Decide on the cloud connections to use. This module doesn't describe air-gapped or hybrid systems.
Users and roles: Identify the types of users you need in Azure and on each sensor, and the roles that they'll need for each activity.
What is the main goal?
By the end of this session, you'll be able to plan a deployment of Microsoft Defender for IoT to monitor your OT networks.