Deploy a sensor to Microsoft Defender for IoT for operational technology network monitoring
Using the activation file and list of endpoints from the onboarding phase, deploy an OT sensor to Microsoft Defender for IoT. Install monitoring software on the sensor, set up the interface settings, and activate the sensor.
Learning objectives
By the end of this module, you'll be able to:
- Deploy Defender for IoT software to a virtual appliance
Prerequisites
- Knowledge of what Defender for IoT is and how it works at a beginner level
- Access to an Azure subscription as a Security Admin, Contributor, or Owner
- A Defender for IoT license with an OT plan
- A configured firewall and all of the rules and settings for it to connect to port 443, including: IP address, subnet mask, default gateway, DNS and hostname
- Access to either a virtual or physical OT sensor
- Access to a virtual machine, such as VMware ESXi 5.5 or later
- A configured network adapter port group that connects to the internet
- A configured network adapter port group that connects to the SPAN port on the virtual switch
- Access to Wireshark or similar packet capture (PCAPS) file reader
- The JSON list of endpoints file
- The sensor activation file for this sensor