Posted on Leave a comment

What is Azure Security Center for IoT?

IoT is one of the areas that has commonly been the least secure. To remedy this lack in security, Azure has a number of services to processes to help. In this quick overview, I’m going to talk through my experience of setting up the Azure Security Center for IoT.

Here is a good reason for using Azure Security Center for IoT. It provides protection in the form of intelligent threat detection and response across your workloads running on Edge devices, on-premises systems, in Azure, and even in other cloud solutions. It’s the big boss of IoT security, so understanding it is important for your Azure IoT Solutions.

The Sales Pitch: What does it give me?

  1. Unified visibility and control
  2. Adaptive threat prevention
  3. Intelligent threat detection and response to that threat detection

There are two modes for using Azure Security Center for IoT workflows:

  1. Enhanced – by turning on Enhanced mode, you will need to install Azure Security Center for IoT device agents on your devices, the agents collect, aggregate, and analyze raw security events from your devices. You have the ability to customize what events you want to see, what events you want sent to the cloud, and how much security data you want to collect.
  2. Built-in – This does not require an agents and does the majority of its analysis in the cloud.

Device agents and other applications can use the Azure send security message SDK to send security information into Azure IoT Hub. The Hub picks up the information and forwards it to the Security Center for IoT service.

Create a Log Analytics workspace in Azure Portal

I followed the instructions here:

Create a Log Analytics workspace using Azure CLI – Azure Monitor

I also built an IoT Hub

az iot hub create –<RG NAME> –name <IOT HUB NAME> –sku S1 –location southcentralus –partition-count 1

(I’ven been trying to force myself to stick with the Azure CLI as much as possible lately, but feel free to build it in the Portal)

I did use the portal for the following step, because I didn’t see a way to do it through the Azure CLI:

To enable security on your IoT Hub:

  1. Open your IoT Hub in Azure portal.
  2. Under the Security menu, click Secure your IoT solution.

Congratulations! You’ve completed enabling Azure Security Center for IoT on your IoT Hub.

Leave a Reply