azure-defender-for-iot

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Azure Defender For Iot Skill

Azure Defender For IoT 技能

This skill provides expert guidance for Azure Defender For Iot. Covers troubleshooting, best practices, decision making, architecture & design patterns, limits & quotas, security, configuration, integrations & coding patterns, and deployment. It combines local quick-reference content with remote documentation fetching capabilities.

本技能为Azure Defender For IoT提供专业指导，涵盖故障排除、最佳实践、决策制定、架构与设计模式、限制与配额、安全防护、配置、集成与编码模式以及部署方面的内容。它结合了本地快速参考内容与远程文档获取能力。

How to Use This Skill

如何使用本技能

IMPORTANT for Agent: Use the Category Index below to locate relevant sections. For categories with line ranges (e.g.,
L35-L120
), use
read_file
with the specified lines. For categories with file links (e.g.,
[security.md](security.md)
), use
read_file
on the linked reference file

IMPORTANT for Agent: If
metadata.generated_at
is more than 3 months old, suggest the user pull the latest version from the repository. If
mcp_microsoftdocs
tools are not available, suggest the user install it: Installation Guide

This skill requires network access to fetch documentation content:

Preferred: Use

mcp_microsoftdocs:microsoft_docs_fetch

with query string

from=learn-agent-skill

. Returns Markdown.

Fallback: Use

fetch_webpage

with query string

from=learn-agent-skill&accept=text/markdown

. Returns Markdown.

面向Agent的重要提示：使用下方的分类索引定位相关章节。对于带有行范围的分类（例如
L35-L120
），使用
read_file
并指定对应行。对于带有文件链接的分类（例如
[security.md](security.md)
），对链接的参考文件使用
read_file

面向Agent的重要提示：如果
metadata.generated_at
已超过3个月，建议用户从仓库拉取最新版本。如果
mcp_microsoftdocs
工具不可用，建议用户安装该工具：安装指南

本技能需要网络访问权限以获取文档内容：

首选方式：使用
```
mcp_microsoftdocs:microsoft_docs_fetch
```
并附带查询字符串
```
from=learn-agent-skill
```
，返回Markdown格式内容。
备用方式：使用
```
fetch_webpage
```
并附带查询字符串
```
from=learn-agent-skill&accept=text/markdown
```
，返回Markdown格式内容。

Category Index

分类索引

Category	Lines	Description
Troubleshooting	L37-L48	Diagnosing and fixing Defender for IoT micro agent and OT sensor issues, understanding/handling security and health alerts, and validating sensor/agent installation and configuration.
Best Practices	L49-L56	Best practices for securing IoT/OT with Defender for IoT: using hub security recommendations, CIS benchmark guidance, and planning OT monitoring topology and sensor placement.
Decision Making	L57-L68	Guidance on planning Defender for IoT deployments: choosing OT traffic mirroring, appliances, licenses, partner integrations, billing, hybrid/air-gapped setups, and on-premises to cloud transitions.
Architecture & Design Patterns	L69-L75	Architectural guidance for connecting OT/ICS sensors to Azure, using sample OT network topologies, and aligning Defender for IoT deployment with Purdue model layers.
Limits & Quotas	L76-L84	Info on OT trial setup, supported/retiring features, appliance catalog and requirements, and Defender for IoT data retention and storage limits.
Security	L85-L103	Securing Defender for IoT OT environments: auth, RBAC/roles, SSO, certificates, Zero Trust, alert workflows/response, and auditing user and programming activity.
Configuration	L104-L135	Configuring Defender for IoT agents/sensors: micro agent twins, dependencies, alerts, OT sensor settings, traffic mirroring, connectivity, monitoring methods, and threat intel updates.
Integrations & Coding Patterns	L136-L163	Integrating Defender for IoT with SIEMs, firewalls, ServiceNow, Sentinel, OT sensors, and micro agents, plus using APIs, playbooks, and workbooks to automate alerts and manage inventory/vulnerabilities.
Deployment	L164-L187	Planning and deploying Defender for IoT OT sensors: hardware/VM options, appliance-specific guides, traffic mirroring, onboarding, activation, and moving IoT security resources across regions.

分类	行范围	描述
故障排除	L37-L48	诊断并修复Defender for IoT微代理和OT传感器问题，理解/处理安全和健康警报，验证传感器/代理的安装与配置。
最佳实践	L49-L56	使用Defender for IoT保障IoT/OT安全的最佳实践：利用中心安全建议、CIS基准指南，规划OT监控拓扑和传感器部署位置。
决策制定	L57-L68	Defender for IoT部署规划指导：选择OT流量镜像方式、设备、许可证、合作伙伴集成、计费方案、混合/离线环境设置，以及从本地到云端的过渡方案。
架构与设计模式	L69-L75	将OT/ICS传感器连接到Azure的架构指导，使用示例OT网络拓扑，使Defender for IoT部署与普渡模型层保持一致。
限制与配额	L76-L84	OT试用设置、支持/即将停用的功能、设备目录与要求，以及Defender for IoT数据保留和存储限制相关信息。
安全防护	L85-L103	保障Defender for IoT OT环境安全：身份验证、RBAC/角色、SSO、证书、零信任、警报工作流/响应，以及审计用户和编程活动。
配置	L104-L135	配置Defender for IoT代理/传感器：微代理孪生、依赖项、警报、OT传感器设置、流量镜像、连接性、监控方法，以及威胁情报更新。
集成与编码模式	L136-L163	将Defender for IoT与SIEM、防火墙、ServiceNow、Sentinel、OT传感器和微代理集成，以及使用API、剧本和工作簿自动化警报并管理资产/漏洞。
部署	L164-L187	规划并部署Defender for IoT OT传感器：硬件/VM选项、特定设备指南、流量镜像、注册、激活，以及跨区域迁移IoT安全资源。

Troubleshooting

故障排除

Topic	URL
Use Defender micro agent security alerts and remediation guidance	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-agent-based-security-alerts
Use Defender for IoT Hub built-in and custom alerts	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-security-alerts
Use ThreadX Defender micro agent alerts and recommendations	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-threadx-security-alerts-recommendations
Troubleshoot Microsoft Defender for IoT micro agent issues	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/troubleshoot-defender-micro-agent
Investigate and remediate Defender for IoT security alerts	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/tutorial-investigate-security-alerts
Troubleshoot Microsoft Defender for IoT OT sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-troubleshoot-sensor
Validate Defender for IoT OT sensor installation health	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/post-install-validation-ot-software
Interpret Defender for IoT sensor health messages	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/sensor-health-messages

主题	链接
使用Defender微代理安全警报和修复指南	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-agent-based-security-alerts
使用Defender for IoT Hub内置和自定义警报	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-security-alerts
使用ThreadX Defender微代理警报和建议	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-threadx-security-alerts-recommendations
排查Microsoft Defender for IoT微代理问题	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/troubleshoot-defender-micro-agent
调查并修复Defender for IoT安全警报	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/tutorial-investigate-security-alerts
排查Microsoft Defender for IoT OT传感器问题	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-troubleshoot-sensor
验证Defender for IoT OT传感器安装健康状态	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/post-install-validation-ot-software
解读Defender for IoT传感器健康消息	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/sensor-health-messages

Best Practices

最佳实践

Topic	URL
Apply Defender for IoT Hub security recommendations	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-recommendations
Investigate CIS benchmark-based Defender recommendations	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-investigate-cis-benchmark
Plan OT monitoring topology with Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/plan-corporate-monitoring
Prepare OT sites and sensor placement for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/plan-prepare-deploy

主题	链接
应用Defender for IoT Hub安全建议	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-recommendations
调查基于CIS基准的Defender建议	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-investigate-cis-benchmark
使用Defender for IoT规划OT监控拓扑	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/plan-corporate-monitoring
为Defender for IoT准备OT站点和传感器部署位置	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/plan-prepare-deploy

Decision Making

决策制定

Topic	URL
Choose OT traffic mirroring methods for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/traffic-mirroring-methods
Decide on OT traffic mirroring methods for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/traffic-mirroring-methods
Plan Defender for IoT billing and licensing	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/billing
Choose and plan Defender for IoT partner integrations	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrate-overview
Choose and extend Defender for IoT licenses	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/license-and-trial-license-extention
Select appropriate OT appliances for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-appliance-sizing
Plan hybrid or air-gapped Defender for IoT deployments	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/air-gapped-deploy
Transition Defender for IoT from on-premises to cloud	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/transition-on-premises-management-console-to-cloud

主题	链接
为Defender for IoT选择OT流量镜像方式	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/traffic-mirroring-methods
为Defender for IoT确定OT流量镜像方式	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/traffic-mirroring-methods
规划Defender for IoT计费和许可证	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/billing
选择并规划Defender for IoT合作伙伴集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrate-overview
选择并扩展Defender for IoT许可证	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/license-and-trial-license-extention
为Defender for IoT选择合适的OT设备	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-appliance-sizing
规划混合或离线Defender for IoT部署	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/air-gapped-deploy
将Defender for IoT从本地迁移到云端	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/transition-on-premises-management-console-to-cloud

Architecture & Design Patterns

架构与设计模式

Topic	URL
Select architectures to connect OT sensors to Azure	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/architecture-connections
Use sample OT network connectivity models for sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/sample-connectivity-models
Map Defender for IoT to Purdue OT architecture	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/understand-network-architecture

主题	链接
选择将OT传感器连接到Azure的架构	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/architecture-connections
使用传感器的示例OT网络连接模型	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/sample-connectivity-models
将Defender for IoT映射到普渡OT架构	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/understand-network-architecture

Limits & Quotas

限制与配额

Topic	URL
Understand Defender for IoT feature support and retirement timelines	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/edge-security-module-deprecation
Set up Defender for IoT OT trial plan	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/getting-started
Review catalog of preconfigured OT monitoring appliances	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-pre-configured-appliances
System requirements for Defender for IoT OT virtual appliances	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-virtual-appliances
Understand Defender for IoT data retention limits	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/references-data-retention

主题	链接
了解Defender for IoT功能支持和停用时间表	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/edge-security-module-deprecation
设置Defender for IoT OT试用计划	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/getting-started
查看预配置OT监控设备目录	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-pre-configured-appliances
Defender for IoT OT虚拟设备的系统要求	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-virtual-appliances
了解Defender for IoT数据保留限制	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/references-data-retention

Security

安全防护

Topic	URL
Manage OT sensor authentication via Defender for IoT APIs	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/api/sensor-auth-apis
Meet SSL/TLS certificate requirements for OT sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/certificate-requirements
Analyze OT programming events for suspicious changes	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-analyze-programming-details-changes
Manage Defender for IoT alerts in Azure portal	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-manage-cloud-alerts
View and manage OT sensor alerts locally	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-view-alerts
Assign Azure RBAC roles for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/manage-users-portal
Manage on-premises users on OT network sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/manage-users-sensor
Apply Zero Trust monitoring to OT networks	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/monitor-zero-trust
Create CA-signed SSL/TLS certificates for OT sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/create-ssl-certificates
Use Defender for IoT security recommendations to reduce risk	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/recommendations
Investigate and respond to OT alerts in Azure	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/respond-ot-alert
Map Azure RBAC roles for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/roles-azure
Configure on-premises roles for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/roles-on-premises
Configure SSO for Defender for IoT sensor console	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/set-up-sso
Audit user activity in Microsoft Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/track-user-activity

主题	链接
通过Defender for IoT API管理OT传感器身份验证	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/api/sensor-auth-apis
满足OT传感器的SSL/TLS证书要求	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/best-practices/certificate-requirements
分析OT编程事件以发现可疑变更	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-analyze-programming-details-changes
在Azure门户中管理Defender for IoT警报	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-manage-cloud-alerts
在本地查看和管理OT传感器警报	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-view-alerts
为Defender for IoT分配Azure RBAC角色	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/manage-users-portal
在OT网络传感器上管理本地用户	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/manage-users-sensor
对OT网络应用零信任监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/monitor-zero-trust
为OT传感器创建CA签名的SSL/TLS证书	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/create-ssl-certificates
使用Defender for IoT安全建议降低风险	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/recommendations
在Azure中调查并响应OT警报	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/respond-ot-alert
为Defender for IoT映射Azure RBAC角色	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/roles-azure
为Defender for IoT配置本地角色	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/roles-on-premises
为Defender for IoT传感器控制台配置SSO	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/set-up-sso
审计Microsoft Defender for IoT中的用户活动	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/track-user-activity

Configuration

配置

Topic	URL
Configure custom security alerts for Azure IoT Hub	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-customizable-security-alerts
Configure Defender for IoT micro agent behavior via module twin	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-micro-agent-configuration
Meet Linux dependency requirements for Defender micro agent	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-micro-agent-linux-dependencies
Configure PAM on Linux to audit sign-in events for Defender	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/configure-pam-to-audit-sign-in-events
Configure DMI decoder and alternatives for Defender micro agent	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-configure-dmi-decoder
Configure Defender for IoT micro agent twin properties	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-configure-micro-agent-twin
Configure Defender micro agent for Eclipse ThreadX devices	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-threadx-security-module
Create and assign custom Defender for IoT device alerts	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/quickstart-create-custom-alerts
Configure Microsoft Defender for IoT agent-based solution	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/tutorial-configure-agent-based-solution
Create Defender for IoT micro agent module twin	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/tutorial-create-micro-agent-module-twin
Use Defender for IoT OT sensor CLI commands	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/cli-ot-sensor
Configure active monitoring methods for OT networks	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/configure-active-monitoring
Set up reverse DNS lookup for OT active monitoring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/configure-reverse-dns-lookup
Configure OT sensor settings centrally from Azure portal	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/configure-sensor-settings-portal
Configure Windows Endpoint Monitoring for OT sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/configure-windows-endpoint-monitoring
Configure OT sensor proxy connectivity to Azure	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/connect-sensors
Use local script to enrich Windows endpoint data	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/detect-windows-endpoints-script
Import supplemental OT device data into sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-import-device-information
Maintain individual OT sensors via sensor console	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-manage-individual-sensors
Configure SNMP MIB monitoring for OT sensor health	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-set-up-snmp-mib-monitoring
Manage threat intelligence package updates on OT sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-work-with-threat-intelligence-packages
Apply networking requirements for Defender for IoT sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/networking-requirements
Allow OT sensor connectivity to Azure endpoints	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/provision-cloud-management
Configure ERSPAN on Cisco for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-erspan
Configure ESXi vSwitch promiscuous mode for mirroring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-esxi
Configure Hyper-V vSwitch promiscuous mode for mirroring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-hyper-v
Configure Cisco RSPAN mirroring for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-rspan
Configure Cisco SPAN port mirroring for OT sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-span

主题	链接
为Azure IoT Hub配置自定义安全警报	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-customizable-security-alerts
通过模块孪生配置Defender for IoT微代理行为	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-micro-agent-configuration
满足Defender微代理的Linux依赖项要求	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-micro-agent-linux-dependencies
在Linux上配置PAM以审计Defender的登录事件	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/configure-pam-to-audit-sign-in-events
为Defender微代理配置DMI解码器及替代方案	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-configure-dmi-decoder
配置Defender for IoT微代理孪生属性	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-configure-micro-agent-twin
为Eclipse ThreadX设备配置Defender微代理	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-threadx-security-module
创建并分配自定义Defender for IoT设备警报	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/quickstart-create-custom-alerts
配置Microsoft Defender for IoT基于代理的解决方案	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/tutorial-configure-agent-based-solution
创建Defender for IoT微代理模块孪生	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/tutorial-create-micro-agent-module-twin
使用Defender for IoT OT传感器CLI命令	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/cli-ot-sensor
为OT网络配置主动监控方法	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/configure-active-monitoring
为OT主动监控设置反向DNS查找	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/configure-reverse-dns-lookup
从Azure门户集中配置OT传感器设置	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/configure-sensor-settings-portal
为OT传感器配置Windows端点监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/configure-windows-endpoint-monitoring
配置OT传感器到Azure的代理连接	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/connect-sensors
使用本地脚本丰富Windows端点数据	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/detect-windows-endpoints-script
将补充OT设备数据导入传感器	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-import-device-information
通过传感器控制台维护单个OT传感器	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-manage-individual-sensors
为OT传感器健康配置SNMP MIB监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-set-up-snmp-mib-monitoring
管理OT传感器上的威胁情报包更新	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-work-with-threat-intelligence-packages
应用Defender for IoT传感器的网络要求	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/networking-requirements
允许OT传感器连接到Azure端点	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/provision-cloud-management
为Defender for IoT在Cisco上配置ERSPAN	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-erspan
为镜像配置ESXi vSwitch混杂模式	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-esxi
为镜像配置Hyper-V vSwitch混杂模式	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-hyper-v
为Defender for IoT配置Cisco RSPAN镜像	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-rspan
为OT传感器配置Cisco SPAN端口镜像	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/configure-mirror-span

Integrations & Coding Patterns

集成与编码模式

Topic	URL
Provision Defender micro agent using IoT Hub DPS with X.509	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-provision-micro-agent
Use Defender micro agent API for Eclipse ThreadX integration	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/threadx-security-module-api
Integrate OT sensor alert management APIs	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/api/sensor-alert-apis
Integrate OT sensor inventory management APIs	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/api/sensor-inventory-apis
Use OT sensor vulnerability management APIs	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/api/sensor-vulnerability-apis
Automate sensor disconnection alerts with Sentinel playbooks	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/automate-sensor-disconnection-alerts
Forward OT sensor alerts to partner systems	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-forward-alert-information-to-partners
Integrate Defender for IoT with ArcSight SIEM	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/arcsight
Send Defender for IoT alerts to LogRhythm	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/logrhythm
Send Defender for IoT alerts to RSA NetWitness	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/netwitness
Connect on-premises Defender for IoT to Sentinel (legacy)	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/on-premises-sentinel
Stream Defender for IoT cloud alerts to external SIEMs	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/send-cloud-data-to-partners
Configure legacy ServiceNow integration for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/service-now-legacy
Use Sentinel solution to detect IoT threats	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/iot-advanced-threat-monitoring
Connect Defender for IoT with Microsoft Sentinel	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/iot-solution
Access Defender for IoT data via REST APIs	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/references-work-with-defender-for-iot-apis
Integrate CyberArk with Defender for IoT for credential security	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-cyberark
Integrate Forescout with Microsoft Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-forescout
Integrate Fortinet firewalls with Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-fortinet
Integrate Palo Alto firewalls with Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-palo-alto
Integrate IBM QRadar with Defender for IoT alerts	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-qradar
Integrate ServiceNow Operational Technology Manager with Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-servicenow
Integrate Splunk with Microsoft Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-splunk
Visualize Defender for IoT data with Azure workbooks	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/workbooks

主题	链接
使用IoT Hub DPS和X.509证书预配Defender微代理	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-provision-micro-agent
使用Defender微代理API与Eclipse ThreadX集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/threadx-security-module-api
集成OT传感器警报管理API	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/api/sensor-alert-apis
集成OT传感器资产管理API	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/api/sensor-inventory-apis
使用OT传感器漏洞管理API	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/api/sensor-vulnerability-apis
使用Sentinel剧本自动化传感器断开警报	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/automate-sensor-disconnection-alerts
将OT传感器警报转发到合作伙伴系统	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/how-to-forward-alert-information-to-partners
将Defender for IoT与ArcSight SIEM集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/arcsight
将Defender for IoT警报发送到LogRhythm	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/logrhythm
将Defender for IoT警报发送到RSA NetWitness	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/netwitness
将本地Defender for IoT与Sentinel集成（旧版）	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/on-premises-sentinel
将Defender for IoT云警报流式传输到外部SIEM	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/send-cloud-data-to-partners
为Defender for IoT配置旧版ServiceNow集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/integrations/service-now-legacy
使用Sentinel解决方案检测IoT威胁	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/iot-advanced-threat-monitoring
将Defender for IoT与Microsoft Sentinel连接	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/iot-solution
通过REST API访问Defender for IoT数据	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/references-work-with-defender-for-iot-apis
将CyberArk与Defender for IoT集成以保障凭据安全	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-cyberark
将Forescout与Microsoft Defender for IoT集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-forescout
将Fortinet防火墙与Defender for IoT集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-fortinet
将Palo Alto防火墙与Defender for IoT集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-palo-alto
将IBM QRadar与Defender for IoT警报集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-qradar
将ServiceNow Operational Technology Manager与Defender for IoT集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-servicenow
将Splunk与Microsoft Defender for IoT集成	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/tutorial-splunk
使用Azure工作簿可视化Defender for IoT数据	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/workbooks

Deployment

部署

Topic	URL
Move Defender for IoT iotsecuritysolutions resource across regions	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-region-move
Select OT monitoring appliances for Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/
Use Dell PowerEdge R350 for OT sensor deployments	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/dell-poweredge-r350-e1800
Use Dell PowerEdge R360 for OT sensor deployments	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/dell-poweredge-r360-e1800
Use Dell PowerEdge R660 for OT sensor deployments	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/dell-poweredge-r660
Deploy Heptagon YB3x appliance for OT monitoring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/heptagon-yb3x
Use HPE DL20 Gen 11 (4SFF) for SMB OT monitoring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-gen-11
Use HPE DL20 Gen 11 (NHP 2LFF) for SMB/L500 OT monitoring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-gen-11-nhp-2lff
Use legacy HPE DL20 Gen10 for enterprise OT monitoring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-legacy
Use HPE DL20 Gen10 Plus for enterprise OT monitoring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-plus-enterprise
Use HPE DL20 Gen10 Plus (NHP 2LFF) for SMB/L500 OT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-plus-smb
Deploy Defender for IoT on HPE ProLiant DL360	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl360
Deploy Defender for IoT on HPE ProLiant DL360 Gen 11	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl360-gen11
Deploy OT sensor as Hyper-V Gen 2 virtual appliance	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/virtual-sensor-hyper-v
Deploy OT sensor as VMware ESXi virtual appliance	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/virtual-sensor-vmware
Deploy YS-techsystems YS-FIT2 for OT monitoring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/ys-techsystems-ys-fit2
Onboard OT sensors to Defender for IoT in Azure	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/onboard-sensors
Configure and activate Defender for IoT OT sensors	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/activate-deploy-sensor
Install and initially configure OT sensor software	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/install-software-ot-sensor
Understand Defender for IoT OT deployment phases	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/ot-deploy-path
Deploy OT sensor with correct traffic mirroring	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/set-up-traffic-mirroring

主题	链接
跨区域迁移Defender for IoT iotsecuritysolutions资源	https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/how-to-region-move
为Defender for IoT选择OT监控设备	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/
使用Dell PowerEdge R350部署OT传感器	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/dell-poweredge-r350-e1800
使用Dell PowerEdge R360部署OT传感器	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/dell-poweredge-r360-e1800
使用Dell PowerEdge R660部署OT传感器	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/dell-poweredge-r660
部署Heptagon YB3x设备用于OT监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/heptagon-yb3x
使用HPE DL20 Gen 11 (4SFF)进行SMB OT监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-gen-11
使用HPE DL20 Gen 11 (NHP 2LFF)进行SMB/L500 OT监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-gen-11-nhp-2lff
使用旧版HPE DL20 Gen10进行企业级OT监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-legacy
使用HPE DL20 Gen10 Plus进行企业级OT监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-plus-enterprise
使用HPE DL20 Gen10 Plus (NHP 2LFF)进行SMB/L500 OT监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl20-plus-smb
在HPE ProLiant DL360上部署Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl360
在HPE ProLiant DL360 Gen 11上部署Defender for IoT	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/hpe-proliant-dl360-gen11
将OT传感器部署为Hyper-V Gen 2虚拟设备	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/virtual-sensor-hyper-v
将OT传感器部署为VMware ESXi虚拟设备	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/virtual-sensor-vmware
部署YS-techsystems YS-FIT2用于OT监控	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/appliance-catalog/ys-techsystems-ys-fit2
在Azure中注册Defender for IoT OT传感器	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/onboard-sensors
配置并激活Defender for IoT OT传感器	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/activate-deploy-sensor
安装并初步配置OT传感器软件	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/install-software-ot-sensor
了解Defender for IoT OT部署阶段	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/ot-deploy/ot-deploy-path
使用正确的流量镜像部署OT传感器	https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/traffic-mirroring/set-up-traffic-mirroring