MicrosoftDocs
diff --git a/‎articles/defender-for-iot/organizations/best-practices/certificate-requirements.md
Lines changed: 5 additions & 7 deletions b/‎articles/defender-for-iot/organizations/best-practices/certificate-requirements.md
Lines changed: 5 additions & 7 deletions
diff --git a/‎articles/defender-for-iot/organizations/how-to-work-with-threat-intelligence-packages.md
Lines changed: 3 additions & 25 deletions b/‎articles/defender-for-iot/organizations/how-to-work-with-threat-intelligence-packages.md
Lines changed: 3 additions & 25 deletions
diff --git a/‎articles/defender-for-iot/organizations/manage-users-sensor.md
Lines changed: 1 addition & 1 deletion b/‎articles/defender-for-iot/organizations/manage-users-sensor.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/defender-for-iot/organizations/references-data-retention.md
Lines changed: 11 additions & 29 deletions b/‎articles/defender-for-iot/organizations/references-data-retention.md
Lines changed: 11 additions & 29 deletions
@@ -1,6 +1,6 @@
 ---
 title: SSL/TLS certificate file requirements - Microsoft Defender for IoT
-description: Learn about requirements for SSL/TLS certificates used with Microsoft Defender for IOT OT sensors and on-premises management consoles.
+description: Learn about requirements for SSL/TLS certificates used with Microsoft Defender for IOT OT sensors.
 ms.date: 01/17/2023
 ms.topic: install-set-up-deploy
 ---
@@ -15,15 +15,13 @@ Use the content below to learn about the requirements for [creating SSL/TLS cert
 
 Defender for IoT uses SSL/TLS certificates to secure communication between the following system components:
 
-- Between users and the OT sensor or on-premises management console UI access
-- Between OT sensors and an on-premises management console, including [API communication](../references-work-with-defender-for-iot-apis.md)
-- Between an on-premises management console and a high availability (HA) server, if configured
-- Between OT sensors or on-premises management consoles and partners servers defined in [alert forwarding rules](../how-to-forward-alert-information-to-partners.md)
+- Between users and the OT sensor
+- Between OT sensors and partners servers defined in [alert forwarding rules](../how-to-forward-alert-information-to-partners.md)
 
-Some organizations also validate their certificates against a Certificate Revocation List (CRL) and the certificate expiration date, and the certificate trust chain. Invalid certificates can't be uploaded to OT sensors or on-premises management consoles, and will block encrypted communication between Defender for IoT components.
+Some organizations also validate their certificates against a Certificate Revocation List (CRL) and the certificate expiration date, and the certificate trust chain. Invalid certificates can't be uploaded to OT sensors, and will block encrypted communication between Defender for IoT components.
 
 > [!IMPORTANT]
-> You must create a unique certificate for each OT sensor, on-premises management console, and high availability server, where each certificate meets required criteria.
+> You must create a unique certificate for each OT sensor, and high availability server, where each certificate meets required criteria.
 
 ## Supported file types
 
 
@@ -27,13 +27,13 @@ To perform the procedures in this article, make sure that you have:
 
 - One or more OT sensors [onboarded](onboard-sensors.md) to Azure.
 
-- Relevant permissions on the Azure portal and any OT network sensors or on-premises management console you want to update.
+- Relevant permissions on the Azure portal and any OT network sensors you want to update.
 
   - **To download threat intelligence packages from the Azure portal**, you need access to the Azure portal as a [Security Reader](../../role-based-access-control/built-in-roles.md#security-reader), [Security Admin](../../role-based-access-control/built-in-roles.md#security-admin), [Contributor](../../role-based-access-control/built-in-roles.md#contributor), or [Owner](../../role-based-access-control/built-in-roles.md#owner) role.
 
   - **To push threat intelligence updates to cloud-connected OT sensors from the Azure portal**, you need access to the Azure portal as a [Security Admin](../../role-based-access-control/built-in-roles.md#security-admin), [Contributor](../../role-based-access-control/built-in-roles.md#contributor), or [Owner](../../role-based-access-control/built-in-roles.md#owner) role.
 
-  - **To manually upload threat intelligence packages to OT sensors or on-premises management consoles**, you need access to the OT sensor or on-premises management console as an **Admin** user.
+  - **To manually upload threat intelligence packages to OT sensors**, you need access to the OT sensor as an **Admin** user.
 
 For more information, see [Azure user roles and permissions for Defender for IoT](roles-azure.md) and [On-premises users and roles for OT monitoring with Defender for IoT](roles-on-premises.md).
 
@@ -51,7 +51,7 @@ Update threat intelligence packages on your OT sensors using any of the followin
 
 - [Have updates pushed](#automatically-push-updates-to-cloud-connected-sensors) to cloud-connected OT sensors automatically as they're released.
 - [Manually push](#manually-push-updates-to-cloud-connected-sensors) updates to cloud-connected OT sensors.
-- [Download an update package](#manually-update-locally-managed-sensors) and manually upload it to your OT sensor. Alternately, upload the package to an on-premises management console and push the updates from there to any connected OT sensors.
+- [Download an update package](#manually-update-locally-managed-sensors) and manually upload it to your OT sensor.
 
 ### Automatically push updates to cloud-connected sensors
 
@@ -87,8 +87,6 @@ The **Threat Intelligence update status** field displays the update progress for
 
 If you're working with locally managed OT sensors, you need to download the updated threat intelligence packages and upload them manually on your sensors.
 
-If you're also working with an on-premises management console, we recommend that you upload the threat intelligence package to the on-premises management console and push the update from there.
-
 > [!TIP]
 > This option can also be used for cloud-connected sensors if you don't want to push the updates from the Azure portal.
 >
@@ -111,24 +109,6 @@ If you're also working with an on-premises management console, we recommend that
 
 1. Browse to and select the package you'd downloaded from the Azure portal and upload it to the sensor.
 
-**To update multiple sensors simultaneously:**
-
-1. Sign in to your on-premises management console and select **System settings**.
-
-1. In the **Sensor Engine Configuration** area, select the sensors that you want to receive the updated packages. For example:
-
-    :::image type="content" source="media/how-to-work-with-threat-intelligence-packages/update-threat-intelligence-multiple-sensors.png" alt-text="Screenshot of where you can select which sensors you want to make changes to." lightbox="media/how-to-work-with-threat-intelligence-packages/update-threat-intelligence-multiple-sensors.png":::
-
-1. In the **Sensor Threat Intelligence Data** section, select the plus sign (**+**).
-
-1. In the **Upload File** dialog, select **BROWSE FILE...** to browse to and select the update package. For example:
-
-    :::image type="content" source="media/how-to-work-with-threat-intelligence-packages/upload-threat-intelligence-to-management-console.png" alt-text="Screenshot of where you can upload a Threat Intelligence package to multiple sensors." lightbox="media/how-to-work-with-threat-intelligence-packages/upload-threat-intelligence-to-management-console.png":::
-
-1. Select **CLOSE** and then **SAVE CHANGES** to push the threat intelligence update to all selected sensors.
-
-    :::image type="content" source="media/how-to-work-with-threat-intelligence-packages/save-changes-management-console.png" alt-text="Screenshot of where you can save changes made to selected sensors on the management console." lightbox="media/how-to-work-with-threat-intelligence-packages/save-changes-management-console.png":::
-
 ## Review threat intelligence update statuses
 
 On each OT sensor, the threat intelligence update status and version information are shown in the sensor's **System settings > Threat intelligence** settings.
@@ -155,5 +135,3 @@ For cloud-connected OT sensors, threat intelligence data is also shown in the **
 For more information, see:
 
 - [Onboard OT sensors to Defender for IoT](onboard-sensors.md)
-
-- [Manage sensors from the management console](legacy-central-management/how-to-manage-sensors-from-the-on-premises-management-console.md)
@@ -7,7 +7,7 @@ ms.topic: how-to
 ---
 # Create and manage users on an OT network sensor
 
-Microsoft Defender for IoT provides tools for managing on-premises user access in the OT network sensor, and the legacy on-premises management console. Azure users are managed [at the Azure subscription level](manage-users-overview.md) using Azure RBAC.
+Microsoft Defender for IoT provides tools for managing on-premises user access in the OT network sensor. Azure users are managed [at the Azure subscription level](manage-users-overview.md) using Azure RBAC.
 
 This article describes how to manage on-premises users directly on an OT network sensor.
 
 
@@ -1,13 +1,13 @@
 ---
 title: Data retention and sharing across Microsoft Defender for IoT
-description: Learn about the data retention periods and capacities for Microsoft Defender for IoT data stored in Microsoft Azure, the OT sensor, and on-premises management console.
+description: Learn about the data retention periods and capacities for Microsoft Defender for IoT data stored in Microsoft Azure and the OT sensor.
 ms.topic: conceptual
 ms.date: 06/30/2024
 ---
 
 # Data retention, privacy, and sharing across Microsoft Defender for IoT
 
-Microsoft Defender for IoT stores data in the Microsoft Azure portal, in OT network sensors, and in on-premises management consoles.
+Microsoft Defender for IoT stores data in the Microsoft Azure portal, in OT network sensors.
 
 Each storage type has varying storage capacity options and retention times. This article describes the data retention policy for the amount of data and length of time the data is stored in each storage type before being deleted or overwritten.
 
@@ -46,7 +46,6 @@ The following table lists how long device data is stored in each Defender for Io
 |---------|---------|
 | **Azure portal** | 90 days from the date of the **Last activity** value. <br><br> For more information, see [Manage your device inventory from the Azure portal](how-to-manage-device-inventory-for-organizations.md). |
 | **OT network sensor** | 90 days from the date of the **Last activity** value. <br><br> For more information, see [Manage your OT device inventory from a sensor console](how-to-investigate-sensor-detections-in-a-device-inventory.md). |
-| **On-premises management console** | 90 days from the date of the **Last activity** value. <br><br> For more information, see [Manage your OT device inventory from an on-premises management console](legacy-central-management/how-to-investigate-all-enterprise-sensor-detections-in-a-device-inventory.md). |
 
 ## Alert data retention
 
@@ -56,7 +55,6 @@ The following table lists how long alert data is stored in each Defender for IoT
 |---------|---------|
 | **Azure portal** | 90 days from the date in the **First detection** value. <br><br> For more information, see [View and manage alerts from the Azure portal](how-to-manage-cloud-alerts.md). |
 | **OT network sensor** | 90 days from the date in the **First detection** value.<br><br> For more information, see [View alerts on your sensor](how-to-view-alerts.md). |
-| **On-premises management console** |  90 days from the date in the **First detection** value.<br><br> For more information, see [Work with alerts on the on-premises management console](legacy-central-management/how-to-work-with-alerts-on-premises-management-console.md). |
 
 ### OT alert PCAP data retention
 
@@ -66,7 +64,6 @@ The following table lists how long PCAP data is stored in each Defender for IoT
 |---------|---------|
 | **Azure portal** | PCAP files are available for download from the Azure portal for as long as the OT network sensor stores them. <br><br> Once downloaded, the files are cached on the Azure portal for 48 hours. <br><br> For more information, see [Access alert PCAP data](how-to-manage-cloud-alerts.md#access-alert-pcap-data). |
 | **OT network sensor** | Dependent on the sensor's storage capacity allocated for PCAP files, which determines its [hardware profile](ot-appliance-sizing.md): <br><br>- **C5600**:   130 GB  <br>- **E1800**:   130 GB  <br>-  **E1000** :   78 GB<br>- **E500**:    78 GB <br>- **L500**: 7 GB   <br>- **L100**:    2.5 GB<br><br> If a sensor exceeds its maximum storage capacity, the oldest PCAP file is deleted to accommodate the new one. <br><br> For more information, see [Access alert PCAP data](how-to-view-alerts.md#access-alert-pcap-data) and [Pre-configured physical appliances for OT monitoring](ot-pre-configured-appliances.md). |
-| **On-premises management console** | PCAP files aren't stored on the on-premises management console and are only accessed from the on-premises management console via a direct link to the OT sensor. |
 
 The usage of available PCAP storage space depends on factors such as the number of alerts, the type of the alert, and the network bandwidth, all of which affect the size of the PCAP file.
 
@@ -104,21 +101,19 @@ For more information, see [Track sensor activity](how-to-track-sensor-activity.m
 
 Service and processing log files are stored on the Azure portal for 30 days from their creation date.
 
-Other OT monitoring log files are stored only on the OT network sensor and the on-premises management console.
+Other OT monitoring log files are stored only on the OT network sensor.
 
 For more information, see:
 
 - [Troubleshoot the sensor](how-to-troubleshoot-sensor.md)
-- [Troubleshoot the on-premises management console](legacy-central-management/how-to-troubleshoot-on-premises-management-console.md)
 
 ## Backup file capacity
 
-Both the OT network sensor and the on-premises management console have automated backups running daily, and older backup files are overwritten when the configured storage capacity reaches its limit.
+The OT network sensor has automated backups running daily, and older backup files are overwritten when the configured storage capacity reaches its limit.
 
 For more information, see:
 
 - [Set up backup and restore files on an OT sensor](back-up-restore-sensor.md#set-up-backup-and-restore-files)
-- [Configure OT sensor backup settings on an on premises management console](legacy-central-management/back-up-sensors-from-management.md#configure-ot-sensor-backup-settings)
 
 ### Backups on the OT network sensor
 
@@ -132,33 +127,20 @@ The retention of backup files depends on the sensor's architecture, as each hard
 | **E1800** |   100 GB |
 | **C5600** |   100 GB |
 
-If the device can't allocate enough hard disk space, then only the last backup is saved on the on-premises management console.
+## Data sharing for Microsoft Defender for IoT
 
-### Backups on the on-premises management console
+Microsoft Defender for IoT shares data, including customer data, among the following Microsoft products, also licensed by the customer.
 
-Allocated hard disk space for on-premises management console backup files is limited to 10 GB and to only 20 backups.
-
-If you're using an on-premises management console, each connected OT sensor also has its own, extra backup directory on the on-premises management console:
-
-- A single sensor backup file is limited to a maximum of 40 GB. A file exceeding that size isn't sent to the on-premises management console.
-- Total hard disk space allocated to sensor backup from all sensors on the on-premises management console is 100 GB.
-
-## Data sharing for Microsoft Defender for IoT 
-
-Microsoft Defender for IoT shares data, including customer data, among the following Microsoft products, also licensed by the customer. 
-
-- Microsoft Defender XDR 
-- Microsoft Sentinel 
-- Microsoft Threat Intelligence Center 
-- Microsoft Defender for Cloud 
-- Microsoft Defender for Endpoint 
+- Microsoft Defender XDR
+- Microsoft Sentinel
+- Microsoft Threat Intelligence Center
+- Microsoft Defender for Cloud
+- Microsoft Defender for Endpoint
 - Microsoft Security Exposure Management
 
 ## Next steps
 
 For more information, see:
 
 - [Manage individual OT network sensors](how-to-manage-individual-sensors.md)
-- [Manage OT network sensors from an on-premises management console](legacy-central-management/how-to-manage-sensors-from-the-on-premises-management-console.md)
-- [Manage an on-premises management console](legacy-central-management/how-to-manage-the-on-premises-management-console.md)
 - [Azure data encryption](/azure/security/fundamentals/encryption-overview)