Skip to content

Commit 27c2dd6

Browse files
asergazasergaz
committed
Enhance IoT overview security article with Azure security capabilities for edge-based solutions
1 parent 53ac695 commit 27c2dd6

File tree

1 file changed

+16
-0
lines changed

1 file changed

+16
-0
lines changed

articles/iot/iot-overview-security.md

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,22 @@ The following diagram shows a high-level view of the components in a typical edg
2020
<!-- Art Library Source# ConceptArt-0-000-032 -->
2121
:::image type="content" source="media/iot-overview-security/iot-edge-security-architecture.svg" alt-text="Diagram that shows the high-level IoT edge-based solution architecture highlighting security." border="false":::
2222

23+
Typically on an edge-based solution, you want to secure your end-to-end operations by using Azure security capabilities. Azure IoT Operations has built-in security capabilities such as [secrets management](../iot-operations/secure-iot-ops/howto-manage-secrets.md), [certificate management](../iot-operations/secure-iot-ops/concept-default-root-ca.md), and [secure settings](../iot-operations/deploy-iot-ops/howto-enable-secure-settings.md) on an Azure Arc-enabled Kubernetes cluster. When a Kubernetes cluster is connected to Azure, an outbound connection to Azure is initiated, using industry-standard SSL to secure data in transit, and several other security features are enabled, such as:
24+
25+
- View and monitor your clusters using [Azure Monitor for containers](/azure/azure-monitor/containers/kubernetes-monitoring-enable).
26+
- Enforce threat protection using [Microsoft Defender for Containers](/azure/defender-for-cloud/defender-for-containers-enable).
27+
- Ensure governance through applying policies with [Azure Policy for Kubernetes](/azure/governance/policy/concepts/policy-for-kubernetes).
28+
- Grant access and connect to your Kubernetes clusters from anywhere, and manage access by using [Azure role-based access control (RBAC)](/azure/azure-arc/kubernetes/azure-rbac) on your cluster.
29+
30+
You can divide security in an edge-based IoT solution into the following three areas:
31+
32+
- **Asset security**:
33+
34+
- **Connection security**:
35+
36+
- **Edge and Cloud security**:
37+
38+
2339
# [Cloud-based solution](#tab/cloud)
2440

2541
The following diagram shows a high-level view of the components in a typical cloud-based IoT solution. This article focuses on the security of a cloud-based IoT solution:

0 commit comments

Comments
 (0)