MicrosoftDocs
diff --git a/‎articles/defender-for-iot/index.yml
Lines changed: 41 additions & 34 deletions b/‎articles/defender-for-iot/index.yml
Lines changed: 41 additions & 34 deletions
diff --git a/‎articles/defender-for-iot/organizations/TOC.yml
Lines changed: 2 additions & 0 deletions b/‎articles/defender-for-iot/organizations/TOC.yml
Lines changed: 2 additions & 0 deletions
diff --git a/‎articles/defender-for-iot/organizations/appliance-catalog/appliance-catalog-overview.md
Lines changed: 40 additions & 0 deletions b/‎articles/defender-for-iot/organizations/appliance-catalog/appliance-catalog-overview.md
Lines changed: 40 additions & 0 deletions
diff --git a/‎articles/defender-for-iot/organizations/how-to-install-software.md
Lines changed: 30 additions & 23 deletions b/‎articles/defender-for-iot/organizations/how-to-install-software.md
Lines changed: 30 additions & 23 deletions
@@ -1,74 +1,81 @@
 ### YamlMime:Hub
 
-title: Microsoft Defender for IoT 
-summary: Microsoft Defender for IoT provides comprehensive threat detection for IoT/OT environments, with multiple deployment options including fully on-premises, cloud-connected, or hybrid.
-brand: azure ## Used for color theming of icons and hero area
+title: Microsoft Defender for IoT
+summary: Microsoft Defender for IoT provides comprehensive threat detection for IoT/OT environments, with multiple deployment options that include cloud, on-premises, or hybrid.
 
 metadata:
   title: Microsoft Defender for IoT documentation
-  description: Learn how Microsoft Defender for IoT, an Azure based cloud security service provides comprehensive IoT device threat protection.
+  description: Learn how Microsoft Defender for IoT, an Azure-based, cloud security service provides comprehensive IoT device threat protection.
   services: service
   ms.service: defender-for-iot
   ms.topic: landing-page
-  ms.collection: M365-security-compliance
   author: batamig
   manager: raynew
-  ms.date: 11/09/2021
+  ms.date: 07/10/2022
 
 highlightedContent:
 # itemType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | whats-new
   items:
-    - title: What is Microsoft Defender for IoT for end-user organizations?
+    - title: Microsoft Defender for IoT support for end-user organizations
       itemType: overview # controls the icon image and super-title text
       url: organizations/overview.md
     - title: What's new for end-user organizations?
       itemType: whats-new
       url: organizations/release-notes.md
-    - title: Agentless solution architecture for end-user organizations
-      itemType: architecture 
+    - title: Agentless system architecture
+      itemType: architecture
       url: organizations/architecture.md
-    - title: What is Microsoft Defender for IoT for device builders?
+    - title: Microsoft Defender for IoT support for device builders
       itemType: overview
       url: device-builders/overview.md
     - title: What's new for device builders?
       itemType: whats-new
       url: device-builders/release-notes.md
-    - title: Agent-based solution architecture for device builders
-      itemType: architecture
-      url: device-builders/architecture-agent-based.md
+    - title: Configure Microsoft Defender for IoT on your Azure IoT Hub
+      itemType: quickstart
+      url: device-builders/quickstart-onboard-iot-hub.md
 
 conceptualContent:
 # itemType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | whats-new
   items:
-    - title: Microsoft Defender for IoT for end-user organizations 
+    - title: Microsoft Defender for IoT documentation for end-user organizations
       links:
         - url: organizations/getting-started.md
           itemType: quickstart
-          text: Get started with Defender for IoT for end-user organizations
-        - url: organizations/concept-key-concepts.md
-          itemType: quickstart
-          text: Key concepts
-        - url: organizations/how-to-set-up-your-network.md
-          itemType: how-to-guide
-          text: About Microsoft Defender for IoT network setup
+          text: Get started with Defender for IoT
+        - url: organizations/tutorial-onboarding.md
+          itemType: tutorial
+          text: Get started with for OT security monitoring
+        - url: organizations/tutorial-getting-started-eiot-sensor.md
+          itemType: tutorial
+          text: Get started with Enterprise IoT security monitoring
+        - url: organizations/best-practices/understand-network-architecture.md
+          itemType: concept
+          text: Understand your OT network architecture
+        - url: organizations/concept-sentinel-integration.md
+          itemType: concept
+          text: OT threat monitoring in enterprise SOCs
       footerLink:
         url: organizations/index.yml
         text: See more
 
-    - title: Microsoft Defender for IoT for device builders
+    - title: Microsoft Defender for IoT documentation for device builders
       links:
-        - url: device-builders/quickstart-onboard-iot-hub.md
-          itemType: quickstart
-          text: Onboard Defender for IoT to an agent-based solution
-        - url: device-builders/quickstart-configure-your-solution.md
-          itemType: quickstart
-          text: Configure your Microsoft Defender for IoT solution
-        - url: device-builders/concept-recommendations.md
-          itemType: concept
-          text: Security recommendations for IoT Hub
-        - url: device-builders/how-to-configure-agent-based-solution.md
-          itemType: how-to-guide
-          text: Configure Microsoft Defender for IoT
+        - url: device-builders/tutorial-configure-your-solution.md
+          itemType: tutorial
+          text: Add a resource group to your IoT solution
+        - url: device-builders/tutorial-create-micro-agent-module-twin.md
+          itemType: tutorial
+          text: Create a DefenderIotMicroAgent module twin
+        - url: device-builders/tutorial-standalone-agent-binary-installation.md
+          itemType: tutorial
+          text: Install the Defender for IoT micro agent
+        - url: device-builders/tutorial-investigate-security-recommendations.md
+          itemType: tutorial
+          text: Investigate security recommendations
+        - url: device-builders/tutorial-investigate-security-alerts.md
+          itemType: tutorial
+          text: Investigate security alerts
       footerLink:
         url: device-builders/index.yml
         text: See more
@@ -206,6 +206,8 @@
   items:
   - name: OT monitoring appliances
     items:
+    - name: Overview
+      href: appliance-catalog/appliance-catalog-overview.md
     - name: Corporate environments
       items:
       - name: HPE ProLiant DL360
 
@@ -0,0 +1,40 @@
+---
+title: OT monitoring appliance reference overview - Microsoft Defender for IoT
+description: Provides an overview of all appliances available for use with Microsoft Defender for IoT OT sensors and on-premises management consoles.
+ms.date: 07/10/2022
+ms.topic: conceptual
+---
+
+# OT monitoring appliance reference
+
+This article provides an overview of the OT monitoring appliances supported with Microsoft Defender for IoT.
+
+Each article provides details about the appliance and any extra software installation procedures required. For more information, see [Install OT system software](../how-to-install-software.md) and [Update Defender for IoT OT monitoring software](../update-ot-software.md).
+
+## Corporate environments
+
+The following OT monitoring appliances are available for corporate deployments:
+
+- [HPE ProLiant DL360](hpe-proliant-dl360.md)
+
+## Large enterprises
+
+The following OT monitoring appliances are available for large enterprise deployments:
+
+- [HPE ProLiant DL20/DL20 Plus (4SFF)](hpe-proliant-dl20-plus-enterprise.md)
+
+## Production line
+
+The following OT monitoring appliances are available for production line  deployments:
+
+- [HPE ProLiant DL20/DL20 Plus (NHP 2LFF) for SMB deployments](hpe-proliant-dl20-plus-smb.md)
+- [Dell Edge 5200 (Rugged)](dell-edge-5200.md)
+- [YS-techsystems YS-FIT2 (Rugged)](ys-techsystems-ys-fit2.md)
+
+## Next steps
+
+For more information, see:
+
+- [Which appliances do I need?](../ot-appliance-sizing.md)
+- [Pre-configured physical appliances for OT monitoring](../ot-pre-configured-appliances.md)
+- [OT monitoring with virtual appliances](../ot-virtual-appliances.md)
@@ -1,14 +1,13 @@
 ---
-title: Install OT system software - Microsoft Defender for IoT
-description: Learn how to install a sensor and the on-premises management console for Microsoft Defender for IoT.
-ms.date: 01/06/2022
+title: Install OT network monitoring software - Microsoft Defender for IoT
+description: Learn how to install agentless monitoring software for an OT sensor and an on-premises management console for Microsoft Defender for IoT. Use this article if you're reinstalling software on a preconfigured appliance, or if you've chosen to install software on your own appliances.
+ms.date: 07/11/2022
 ms.topic: how-to
 ---
 
-# Install OT system software
-
-This article describes how to install software for OT sensors and on-premises management consoles. You might need the procedures in this article if you're reinstalling software on a preconfigured appliance, or if you've chosen to install software on your own appliances.
+# Install OT agentless monitoring software
 
+This article describes how to install agentless monitoring software for OT sensors and on-premises management consoles. You might need the procedures in this article if you're reinstalling software on a preconfigured appliance, or if you've chosen to install software on your own appliances.
 
 ## Pre-installation configuration
 
@@ -26,7 +25,7 @@ For more information, see:
 
 Make sure that you've downloaded the relevant software file for the sensor or on-premises management console.
 
-You can obtain the latest versions of our OT sensor and on-premises management console software from the Azure portal, on the Defender for IoT > **Getting started** page. Select the **Sensor**, **On-premises management console**, or **Updates** tab and locate the software you need.
+You can obtain the latest versions of our OT sensor and on-premises management console software from the Azure portal. On the Defender for IoT > **Getting started** page, select the **Sensor**, **On-premises management console**, or **Updates** tab and locate the software you need.
 
 Mount the ISO file using one of the following options:
 
@@ -59,33 +58,33 @@ This procedure describes how to install OT sensor software on a physical or virt
 
 1. The sensor will reboot, and the **Package configuration** screen will appear. Press the up or down arrows to navigate, and the SPACE bar to select an option. Press ENTER to advance to the next screen.
 
-1. Select the monitor interface and press the **ENTER** key.
+1. Select the monitor interface. For example:
 
     :::image type="content" source="media/tutorial-install-components/monitor-interface.png" alt-text="Screenshot of the select monitor interface screen.":::
 
-1. If one of the monitoring ports is for ERSPAN, select it, and press the **ENTER** key.
+1. If one of the monitoring ports is for ERSPAN, select it. For example:
 
     :::image type="content" source="media/tutorial-install-components/erspan-monitor.png" alt-text="Screenshot of the select erspan monitor screen.":::
 
-1. Select the interface to be used as the management interface, and press the **ENTER** key.
+1. Select the interface to be used as the management interface. For example:
 
     :::image type="content" source="media/tutorial-install-components/management-interface.png" alt-text="Screenshot of the management interface select screen.":::
 
-1. Enter the sensor's IP address, and press the **ENTER** key.
+1. Enter the sensor's IP address. For example:
 
     :::image type="content" source="media/tutorial-install-components/sensor-ip-address.png" alt-text="Screenshot of the sensor IP address screen.":::
 
-1. Enter the path of the mounted logs folder. We recommend using the default path, and press the **ENTER** key.
+1. Enter the path of the mounted logs folder. We recommend using the default path. For example:
 
     :::image type="content" source="media/tutorial-install-components/mounted-backups-path.png" alt-text="Screenshot of the mounted backup path screen.":::
 
-1. Enter the Subnet Mask IP address, and press the **ENTER** key.
+1. Enter the Subnet Mask IP address. For example:
 
-1. Enter the default gateway IP address, and press the **ENTER** key.
+1. Enter the default gateway IP address.
 
-1. Enter the DNS Server IP address, and press the **ENTER** key.
+1. Enter the DNS Server IP address.
 
-1. Enter the sensor hostname and press the **ENTER** key.
+1. Enter the sensor hostname. For example:
 
     :::image type="content" source="media/tutorial-install-components/sensor-hostname.png" alt-text="Screenshot of the screen where you enter a hostname for your sensor.":::
 
@@ -150,9 +149,9 @@ For information on how to find the physical port on your appliance, see [Find yo
 
 ### Add a secondary NIC (optional)
 
-You can enhance security to your on-premises management console by adding a secondary NIC dedicated for attached sensors within an IP address range. By adding a secondary NIC, the first will be dedicated for end-users, and the secondary will support the configuration of a gateway for routed networks.
+You can enhance security to your on-premises management console by adding a secondary NIC dedicated for attached sensors within an IP address range. When you use a secondary NIC, the first is dedicated for end-users, and the secondary supports the configuration of a gateway for routed networks.
 
-:::image type="content" source="media/tutorial-install-components/secondary-nic.png" alt-text="The overall architecture of the secondary NIC.":::
+:::image type="content" source="media/tutorial-install-components/secondary-nic.png" alt-text="Diagram that shows the overall architecture of the secondary NIC." border="false":::
 
 Both NICs will support the user interface (UI). If you choose not to deploy a secondary NIC, all of the features will be available through the primary NIC.
 
@@ -199,7 +198,7 @@ This command will cause the light on the port to flash for the specified time pe
 
 After you've finished installing OT monitoring software on your appliance, test your system to make sure that processes are running correctly. The same validation process applies to all appliance types.
 
-System health validations are supported via the sensor or on-premises management console UI or CLI, and is available for both the **Support** and **CyberX** users.
+System health validations are supported via the sensor or on-premises management console UI or CLI, and are available for both the **Support** and **CyberX** users.
 
 After installing OT monitoring software, make sure to run the following tests:
 
@@ -211,13 +210,21 @@ After installing OT monitoring software, make sure to run the following tests:
 
 For more information, see [Check system health](how-to-troubleshoot-the-sensor-and-on-premises-management-console.md#check-system-health) in our sensor and on-premises management console troubleshooting article.
 
-## Access sensors from the on-premises management console
+## Configure tunneling access for sensors through the on-premises management console
+
+Enhance system security by preventing direct user access to the sensor.
+
+Instead of direct access, use proxy tunneling to let users access the sensor from the on-premises management console with a single firewall rule. This technique narrows the possibility of unauthorized access to the network environment beyond the sensor. The user's experience when signing in to the sensor remains the same.
+
+When tunneling access is configured, users use the following URL syntax to access their sensor consoles: `https://<on-premises management console address>/<sensor address>/<page URL>`
+
+For example, the following image shows a sample architecture where users access the sensor consoles via the on-premises management console.
 
-You can enhance system security by preventing direct user access to the sensor. Instead, use proxy tunneling to let users access the sensor from the on-premises management console with a single firewall rule. This technique narrows the possibility of unauthorized access to the network environment beyond the sensor. The user's experience when signing in to the sensor remains the same.
+:::image type="content" source="media/tutorial-install-components/sensor-system-graph.png" alt-text="Screenshot that shows access to the sensor." border="false":::
 
-:::image type="content" source="media/tutorial-install-components/sensor-system-graph.png" alt-text="Screenshot that shows access to the sensor.":::
+The interface between the IT firewall, on-premises management console, and the OT firewall is done using a reverse proxy with URL rewrites. The interface between the OT firewall and the sensors is done using reverse SSH tunnels.
 
-**To enable tunneling**:
+**To enable tunneling access for sensors**:
 
 1. Sign in to the on-premises management console's CLI with the **CyberX** or the **Support** user credentials.