Skip to content

Commit 4d98e9f

Browse files
authored
Merge pull request #178996 from shhazam-ms/fastlane--device-definition
Fastlane: Device Defined
2 parents d89cb9f + 98f043a commit 4d98e9f

4 files changed

+46
-1
lines changed

articles/defender-for-iot/organizations/concept-key-concepts.md

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -110,6 +110,20 @@ Using custom, condition-based alert triggering and messaging helps pinpoint spec
110110

111111
For a complete list of supported protocols see, [Supported Protocols](concept-supported-protocols.md#supported-protocols).
112112

113+
## What is an Inventory Device
114+
115+
The Defender for IoT Device inventory displays an extensive range of asset attributes that are detected by sensors monitoring the organizations networks and managed endpoints.
116+
117+
Defender for IoT will identify and classify devices as a single unique network device in the inventory for:
118+
119+
1. Standalone IT/OT/IoT devices (w/ 1 or multiple NICs)
120+
1. Devices composed of multiple backplane components (including all racks/slots/modules)
121+
1. Devices acting as network infrastructure such as Switch/Router (w/ multiple NICs).
122+
123+
Public internet IP addresses, multicast groups, and broadcast groups are not considered inventory devices.
124+
Devices that have been inactive for more than 60 days are classified as inactive Inventory devices.
125+
126+
113127
## High availability
114128

115129
Increase the resilience of your Defender for IoT deployment by installing a high-availability appliance in the on-premises management console. High-availability deployments ensure that your managed sensors continuously report to an active on-premises management console.

articles/defender-for-iot/organizations/how-to-investigate-all-enterprise-sensor-detections-in-a-device-inventory.md

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,19 @@ The following table describes the table columns in the device inventory.
3939
| **Discovered** | When this device was first seen in the network. |
4040
| **PLC mode (preview)** | The PLC operating mode includes the Key state (physical) and run state (logical). Possible **Key** states include, Run, Program, Remote, Stop, Invalid, Programming Disabled.Possible Run. The possible **Run** states are Run, Program, Stop, Paused, Exception, Halted, Trapped, Idle, Offline. if both states are the same, only oe state is presented. |
4141

42+
## What is an Inventory device?
43+
44+
The Defender for IoT Device inventory displays an extensive range of asset attributes that are detected by sensors monitoring the organizations networks and managed endpoints.
45+
46+
Defender for IoT will identify and classify devices as a single unique network device in the inventory for:
47+
48+
1. Standalone IT/OT/IoT devices (w/ 1 or multiple NICs)
49+
1. Devices composed of multiple backplane components (including all racks/slots/modules)
50+
1. Devices acting as network infrastructure such as Switch/Router (w/ multiple NICs).
51+
52+
Public internet IP addresses, multicast groups, and broadcast groups are not considered inventory devices.
53+
Devices that have been inactive for more than 60 days are classified as inactive Inventory devices.
54+
4255
## Integrate data into the enterprise device inventory
4356

4457
Data integration capabilities let you enhance the data in the device inventory with information from other enterprise resources. These sources include CMDBs, DNS, firewalls, and Web APIs.

articles/defender-for-iot/organizations/how-to-investigate-sensor-detections-in-a-device-inventory.md

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,20 @@ The following attributes appear in the device inventory table.
4040
| Last Activity | The last activity that the device performed. |
4141
| Discovered | When this device was first seen in the network. |
4242

43-
To view the device inventory:
43+
## What is an Inventory device?
44+
45+
The Defender for IoT Device inventory displays an extensive range of asset attributes that are detected by sensors monitoring the organizations networks and managed endpoints.
46+
47+
Defender for IoT will identify and classify devices as a single unique network device in the inventory for:
48+
49+
1. Standalone IT/OT/IoT devices (w/ 1 or multiple NICs)
50+
1. Devices composed of multiple backplane components (including all racks/slots/modules)
51+
1. Devices acting as network infrastructure such as Switch/Router (w/ multiple NICs).
52+
53+
Public internet IP addresses, multicast groups, and broadcast groups are not considered inventory devices.
54+
Devices that have been inactive for more than 60 days are classified as inactive Inventory devices.
55+
56+
**To view the device inventory:**
4457

4558
1. In the left pane, select **Devices**. The **Devices** pane opens on the right.
4659

articles/defender-for-iot/organizations/references-defender-for-iot-glossary.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,11 @@ This glossary provides a brief description of important terms and concepts for t
4444
|--|--|--|
4545
| **Data mining** | Generate comprehensive and granular reports about your network devices:<br /><br />- **SOC incident response**: Reports in real time to help deal with immediate incident response. For example, a report can list devices that might need patching.<br /><br />- **Forensics**: Reports based on historical data for investigative reports.<br /><br />- **IT network integrity**: Reports that help improve overall network security. For example, a report can list devices with weak authentication credentials.<br /><br />- **visibility**: Reports that cover all query items to view all baseline parameters of your network.<br /><br />Save data-mining reports for read-only users to view. | **[Baseline](#b)<br /><br />[Reports](#r)** |
4646
| **Defender for IoT platform** | The Defender for IoT solution installed on Defender for IoT sensors and the on-premises management console. | **[Sensor](#s)<br /><br />[On-premises management console](#o)** |
47+
| **Inventory device** | Defender for IoT will identify and classify devices as a single unique network device in the inventory for:
48+
1. Standalone IT/OT/IoT devices (w/ 1 or multiple NICs)
49+
1. Devices composed of multiple backplane components (including all racks/slots/modules)
50+
1. Devices acting as network infrastructure such as Switch/Router (w/ multiple NICs).
51+
Public internet IP addresses, multicast groups, and broadcast groups are not considered inventory devices. Devices that have been inactive for more than 60 days are classified as inactive Inventory devices.|
4752
| **Device map** | A graphical representation of network devices that Defender for IoT detects. It shows the connections between devices and information about each device. Use the map to:<br /><br />- Retrieve and control critical device information.<br /><br />- Analyze network slices.<br /><br />- Export device details and summaries. | **[Purdue layer group](#p)** |
4853
| **Device inventory - sensor** | The device inventory displays an extensive range of device attributes detected by Defender for IoT. Options are available to:<br /><br />- Filter displayed information.<br /><br />- Export this information to a CSV file.<br /><br />- Import Windows registry details. | **[Group](#g)** <br /><br />**[Device inventory- on-premises management console](#d)** |
4954
| **Device inventory - on-premises management console** | Device information from connected sensors can be viewed from the on-premises management console in the device inventory. This gives users of the on-premises management console a comprehensive view of all network information. | **[Device inventory - sensor](#d)<br /><br />[Device inventory - data integrator](#d)** |

0 commit comments

Comments
 (0)