Merge pull request #187162 from shhazam-ms/fastlane--Remove-Horizon-API-and-most-of-SDK

Horizon SDK and API changes

Author: ttorble

.openpublishing.redirection.defender-for-iot.json

@@ -554,6 +554,16 @@
             "source_path_from_root": "/articles/defender-for-iot/device-builders/architecture-agent-based.md",
             "redirect_url": "/azure/defender-for-iot/device-builders/overview",
             "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/defender-for-iot/organizations/references-horizon-api.md",
+            "redirect_url": "/azure/defender-for-iot/organizations",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/defender-for-iot/organizations/references-horizon-sdk.md",
+            "redirect_url": "/azure/defender-for-iot/organizations",
+            "redirect_document_id": false
         }
     ]
 }

articles/defender-for-iot/organizations/TOC.yml

@@ -217,10 +217,6 @@
   items:
   - name: Work with Defender for IoT APIs
     href: references-work-with-defender-for-iot-apis.md
-  - name: Horizon API
-    href: references-horizon-api.md
-  - name: Horizon SDK
-    href: references-horizon-sdk.md
   - name: Work with Defender for IoT CLI commands
     href: references-work-with-defender-for-iot-cli-commands.md
   - name: Manage proprietary protocols (Horizon)

articles/defender-for-iot/organizations/concept-key-concepts.md

@@ -110,6 +110,62 @@ Using custom, condition-based alert triggering and messaging helps pinpoint spec
 
 For a complete list of supported protocols see, [Supported Protocols](concept-supported-protocols.md#supported-protocols).
 
+
+### Secure development environment 
+
+The Horizon ODE enables development of custom or proprietary protocols that cannot be shared outside an organization. For example, because of legal regulations or corporate policies.
+
+Develop dissector plugins without: 
+
+- revealing any proprietary information about how your protocols are defined.
+
+- sharing any of your sensitive PCAPs.
+
+- violating compliance regulations.
+
+Contact <[email protected]> for information about developing protocol plugins.
+
+### Customization and localization  
+
+The SDK supports various customization options, including:
+
+  - Text for function codes. 
+
+  - Full localization text for alerts, events, and protocol parameters.
+
+  :::image type="content" source="media/references-horizon-sdk/localization.png" alt-text="View fully localized alerts.":::
+
+## Horizon architecture
+
+The architectural model includes three product layers.
+
+:::image type="content" source="media/references-horizon-sdk/architecture.png" alt-text="https://lh6.googleusercontent.com/YFePqJv_6jbI_oy3lCQv-hHB1Qly9a3QQ05uMnI8UdTwhOuxpNAedj_55wseYEQQG2lue8egZS-mlnQZPWfFU1dF4wzGQSJIlUqeXEHg9CG4M7ASCZroKgbghv-OaNoxr3AIZtIh":::
+
+### Defender for IoT platform layer
+
+Enables immediate integration and real-time monitoring of custom dissector plugins in the Defender for IoT platform, without the need to upgrade the Defender for IoT platform version.
+
+### Defender for IoT services layer
+
+Each service is designed as a pipeline, decoupled from a specific protocol, enabling more efficient, independent development.
+
+Each service is designed as a pipeline, decoupled from a specific protocol. Services listens for traffic on the pipeline. They interact with the plugin data and the traffic captured by the sensors to index deployed protocols and analyze the traffic payload, and enable a more efficient and independent development.
+
+### Custom dissector layer 
+
+Enables creation of plugins using the Defender for IoT proprietary SDK (including C++ implementation and JSON configuration) to: 
+
+- Define how to identify the protocol
+
+- Define how to map the fields you want to extract from the traffic, and extract them 
+
+- Define how to integrate with the Defender for IoT services
+
+  :::image type="content" source="media/references-horizon-sdk/layers.png" alt-text="The built-in layers.":::
+
+Defender for IoT provides basic dissectors for common protocols. You can build your dissectors on top of these protocols.
+
+
 ## What is an Inventory Device
 
 The Defender for IoT Device inventory displays an extensive range of asset attributes that are detected by sensors monitoring the organizations networks and managed endpoints.

articles/defender-for-iot/organizations/concept-supported-protocols.md

@@ -47,7 +47,7 @@ This section lists protocols that are detected using passive monitoring.
 
 **Medical:** ASTM, HL7
 
-**Microsoft:** Horizon community dissectors, Horizon proprietary dissectors (developed by customers). See [Horizon proprietary protocol dissector](references-horizon-sdk.md) for details.
+**Microsoft:** Horizon community dissectors, Horizon proprietary dissectors (developed by customers). 
 
 **Mitsubishi:** Melsoft / Melsec (Mitsubishi Electric)
 
@@ -113,6 +113,4 @@ We invite you to join our community here: <[email protected]>
 
 ## Next steps
 
-Learn more about the [Horizon proprietary protocol dissector](references-horizon-sdk.md).
-
-Check out our [Horizon API](references-horizon-api.md).
+[Customize alert rules](how-to-accelerate-alert-incident-response.md#customize-alert-rules).