Merge pull request #206223 from yoninalmsft/FAQ-new

JamesJBarnett · web-flow · commit c07037578f4d · 2022-08-14T15:32:05.000-07:00
FAQ EIoT
diff --git a/.openpublishing.redirection.defender-for-iot.json b/.openpublishing.redirection.defender-for-iot.json
@@ -1,5 +1,10 @@
 {
     "redirections": [
+        {
+            "source_path_from_root": "/articles/defender-for-iot/organizations/resources-frequently-asked-questions.md",
+            "redirect_url": "/azure/defender-for-iot/organizations/faqs-general",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/defender-for-iot/organizations/appliance-catalog/appliance-catalog-overview.md",
             "redirect_url": "/azure/defender-for-iot/organizations/appliance-catalog/index",
diff --git a/articles/defender-for-iot/organizations/TOC.yml b/articles/defender-for-iot/organizations/TOC.yml
@@ -265,9 +265,14 @@
     href: references-work-with-defender-for-iot-apis.md
   - name: Defender for IoT CLI commands
     href: references-work-with-defender-for-iot-cli-commands.md
-  - name: Frequently asked questions - service
-    displayName: FAQ, regulation, internet, connection, hardware, appliances, ports, logs 
-    href: resources-frequently-asked-questions.md
+  - name: Frequently asked questions
+    items:
+    - name: General FAQ
+      href: faqs-general.md
+    - name: OT networks FAQ
+      href: faqs-ot.md
+    - name: Enterprise IoT networks FAQ
+      href: faqs-eiot.md
   - name: Defender for IoT glossary
     href: references-defender-for-iot-glossary.md
 - name: Resources
diff --git a/articles/defender-for-iot/organizations/faqs-eiot.md b/articles/defender-for-iot/organizations/faqs-eiot.md
@@ -0,0 +1,106 @@
+---
+title: FAQs for Enterprise IoT networks - Microsoft Defender for IoT
+description: Find answers to the most frequently asked questions about Microsoft Defender for IoT Enterprise IoT networks.
+ms.topic: conceptual
+ms.date: 07/07/2022
+---
+
+# Enterprise IoT networks frequently asked questions
+
+This article provides a list of frequently asked questions and answers about Enterprise IoT networks in Defender for IoT.
+
+## What is the difference between OT and Enterprise IoT? 
+
+### OT
+
+OT network sensors use agentless, patented technology to discover, learn, and continuously monitor network devices for a deep visibility into Operational Technology (OT) / Industrial Control System (ICS) risks. Sensors carry out data collection, analysis, and alerting on-site, making them ideal for locations with low bandwidth or high latency.
+
+### Enterprise IoT 
+
+Enterprise IoT provides visibility and security for IoT devices in the corporate environment. 
+
+Enterprise IoT network protection extends agentless features beyond operational environments, providing coverage for all IoT devices in your environment. For example, an enterprise IoT environment may include printers, cameras, and purpose-built, proprietary, devices.
+
+## What additional security value can Enterprise IoT provide Microsoft Defender for Endpoint customers?
+
+Enterprise IoT is designed to help customers secure unmanaged devices throughout the organization and extend IT security to also cover IoT devices. The solution leverages multiple means in order to ensure optimal coverage.
+
+- **In the Microsoft Defender for Endpoint portal**: This is the GA offering for Enterprise IoT. Microsoft 365 P2 customers already have visibility for discovered IoT devices in the **Device inventory** page in Defender for Endpoint. Customers can onboard an Enterprise IoT plan in the same portal and gain security value by viewing alerts, recommendations and vulnerabilities for their discovered IoT devices.
+
+- **In the Azure portal**: Defender for IoT customers can view their discovered IoT devices in the **Device inventory** page in Defender for IoT in the Azure portal. To view Enterprise IoT devices in the Azure portal, you'll need to set up a network sensor (currently in Public Preview). or more information, see [Tutorial: Get started with Enterprise IoT monitoring](tutorial-getting-started-eiot-sensor.md).
+
+## How can I start using Enterprise IoT?
+
+To get started, Microsoft 365 P2 customers need to [add a Defender for IoT plan with Enterprise IoT](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration#onboard-a-defender-for-iot-plan) to an Azure subscription from the Microsoft Defender for Endpoint portal.
+		
+**Public Preview**: Defender for Endpoint customers can also install a network sensor to gain more visibility into additional IoT segments of the corporate network that weren't previously covered by Defender for Endpoint. Deploying a network sensor is not a prerequisite for onboarding Enterprise IoT. 
+For more information, see [Tutorial: Get started with Enterprise IoT monitoring](tutorial-getting-started-eiot-sensor.md)
+
+If you’re a Defender for Endpoint customer, when adding your Defender for IoT plan, take care to exclude any devices already managed by Defender for Endpoint from your count of committed devices.
+
+## How can I use the Enterprise IoT network sensor?
+
+The Enterprise IoT network sensor is currently in Public Preview and can be used by all customers without additional charge. Onboard a Defender for IoT plan with Enterprise IoT, and then set up your Enterprise IoT network sensor.
+
+For more information, see [Tutorial: Get started with Enterprise IoT](tutorial-getting-started-eiot-sensor.md).
+
+## What permissions do I need to add a Defender for IoT plan? Can I use any Azure subscription?
+
+For information on required permissions, see [Prerequisites](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration).
+
+## Which devices are billable?
+
+For more information about billable devices, see [Defender for IoT committed devices](how-to-manage-subscriptions.md#defender-for-iot-committed-devices).
+
+## How should I estimate the number of committed devices?
+
+In the **Device inventory** in Defender for Endpoint:
+
+Add the total number of discovered network devices with the total number of discovered IoT devices. Round that up to a multiple of 100, and that is the number of committed devices to use.
+
+ For more information, see [Defender for IoT committed devices](how-to-manage-subscriptions.md#defender-for-iot-committed-devices).
+
+## How does the integration between Microsoft Defender for Endpoint and Microsoft Defender for IoT work?
+
+Once you've [added a Defender for IoT plan with Enterprise IoT to an Azure subscription in Defender for Endpoint](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration#onboard-a-defender-for-iot-plan), integration between the two products takes place seamlessly.
+
+Discovered IoT devices can be viewed in both Defender for IoT and Defender for Endpoint. For more information, see [Defender for IoT integration](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration).
+
+## Can I change the subscription I’m using for Defender for IoT?
+
+To change the subscription you're using for your Defender for IoT plan, you'll need to cancel your plan on the existing subscription, and then onboard a new plan to a new subscription. Your existing data won't be migrated to the new subscription. For more information, see [Move existing sensors to a different subscription](how-to-manage-subscriptions.md#move-existing-sensors-to-a-different-subscription).
+
+## How can I edit my plan in Defender for Endpoint?
+
+To make any changes to an existing plan, you'll need to cancel your existing plan and onboard a new plan with the new details. Changes might include moving billing charges from one subscription to another, changing the number of committed devices, or changing the plan commitment from a trial to a monthly commitment.
+
+## How can I cancel Enterprise IoT?
+
+To remove only Enterprise IoT from your plan, cancel your plan from Microsoft Defender for Endpoint. For more information, see [Cancel your Defender for IoT plan](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration#cancel-your-defender-for-iot-plan).
+
+To cancel the plan and remove all Defender for IoT services from the associated subscription, cancel the plan in Defender for IoT in the Azure portal. For more information, see [Cancel a Defender for IoT plan from a subscription](how-to-manage-subscriptions.md#cancel-a-defender-for-iot-plan-from-a-subscription).
+
+## What happens when the 30-day trial ends?
+
+If you haven't changed your plan from a trial to a monthly commitment by the time your trial ends, your plan is automatically canceled, and you’ll lose access to Defender for IoT security features. 
+
+To change your plan from a trial to a monthly commitment before the end of the trial, you'll need to cancel your trial plan and onboard a new plan in Defender for Endpoint. For more information, see [Defender for IoT integration](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration).
+
+## How is the Defender for IoT pricing affected now that support for Enterprise IoT networks is in General Availability?
+
+For more information, see the [Microsoft Defender for IoT pricing](https://azure.microsoft.com/pricing/details/iot-defender/) page.
+
+> [!NOTE]
+> The Enterprise IoT network sensor is currently in Public Preview.
+
+## How can I resolve billing issues associated with my Defender for IoT plan?
+
+For any billing or technical issues, create a support request in the Azure portal.
+
+## Next steps
+
+For more information on getting started with Enterprise IoT, see:
+
+- [Tutorial: Get started with Enterprise IoT monitoring](tutorial-getting-started-eiot-sensor.md)
+- [Manage Defender for IoT plans](how-to-manage-subscriptions.md)
+- [Defender for IoT integration](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration)
diff --git a/articles/defender-for-iot/organizations/faqs-general.md b/articles/defender-for-iot/organizations/faqs-general.md
@@ -0,0 +1,37 @@
+---
+title: General FAQs - Microsoft Defender for IoT
+description: Find answers to the most frequently asked questions about Microsoft Defender for IoT features and service.
+ms.topic: conceptual
+ms.date: 07/07/2022
+---
+
+# Microsoft Defender for IoT frequently asked questions
+
+This article provides a list of frequently asked questions and answers about Defender for IoT.
+
+## What is Azure's unique value proposition for IoT security?
+
+Defender for IoT enables enterprises to extend their existing cyber security view to their entire IoT solution. Azure provides an end to end view of your business solution, enabling you to take business-related actions and decisions based on your enterprise security posture and collected data. Combined security using Azure IoT, Azure IoT Edge, and Microsoft Defender for Cloud enable you to create the solution you want with the security you need.
+
+## How does Defender for IoT compare to the competition?
+
+Microsoft Defender for IoT delivers comprehensive security across all your IoT/OT devices. For **end-user organizations**, Microsoft Defender for IoT offers agentless, network-layer security that is rapidly deployed, works with diverse proprietary OT equipment and legacy Windows systems, and interoperates with Microsoft Sentinel and other SOC tools. It can be deployed on-premises or in Azure-connected environments. For **IoT device builders**, Microsoft Defender for IoT offers lightweight agents to embed device-layer security into new IoT/OT initiatives.
+
+## Do I have to be an Azure customer?
+
+No, for the agentless version of Microsoft Defender for IoT, you do not need to be an Azure customer. However, if you want to send alerts to Microsoft Sentinel; provision network sensors and monitor their health from the cloud; and benefit from automatic software and threat intelligence updates, you will need to connect the sensor to Azure and Defender for IoT. For more information, see [Sensor connection methods](architecture-connections.md).
+
+For the agent-based version of Microsoft Defender for IoT, you must be an Azure customer.
+
+## What happens when the internet connection stops working?
+
+The sensors and agents continue to run and store data as long as the device is running. Data is stored in the security message cache according to size configuration. When the device regains connectivity, security messages resume sending.
+
+## Next steps
+
+To learn more about how to get started with Defender for IoT, see the following articles:
+
+- Read the Defender for IoT [overview](overview.md)
+- [Get started with Defender for IoT](getting-started.md)
+- [OT Networks frequently asked questions](faqs-ot.md)
+- [Enterprise IoT networks frequently asked questions](faqs-eiot.md)
diff --git a/articles/defender-for-iot/organizations/faqs-ot.md b/articles/defender-for-iot/organizations/faqs-ot.md
@@ -1,17 +1,13 @@
 ---
-title: Defender for IoT frequently asked questions
-description: Find answers to the most frequently asked questions about Microsoft Defender for IoT features and service.
+title: FAQs for OT networks - Microsoft Defender for IoT
+description: Find answers to the most frequently asked questions about Microsoft Defender for IoT OT networks.
 ms.topic: conceptual
-ms.date: 11/09/2021
+ms.date: 07/07/2022
 ---
 
-# Microsoft Defender for IoT frequently asked questions
+# OT networks frequently asked questions
 
-This article provides a list of frequently asked questions and answers about Defender for IoT.
-
-## What is Azure's unique value proposition for IoT security?
-
-Defender for IoT enables enterprises to extend their existing cyber security view to their entire IoT solution. Azure provides an end to end view of your business solution, enabling you to take business-related actions and decisions based on your enterprise security posture and collected data. Combined security using Azure IoT, Azure IoT Edge, and Microsoft Defender for Cloud enable you to create the solution you want with the security you need.
+This article provides a list of frequently asked questions and answers about OT networks in Defender for IoT.
 
 ## Our organization uses proprietary non-standard industrial protocols. Are they supported? 
 
@@ -27,7 +23,6 @@ Microsoft Defender for IoT sensor runs on specific hardware specs as described i
 
 Certified hardware has been tested in our labs for driver stability, packet drops and network sizing.
 
-
 ## Regulation doesn't allow us to connect our system to the Internet. Can we still utilize Defender for IoT?
 
 Yes you can! The Microsoft Defender for IoT platform on-premises solution is deployed as a physical or virtual sensor appliance that passively ingests network traffic (via SPAN, RSPAN, or TAP) to analyze, discover, and continuously monitor IT, OT, and IoT networks. For larger enterprises, multiple sensors can aggregate their data to an on-premises management console.
@@ -40,20 +35,6 @@ For example:
 - A single appliance (virtual of physical) can be in the Shop Floor DMZ layer, having all Shop Floor cell traffic routed to this layer.
 - Alternatively, locate small mini-sensors in each Shop Floor cell with either cloud or local management that will reside in the Shop Floor DMZ layer. Another appliance (virtual or physical) can monitor the traffic in the Shop Floor DMZ layer (for SCADA, Historian, or MES).
 
-## How does Defender for IoT compare to the competition?
-
-Microsoft Defender for IoT delivers comprehensive security across all your IoT/OT devices. For **end-user organizations**, Microsoft Defender for IoT offers agentless, network-layer security that is rapidly deployed, works with diverse proprietary OT equipment and legacy Windows systems, and interoperates with Microsoft Sentinel and other SOC tools. It can be deployed on-premises or in Azure-connected environments. For **IoT device builders**, Microsoft Defender for IoT offers lightweight agents to embed device-layer security into new IoT/OT initiatives.
-
-## Do I have to be an Azure customer?
-
-No, for the agentless version of Microsoft Defender for IoT, you do not need to be an Azure customer. However, if you want to send alerts to Microsoft Sentinel; provision network sensors and monitor their health from the cloud; and benefit from automatic software and threat intelligence updates, you will need to connect the sensor to Azure and Defender for IoT. For more information, see [Sensor connection methods](architecture-connections.md).
-
-For the agent-based version of Microsoft Defender for IoT, you must be an Azure customer.
-
-## What happens when the internet connection stops working?
-
-The sensors and agents continue to run and store data as long as the device is running. Data is stored in the security message cache according to size configuration. When the device regains connectivity, security messages resume sending.
-
 ## How can I change a user's passwords
 
 Learn how to [Change a user's password](how-to-create-and-manage-users.md#change-a-users-password) for either the sensor or the on-premises management console.
@@ -82,9 +63,6 @@ You can also use our [UI and CLI tools](how-to-troubleshoot-the-sensor-and-on-pr
 
 For more information, see [Troubleshoot the sensor and on-premises management console](how-to-troubleshoot-the-sensor-and-on-premises-management-console.md).
 
-## Next steps
-
-To learn more about how to get started with Defender for IoT, see the following articles:
+## Next Steps
 
-- Read the Defender for IoT [overview](overview.md)
-- [Get started with Defender for IoT](getting-started.md)
+- [Tutorial: Get started with Microsoft Defender for IoT for OT security](tutorial-onboarding.md)
diff --git a/articles/defender-for-iot/organizations/tutorial-getting-started-eiot-sensor.md b/articles/defender-for-iot/organizations/tutorial-getting-started-eiot-sensor.md
@@ -217,6 +217,15 @@ For more information, see [Sensor management options from the Azure portal](how-
 
 Continue viewing device data in both the Azure portal and Defender for Endpoint, depending on your organization's needs.
 
+
+- [Manage sensors with Defender for IoT in the Azure portal](how-to-manage-sensors-on-the-cloud.md)
+- [Threat intelligence research and packages](how-to-work-with-threat-intelligence-packages.md)
+- [Manage your IoT devices with the device inventory for organizations](how-to-manage-device-inventory-for-organizations.md)
+- [View and manage alerts on the Defender for IoT portal](how-to-manage-cloud-alerts.md)
+- [Use Azure Monitor workbooks in Microsoft Defender for IoT (Public preview)](workbooks.md)
+- [OT threat monitoring in enterprise SOCs](concept-sentinel-integration.md)
+- [Enterprise IoT networks frequently asked questions](faqs-eiot.md)
+
 In Defender for Endpoint, also view alerts data, recommendations and vulnerabilities related to your network traffic.
 
 For more information in Defender for Endpoint documentation, see:

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,10 @@`
`1`	`1`	`{`
`2`	`2`	`"redirections": [`
	`3`	`+ {`
	`4`	`+ "source_path_from_root": "/articles/defender-for-iot/organizations/resources-frequently-asked-questions.md",`
	`5`	`+ "redirect_url": "/azure/defender-for-iot/organizations/faqs-general",`
	`6`	`+ "redirect_document_id": false`
	`7`	`+ },`
`3`	`8`	`{`
`4`	`9`	`"source_path_from_root": "/articles/defender-for-iot/organizations/appliance-catalog/appliance-catalog-overview.md",`
`5`	`10`	`"redirect_url": "/azure/defender-for-iot/organizations/appliance-catalog/index",`