Merge pull request #232125 from batamig/release-maintenance-only-2

Deployment guide release: maintenance section take 2

Author: v-dirichards

articles/defender-for-iot/organizations/TOC.yml

@@ -135,7 +135,7 @@
     - name: Forward on-premises alert data
       href: how-to-forward-alert-information-to-partners.md
       displayName: alerts
-  - name: Visualize and monitor data
+  - name: Monitor network data
     items:
     - name: Visualize data with workbooks
       href: workbooks.md
@@ -150,8 +150,9 @@
         href: how-to-create-trends-and-statistics-reports.md
       - name: Create attack vector reports
         href: how-to-create-attack-vector-reports.md
-    - name: View OT threats by location from an OT sensor
-      href: how-to-gain-insight-into-global-regional-and-local-threats.md
+    - name: Track OT network and sensor activity
+      href: how-to-track-sensor-activity.md
+      displayName: event timeline
     - name: Analyze OT programming details and changes
       href: how-to-analyze-programming-details-changes.md
   - name: Enhance security posture
@@ -192,130 +193,92 @@
         href: tutorial-servicenow.md
       - name: Legacy integration
         href: integrations/service-now-legacy.md
-  - name: Set up OT network monitoring
+  - name: Maintain your Defender for IoT system
     items:
-    - name: Prepare your network
-      href: how-to-set-up-your-network.md
-    - name: Configure traffic mirroring
+    - name: Manage plans on your Azure subscription
       items:
-      - name: Overview
-        href: best-practices/traffic-mirroring-methods.md
-        displayName: traffic mirroring, SPAN port
-      - name: Configure a switch SPAN port
-        href: traffic-mirroring/configure-mirror-span.md
-      - name: Configure a remote SPAN (RSPAN)
-        href: traffic-mirroring/configure-mirror-rspan.md
-      - name: Configure active and passive aggregation (TAP)
-        href: traffic-mirroring/configure-mirror-tap.md
-      - name: Configure ERSPAN mirroring
-        href: traffic-mirroring/configure-mirror-erspan.md
-      - name: Configure mirroring with an ESXi vSwitch
-        href: traffic-mirroring/configure-mirror-esxi.md
-      - name: Configure mirroring with a Hyper-V vSwitch
-        href: traffic-mirroring/configure-mirror-hyper-v.md
-    - name: Manage OT plans on Azure subscriptions
-      href: how-to-manage-subscriptions.md
-      displayName: onboard
-    - name: Onboard OT sensors
-      href: onboard-sensors.md
-    - name: Install OT monitoring software
+      - name: Manage OT plans
+        href: how-to-manage-subscriptions.md
+      - name: Manage Enterprise IoT plans
+        href: manage-subscriptions-enterprise.md
+    - name: Manage sensors from the Azure portal
+      href: how-to-manage-sensors-on-the-cloud.md
+    - name: Create and manage users
       items:
-      - name: Install OT sensor software
-        href: ot-deploy/install-software-ot-sensor.md
-      - name: Install on-premises management console software
-        href: ot-deploy/install-software-on-premises-management-console.md
-      - name: Validate after installation
-        href: ot-deploy/post-install-validation-ot-software.md
-    - name: Activate and set up your sensor
-      href: how-to-activate-and-set-up-your-sensor.md
-    - name: Deploy OT certificates
-      href: how-to-deploy-certificates.md
-      displayName: SSL, TLS
-    - name: Connect OT sensors to the cloud
-      items:
-      - name: Connect OT sensors to Defender for IoT
-        href: connect-sensors.md
-    - name: Activate and set up your on-premises management console
-      href: how-to-activate-and-set-up-your-on-premises-management-console.md
-      displayName: sites, zones
-    - name: Configure on-premises sites and zones
-      href: ot-deploy/sites-and-zones-on-premises.md
-    - name: Add support for proprietary protocols
-      href: resources-manage-proprietary-protocols.md
-  - name: Set up Enterprise IoT network monitoring
-    items:
-    - name: Manage Enterprise IoT plans on Azure subscriptions
-      href: manage-subscriptions-enterprise.md
-      displayName: onboard
-    - name: Discover Enterprise IoT devices
-      href: eiot-sensor.md
-      displayName: Enterprise IoT sensor
-    - name: Extra deployment steps and samples
-      href: extra-deploy-enterprise-iot.md
-      displayName: Enterprise IoT sensor
-  - name: Manage sensors from the Azure portal
-    href: how-to-manage-sensors-on-the-cloud.md
-  - name: Configure OT sensor settings from the Azure portal
-    href: configure-sensor-settings-portal.md
-  - name: Create and manage users
-    items:
-    - name: Azure portal
-      href: manage-users-portal.md
-      displayName: users, user
-    - name: OT sensor console
-      href: manage-users-sensor.md
-      displayName: users, user
-    - name: On-premises management console
-      href: manage-users-on-premises-management-console.md
-      displayName: users, user
-    - name: Audit user activity
-      href: track-user-activity.md
-  - name: OT system maintenance
-    items:
-    - name: Maintain threat intelligence packages
-      href: how-to-work-with-threat-intelligence-packages.md
-    - name: Update OT monitoring software
-      href: update-ot-software.md
-      displayName: upgrade
-    - name: Manage OT sensors
+      - name: Azure portal
+        href: manage-users-portal.md
+        displayName: users, user
+      - name: OT sensor console
+        href: manage-users-sensor.md
+        displayName: users, user
+      - name: On-premises management console
+        href: manage-users-on-premises-management-console.md
+        displayName: users, user
+      - name: Audit user activity
+        href: track-user-activity.md
+    - name: Maintain OT on-premises resources
       items:
-      - name: Manage individual sensors
-        href: how-to-manage-individual-sensors.md
-      - name: Control OT traffic monitoring
-        href: how-to-control-what-traffic-is-monitored.md
-      - name: Detect Windows workstations and servers by script
-        href: detect-windows-endpoints-script.md
+      - name: Enhance device data and detection
+        items:
+        - name: Import extra data for detected OT devices
+          href: how-to-import-device-information.md
+        - name: Detect Windows workstations and servers by script
+          href: detect-windows-endpoints-script.md
       - name: Configure active monitoring
         items:
         - name: Planning and prerequisites
           href: configure-active-monitoring.md
+          displayName: active monitoring
         - name: Configure Windows Endpoint Monitoring
           href: configure-windows-endpoint-monitoring.md
         - name: Configure reverse DNS lookup
           href: configure-reverse-dns-lookup.md
-      - name: Manage sensors from the on-premises management console
-        href: how-to-manage-sensors-from-the-on-premises-management-console.md
-    - name: Enrich device information
-      items:
-      - name: Enhance port and VLAN name resolution
-        href: how-to-enhance-port-and-vlan-name-resolution.md
-      - name: Import device information
-        href: how-to-import-device-information.md
-    - name: Track OT network and sensor activity
-      href: how-to-track-sensor-activity.md
-      displayName: event timeline
-    - name: Set up SNMP MIB monitoring
-      href: how-to-set-up-snmp-mib-monitoring.md
-    - name: Manage proprietary protocols (Horizon)
-      href: resources-manage-proprietary-protocols.md
-    - name: Manage an OT on-premises management console
-      items:
-      - name: Set up high availability
-        href: how-to-set-up-high-availability.md
-      - name: Manage the on-premises management console
-        href: how-to-manage-the-on-premises-management-console.md
-    - name: Troubleshoot the sensor and on-premises management console
-      href: how-to-troubleshoot-the-sensor-and-on-premises-management-console.md
+      - name: Update OT monitoring software
+        items:
+        - name: Update from a recent version
+          href: update-ot-software.md
+          displayName: upgrade
+        - name: Update from legacy versions
+          href: update-legacy-ot-software.md
+          displayName: upgrade
+      - name: Backup and restore
+        items:
+        - name: OT sensors from the sensor console
+          href: back-up-restore-sensor.md
+          displayName: backup, restore, back up
+        - name: OT sensors from an on-premises management console
+          href: back-up-sensors-from-management.md
+          displayName: backup, back up
+        - name: On-premises management console
+          href: back-up-restore-management.md
+          displayName: backup, restore, back up
+      - name: OT sensor maintenance
+        items:
+        - name: Configure OT sensor settings from the Azure portal
+          href: configure-sensor-settings-portal.md
+        - name: Maintain an OT sensor from the sensor console
+          href: how-to-manage-individual-sensors.md
+          displayName: activation, time zone, SMTP, PCAP
+        - name: Configure SNMP monitoring
+          href: how-to-set-up-snmp-mib-monitoring.md
+        - name: Add support for proprietary protocols
+          href: resources-manage-proprietary-protocols.md
+          displayName: Horizon
+        - name: Maintain threat intelligence packages
+          href: how-to-work-with-threat-intelligence-packages.md
+        - name: Troubleshoot OT sensors
+          href: how-to-troubleshoot-sensor.md
+      - name: System maintenance with an on-premises management console
+        items:
+        - name: Set up high availability
+          href: how-to-set-up-high-availability.md
+        - name: Manage sensors from the on-premises management console
+          href: how-to-manage-sensors-from-the-on-premises-management-console.md
+        - name: Maintain an on-premises management console
+          displayName: activation, SMTP, VLAN, hostname
+          href: how-to-manage-the-on-premises-management-console.md
+      - name: Troubleshoot on-premises management consoles
+        href: how-to-troubleshoot-on-premises-management-console.md
 - name: Reference
   items:
   - name: Sample connectivity models

articles/defender-for-iot/organizations/back-up-restore-management.md

@@ -0,0 +1,102 @@
+---
+title: Back up and restore the on-premises management console - Microsoft Defender for IoT
+description: Learn how to back up and restore the Microsoft Defender for IoT on-premises management console.
+ms.date: 03/09/2023
+ms.topic: how-to
+---
+
+# Back up and restore the on-premises management console
+
+Back up and restore your on-premises management console to help protect against hard drive failures and data loss. In this article, learn how to:
+
+- Define backup and restore settings
+- Run an unscheduled backup via CLI
+- Use an SMB server to save your backup files to an external server
+- Restore the on-premises management console from the latest backup via CLI
+
+## Define backup and restore settings
+
+The on-premises management console is automatically backed up daily to the `/var/cyberx/backups` directory. Backup files do *not* include PCAP or log files, which must be manually backed up if needed.
+
+We recommend that you configure your on-premises management console to automatically transfer backup files to your own, internal network.
+
+> [!NOTE]
+> Backup files can be used to restore an on-premises management console only if the on-premises management console's current software version is the same as the version in the backup file.
+
+## Start an immediate, unscheduled backup via CLI
+
+You may want to create a manual backup file, such as just after updating your OT sensor software.
+
+To run a manual backup from the CLI:
+
+1. Sign into the on-premises management console as a privileged user via SSH/Telnet.
+
+1. Run:
+
+   ```bash
+   sudo cyberx-management-backup -full
+   ```
+
+## Save your backup file to an external server (SMB)
+
+We recommend saving your on-premises management console sensor backup files on your internal network. To do this, you may want to use an SMB server. For example:
+
+1. Create a shared folder on the external SMB server, and make sure that you have the folder's path and the credentials required to access the SMB server.
+
+1. Sign into your on-premises management console via SFTP and create a directory for your backup files. Run:
+
+   ```bash
+   sudo mkdir /<backup_folder_name_on_ server>
+   sudo chmod 777 /<backup_folder_name_on_c_server>/
+   ```
+
+1. Edit the `fstab` file with details about your backup folder. Run:
+
+   ```bash
+   sudo nano /etc/fstab
+
+   add - //<server_IP>/<folder_path> /<backup_folder_name_on_server> cifs rw,credentials=/etc/samba/user,vers=3.0,uid=cyberx,gid=cyberx,file_mode=0777,dir_mode=0777 0 0
+   ```
+
+1. Edit and create credentials to share for the SMB server. Run:
+
+   ```bash
+   sudo nano /etc/samba/user
+   ```
+
+1. Add your credentials as follows:
+
+   ```bash
+   username=<user name>
+   password=<password>
+   ```
+
+1. Mount the backup directory. Run:
+
+   ```bash
+   sudo mount -a
+   ```
+
+1. Configure your backup directory on the SMB server to use the shared file on the OT sensor. Run:
+
+    ```bash
+    sudo nano /var/cyberx/properties/backup.properties`
+    ```
+
+    Set the `backup_directory_path` to the folder on your OT sensor where you want to save your backup files.
+
+## Restore from the latest backup via CLI
+
+To restore your OT sensor from the latest backup file via CLI:
+
+1. Sign into the on-premises management console as a privileged user via SSH/Telnet.
+
+1. Run:
+
+    ```bash
+    $ sudo cyberx-management-system-restore
+    ```
+
+## Next steps
+
+[Maintain the on-premises management console](how-to-manage-the-on-premises-management-console.md)