Merge pull request #222600 from Shereen-Bhar/refresh-port-and-vlan-names-page

Refresh port and VLAN names page

Author: Maggiemouse1

articles/defender-for-iot/organizations/how-to-create-data-mining-queries.md

@@ -17,7 +17,7 @@ Data mining query data is continuously saved until a device is deleted, and is a
 
 To create data mining reports, you must be able to access the OT network sensor you want to generate data for as an **Admin** or **Security Analyst** user.
 
-For more information, see [On-premises users and roles for OT monitoring with Defender for IoT](roles-on-premises.md)
+For more information, see [On-premises users and roles for OT monitoring with Defender for IoT](roles-on-premises.md).
 
 ## View an OT sensor predefined data mining report
 
@@ -54,7 +54,7 @@ Create your own custom data mining report if you have reporting needs not covere
     | **Choose category** | Select the categories to include in your report. |
     | **Order by** | Select to sort your data by category or by activity. |
     | **Filter by** | Define a filter for your report using any of the following parameters: <br><br> - **Results within the last**: Enter a number and then select **Minutes**, **Hours**, or **Days** <br> - **IP address / MAC address / Port**: Enter one or more IP addresses, MAC addresses, and ports to filter into your report. Enter a value and then select + to add it to the list.<br> - **Device group**: Select one or mode device groups to filter into your report. |
-    | **Add filter type** | Select to add any of the following filter types into your report. <br><br> - Transport (GENERIC) <br> -	Protocol (GENERIC) <br> - TAG (GENERIC) <br> - Maximum value (GENERIC) <br> - State (GENERIC) <br> - Minimum value (GENERIC) <br><br> Enter a value in the relevant field and then select + to add it to the list. |
+    | **Add filter type** | Select to add any of the following filter types into your report. <br><br> - Transport (GENERIC) <br> - Protocol (GENERIC) <br> - TAG (GENERIC) <br> - Maximum value (GENERIC) <br> - State (GENERIC) <br> - Minimum value (GENERIC) <br><br> Enter a value in the relevant field and then select + to add it to the list. |
 
 1. Select **Save**. Your data mining report is shown in the **My reports** area. For example:
 
@@ -82,9 +82,7 @@ Sign into an on-premises management console to view [out-of-the-box data mining
 
 **To view a data mining report from an on-premises management console**:
 
-Sign into your on-premises management console and select
-
-1. **Reports** on the left.
+1. Sign into your on-premises management console and select **Reports** on the left.
 
 1. From the **Sensors** drop-down list, select the sensor for which you want to generate the report.
 
@@ -98,8 +96,8 @@ The page lists the current report data. Select :::image type="icon" source="medi
 
 - Continue creating other reports for more security data from your OT sensor. For more information, see:
 
-    - [Risk assessment reporting](how-to-create-risk-assessment-reports.md)
-    
-    - [Attack vector reporting](how-to-create-attack-vector-reports.md)
-    
-    - [Create trends and statistics dashboards](how-to-create-trends-and-statistics-reports.md)
+  - [Risk assessment reporting](how-to-create-risk-assessment-reports.md)
+
+  - [Attack vector reporting](how-to-create-attack-vector-reports.md)
+
+  - [Create trends and statistics dashboards](how-to-create-trends-and-statistics-reports.md)

articles/defender-for-iot/organizations/how-to-enhance-port-and-vlan-name-resolution.md

@@ -1,54 +1,65 @@
 ---
-title: Enhance port and VLAN name resolution in Defender for IoT
-description: Customize port and VLAN names on your sensors 
-ms.date: 01/02/2022
+title: Customize port and VLAN names on OT network sensors - Microsoft Defender for IoT
+description: Learn how to customize port and VLAN names on Microsoft Defender for IoT OT network sensors.
+ms.date: 01/12/2023
 ms.topic: how-to
 ---
 
-# Customize port and VLAN names
+# Customize port and VLAN names on OT network sensors
 
-You can customize port and VLAN names on your sensors to enrich device resolution.
+Enrich device data shown in Defender for IoT by customizing port and VLAN names on your OT network sensors.
 
-## Customize a port name
+For example, you might want to assign a name to a non-reserved port that shows unusually high activity in order to call it out, or assign a name to a VLAN number to identify it quicker.
 
-Microsoft Defender for IoT automatically assigns names to most universally reserved ports, such as DHCP or HTTP. You can customize port names for other ports that Defender for IoT detects. For example, you might assign a name to a non-reserved port because that port shows unusually high activity. Names appear when you view device groups from the device map, or when you create reports that provide port information.
+## Prerequisites
 
-Customize a name as follows:
+To customize port and VLAN names, you must be able to access the OT network sensor as an **Admin** user.
 
-1. Select **System Settings**. Under **Network monitoring**, select **Port Naming**.
-2. Select **Add port**.
-3. Enter the port number, select the protocol (TCP, UDP, both) and type in a name.
-4. Select **Save**.
+For more information, see [On-premises users and roles for OT monitoring with Defender for IoT](roles-on-premises.md).
+
+## Customize names of detected ports
+
+Defender for IoT automatically assigns names to most universally reserved ports, such as DHCP or HTTP. However, you might want to customize the name of a specific port to highlight it, such as when you're watching a port with unusually high detected activity.
+
+Port names are shown in Defender for IoT when [viewing device groups from the OT sensor's device map](how-to-work-with-the-sensor-device-map.md#group-highlight-and-filters-tools), or when you create OT sensor reports that include port information.
+
+**To customize a port name:**
+
+1. Sign into your OT sensor as an **Admin** user.
+
+1. Select **System settings** on the left and then, under **Network monitoring**, select **Port Naming**.
+
+1. In the **Port naming** pane that appears, enter the port number you want to name, the port's protocol, and a meaningful name. Supported protocol values include: **TCP**, **UDP**, and **BOTH**.
+
+1. Select **+ Add port** to customize an additional port, and **Save** when you're done.
 
 ## Customize a VLAN name
 
-You can enrich device inventory data with device VLAN numbers and tags. 
+VLANs are either discovered automatically by the OT network sensor or added manually. Automatically discovered VLANs can't be edited or deleted, but manually added VLANs require a unique name. If a VLAN isn't explicitly named, the VLAN's number is shown instead.
 
-- VLANs support is based on 802.1q (up to VLAN ID 4094). VLANS can be discovered automatically by the sensor or added manually.
-- Automatically discovered VLANs can't be edited or deleted. You should add a name to each VLAN, if you don't add a name, the VLAN number will appear when VLAN information is reported.
-- When you add a manual VLN, you must add a unique name. These VLANs can be edited and deleted.
-- VLAN names can contain up to 50 ASCII characters.
+VLAN's support is based on 802.1q (up to VLAN ID 4094).
 
-## Before you start
-> [!NOTE]
-> VLAN names are not synchronized between the sensor and the management console. You need to define the name on the management console as well.  
-For Cisco switches, add the following line to the span configuration: `monitor session 1 destination interface XX/XX encapsulation dot1q`. In that command, *XX/XX* is the name and number of the port.
+VLAN names aren't synchronized between the OT network sensor and the on-premises management console. If you want to view customized VLAN names on the on-premises management console, [define the VLAN names](how-to-manage-the-on-premises-management-console.md#define-vlan-names) there as well.
 
-To configure VLAN names:
+**To configure VLAN names on an OT network sensor:**
 
-1. On the side menu, select **System Settings**.
+1. Sign in to your OT sensor as an **Admin** user.
 
-2. In the **System Settings** window, select **VLAN**.
+1. Select **System Settings** on the left and then, under **Network monitoring**, select **VLAN Naming**.
 
-    :::image type="content" source="media/how-to-enrich-asset-information/edit-vlan.png" alt-text="Use the system settings to edit your VLANs.":::
+1. In the **VLAN naming** pane that appears, enter a VLAN ID and unique VLAN name. VLAN names can contain up to 50 ASCII characters.
 
-3. Add a unique name next to each VLAN ID.
+1. Select **+ Add VLAN** to customize an additional VLAN, and **Save** when you're done.
 
+1. **For Cisco switches**: Add the `monitor session 1 destination interface XX/XX encapsulation dot1q` command to the SPAN port configuration, where *XX/XX* is the name and number of the port.
 
 ## Next steps
 
-View enriched device information in various reports:
+> [!div class="nextstepaction"]
+> [Investigate detected devices from the OT sensor device inventory](how-to-investigate-sensor-detections-in-a-device-inventory.md)
+
+> [!div class="nextstepaction"]
+> [Create sensor trends and statistics reports](how-to-create-trends-and-statistics-reports.md)
 
-- [Investigate sensor detections in a device inventory](how-to-investigate-sensor-detections-in-a-device-inventory.md)
-- [Sensor trends and statistics reports](how-to-create-trends-and-statistics-reports.md)
-- [Sensor data mining queries](how-to-create-data-mining-queries.md)
+> [!div class="nextstepaction"]
+> [Create sensor data mining queries](how-to-create-data-mining-queries.md)