FAQ EIoT

Author: yoninalmsft

.openpublishing.redirection.defender-for-iot.json

@@ -1,5 +1,10 @@
 {
     "redirections": [
+        {
+            "source_path_from_root": "/articles/defender-for-iot/organizations/resources-frequently-asked-questions.md",
+            "redirect_url": "/azure/defender-for-iot/organizations/faqs-general",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/defender-for-iot/organizations/appliance-catalog/appliance-catalog-overview.md",
             "redirect_url": "/azure/defender-for-iot/organizations/appliance-catalog/index",

articles/defender-for-iot/organizations/TOC.yml

@@ -253,9 +253,14 @@
     href: references-work-with-defender-for-iot-apis.md
   - name: Defender for IoT CLI commands
     href: references-work-with-defender-for-iot-cli-commands.md
-  - name: Frequently asked questions - service
-    displayName: FAQ, regulation, internet, connection, hardware, appliances, ports, logs 
-    href: resources-frequently-asked-questions.md
+  - name: Frequently asked questions
+    items:
+  - name: General FAQ
+    href: faqs-general.md
+  - name: OT networks FAQ
+    href: faqs-ot.md
+  - name: Enterprise IoT networks FAQ
+    href: faqs-eiot.md
   - name: Defender for IoT glossary
     href: references-defender-for-iot-glossary.md
 - name: Resources

articles/defender-for-iot/organizations/faqs-eiot.md

@@ -0,0 +1,101 @@
+---
+title: FAQs for Enterprise IoT networks - Microsoft Defender for IoT
+description: Find answers to the most frequently asked questions about Microsoft Defender for IoT Enterprise IoT networks.
+ms.topic: conceptual
+ms.date: 07/07/2022
+---
+
+# Enterprise IoT networks frequently asked questions
+
+This article provides a list of frequently asked questions and answers about Enterprise IoT networks in Defender for IoT.
+
+## How can I start using Enterprise IoT?
+
+To get started, you'll need to:
+
+1. Add a Defender for IoT plan with Enterprise IoT to your Azure subscription.
+1. Set up a Defender for IoT network sensor.
+
+You can add a plan from either Defender for IoT in the Azure portal or Microsoft Defender for Endpoint. If you’re a Defender for Endpoint customer, when adding your Defender for IoT plan, take care to exclude any devices already managed by Defender for Endpoint from your count of committed devices.
+
+For more information, see: 
+- [Quickstart: Get started with Defender for IoT](getting-started.md)
+- [Tutorial: Get started with Enterprise IoT](tutorial-getting-started-eiot-sensor.md)
+- [Defender for IoT integration](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration)
+
+## How can I use the Enterprise IoT network sensor?
+
+The Enterprise IoT network sensor is currently in Public Preview and can be used by all customers without additional charge. Add a Defender for IoT plan with Enterprise IoT, and then set up your Enterprise IoT network sensor.
+
+For more information, see [Tutorial: Get started with Enterprise IoT](tutorial-getting-started-eiot-sensor.md).
+
+## What permissions do I need to add a Defender for IoT plan? Can I use any Azure subscription? 
+
+Azure users with the **Security admin**, **Subscription owner** or **Subscription contributor** roles can add, edit, and cancel Defender for IoT plans. For more information, see [Permissions](getting-started.md#permissions).
+
+Defender for Endpoint users with the **Global admin** role can add or cancel plans.
+
+## Which devices are billable?
+
+Devices are listed in the Defender for IoT device inventory based on a unique IP and MAC address coupling. Charges are based on the number of committed devices you provide when adding a Defender for IoT plan.
+
+If you're a Defender for Endpoint customer, devices (seats) that are managed by Defender for Endpoint aren't included in the number of devices counted as committed devices.
+
+For more information, see [Defender for IoT committed devices](how-to-manage-subscriptions.md#defender-for-iot-committed-devices).
+
+## How should I estimate the number of committed devices?
+
+We suggest using existing resources in your environment, for example Meraki, CMDB and other sources to get that estimation, as well as the device inventories in Defender for Endpoint and Defender for IoT. Once you have onboarded Defender for IoT, discovered devices will begin to populate in the device inventory and then you can update the number of your committed devices accordingly. A device would be a set combination of IP address and a MAC address. For more information, see [Defender for IoT committed devices](how-to-manage-subscriptions.md#defender-for-iot-committed-devices).
+
+## Can I exclude unmanaged devices from the device inventory list?
+
+Yes, in Defender for Endpoint, use *onboarding status* to filter for unmanaged devices. Use either the *Onboarding status* column in the Defender for Endpoint **Device inventory** page or filter API queries by the *onboarding status* field.
+
+## Can I edit information in Defender for IoT about a discovered device?
+
+You can edit several properties for devices, and even delete devices from the Defender for IoT **Device inventory** page. For more information, see [Edit device details](how-to-manage-device-inventory-for-organizations.md#edit-device-details).
+
+## How does the integration between Microsoft Defender for Endpoint and Microsoft Defender for IoT work? 
+
+Integration between the two products takes place seamlessly, once you have:
+- Added a Defender for IoT plan with Enterprise IoT to an Azure subscription, either from Defender for IoT or Defender for Endpoint
+- Set up an Enterprise IoT or OT sensor from Defender for IoT in the Azure portal
+
+Once these requirements are met, discovered devices can be viewed in both Defender for IoT and Defender for Endpoint. For more information, see [Defender for IoT integration](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration).
+
+## Can I change the subscription I’m using for Defender for IoT?
+
+To change the subscription you're using for your Defender for IoT plan, you'll need to cancel your plan on the existing subscription, and then add a new plan to a new subscription. Your existing data won't be migrated to the new subscription. For more information, see [Move existing sensors to a different subscription](how-to-manage-subscriptions.md#move-existing-sensors-to-a-different-subscription).
+
+## How can I cancel Enterprise IoT?
+
+If you have both Enterprise IoT and OT networks on your Defender for IoT plan, you can remove Enterprise IoT and leave OT in place by editing your plan. For more information, see [Edit a plan](how-to-manage-subscriptions.md#edit-a-plan).
+
+You can cancel the entire plan from your subscription, removing all Defender for IoT services from that subscription. For more information, see [Cancel a Defender for IoT plan from a subscription](how-to-manage-subscriptions.md#cancel-a-defender-for-iot-plan-from-a-subscription).
+
+You can also cancel your plan from the Defender for Endpoint portal. For more information, see [Defender for IoT integration](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration).
+
+## What happens when the 30-day trial ends? 
+
+If you haven't changed your plan from a trial to a monthly commitment by the time your trial ends, your plan is automatically canceled, and you’ll lose access to Defender for IoT security features. 
+
+You can edit your plan at any time during your trial and update to a monthly commitment. For more information, see [Edit a plan](how-to-manage-subscriptions.md#edit-a-plan).
+
+## How is pricing for Defender for IoT affected now that support for Enterprise IoT networks is in General Availability?
+
+For more information, see the [Microsoft Defender for IoT pricing](https://azure.microsoft.com/pricing/details/iot-defender/) page.
+
+> [!NOTE]
+> The Enterprise IoT network sensor is currently in Public Preview.
+
+## How can I resolve billing issues associated with my Defender for IoT plan?
+
+For any billing or technical issues, create a support request in the Azure portal.
+
+## Next steps
+
+For more information on getting started with Enterprise IoT, see:
+
+- [Tutorial: Get started with Enterprise IoT monitoring](tutorial-getting-started-eiot-sensor.md)
+- [Manage Defender for IoT plans](how-to-manage-subscriptions.md)
+- [Defender for IoT integration](/microsoft-365/security/defender-endpoint/enable-microsoft-defender-for-iot-integration)

articles/defender-for-iot/organizations/faqs-general.md

@@ -0,0 +1,37 @@
+---
+title: General FAQs - Microsoft Defender for IoT
+description: Find answers to the most frequently asked questions about Microsoft Defender for IoT features and service.
+ms.topic: conceptual
+ms.date: 07/07/2022
+---
+
+# Microsoft Defender for IoT frequently asked questions
+
+This article provides a list of frequently asked questions and answers about Defender for IoT.
+
+## What is Azure's unique value proposition for IoT security?
+
+Defender for IoT enables enterprises to extend their existing cyber security view to their entire IoT solution. Azure provides an end to end view of your business solution, enabling you to take business-related actions and decisions based on your enterprise security posture and collected data. Combined security using Azure IoT, Azure IoT Edge, and Microsoft Defender for Cloud enable you to create the solution you want with the security you need.
+
+## How does Defender for IoT compare to the competition?
+
+Microsoft Defender for IoT delivers comprehensive security across all your IoT/OT devices. For **end-user organizations**, Microsoft Defender for IoT offers agentless, network-layer security that is rapidly deployed, works with diverse proprietary OT equipment and legacy Windows systems, and interoperates with Microsoft Sentinel and other SOC tools. It can be deployed on-premises or in Azure-connected environments. For **IoT device builders**, Microsoft Defender for IoT offers lightweight agents to embed device-layer security into new IoT/OT initiatives.
+
+## Do I have to be an Azure customer?
+
+No, for the agentless version of Microsoft Defender for IoT, you do not need to be an Azure customer. However, if you want to send alerts to Microsoft Sentinel; provision network sensors and monitor their health from the cloud; and benefit from automatic software and threat intelligence updates, you will need to connect the sensor to Azure and Defender for IoT. For more information, see [Sensor connection methods](architecture-connections.md).
+
+For the agent-based version of Microsoft Defender for IoT, you must be an Azure customer.
+
+## What happens when the internet connection stops working?
+
+The sensors and agents continue to run and store data as long as the device is running. Data is stored in the security message cache according to size configuration. When the device regains connectivity, security messages resume sending.
+
+## Next steps
+
+To learn more about how to get started with Defender for IoT, see the following articles:
+
+- Read the Defender for IoT [overview](overview.md)
+- [Get started with Defender for IoT](getting-started.md)
+- [OT Networks frequently asked questions](faqs-ot.md)
+- [Enterprise IoT networks frequently asked questions](faqs-eiot.md)

articles/defender-for-iot/organizations/resources-frequently-asked-questions.md renamed to articles/defender-for-iot/organizations/faqs-ot.md

@@ -1,17 +1,13 @@
 ---
-title: Defender for IoT frequently asked questions
-description: Find answers to the most frequently asked questions about Microsoft Defender for IoT features and service.
+title: FAQs for OT networks - Microsoft Defender for IoT
+description: Find answers to the most frequently asked questions about Microsoft Defender for IoT OT networks.
 ms.topic: conceptual
-ms.date: 11/09/2021
+ms.date: 07/07/2022
 ---
 
-# Microsoft Defender for IoT frequently asked questions
+# OT Networks frequently asked questions
 
-This article provides a list of frequently asked questions and answers about Defender for IoT.
-
-## What is Azure's unique value proposition for IoT security?
-
-Defender for IoT enables enterprises to extend their existing cyber security view to their entire IoT solution. Azure provides an end to end view of your business solution, enabling you to take business-related actions and decisions based on your enterprise security posture and collected data. Combined security using Azure IoT, Azure IoT Edge, and Microsoft Defender for Cloud enable you to create the solution you want with the security you need.
+This article provides a list of frequently asked questions and answers about OT networks in Defender for IoT.
 
 ## Our organization uses proprietary non-standard industrial protocols. Are they supported? 
 
@@ -27,7 +23,6 @@ Microsoft Defender for IoT sensor runs on specific hardware specs as described i
 
 Certified hardware has been tested in our labs for driver stability, packet drops and network sizing.
 
-
 ## Regulation doesn't allow us to connect our system to the Internet. Can we still utilize Defender for IoT?
 
 Yes you can! The Microsoft Defender for IoT platform on-premises solution is deployed as a physical or virtual sensor appliance that passively ingests network traffic (via SPAN, RSPAN, or TAP) to analyze, discover, and continuously monitor IT, OT, and IoT networks. For larger enterprises, multiple sensors can aggregate their data to an on-premises management console.
@@ -40,20 +35,6 @@ For example:
 - A single appliance (virtual of physical) can be in the Shop Floor DMZ layer, having all Shop Floor cell traffic routed to this layer.
 - Alternatively, locate small mini-sensors in each Shop Floor cell with either cloud or local management that will reside in the Shop Floor DMZ layer. Another appliance (virtual or physical) can monitor the traffic in the Shop Floor DMZ layer (for SCADA, Historian, or MES).
 
-## How does Defender for IoT compare to the competition?
-
-Microsoft Defender for IoT delivers comprehensive security across all your IoT/OT devices. For **end-user organizations**, Microsoft Defender for IoT offers agentless, network-layer security that is rapidly deployed, works with diverse proprietary OT equipment and legacy Windows systems, and interoperates with Microsoft Sentinel and other SOC tools. It can be deployed on-premises or in Azure-connected environments. For **IoT device builders**, Microsoft Defender for IoT offers lightweight agents to embed device-layer security into new IoT/OT initiatives.
-
-## Do I have to be an Azure customer?
-
-No, for the agentless version of Microsoft Defender for IoT, you do not need to be an Azure customer. However, if you want to send alerts to Microsoft Sentinel; provision network sensors and monitor their health from the cloud; and benefit from automatic software and threat intelligence updates, you will need to connect the sensor to Azure and Defender for IoT. For more information, see [Sensor connection methods](architecture-connections.md).
-
-For the agent-based version of Microsoft Defender for IoT, you must be an Azure customer.
-
-## What happens when the internet connection stops working?
-
-The sensors and agents continue to run and store data as long as the device is running. Data is stored in the security message cache according to size configuration. When the device regains connectivity, security messages resume sending.
-
 ## How can I change a user's passwords
 
 Learn how to [Change a user's password](how-to-create-and-manage-users.md#change-a-users-password) for either the sensor or the on-premises management console.
@@ -82,9 +63,6 @@ You can also use our [UI and CLI tools](how-to-troubleshoot-the-sensor-and-on-pr
 
 For more information, see [Troubleshoot the sensor and on-premises management console](how-to-troubleshoot-the-sensor-and-on-premises-management-console.md).
 
-## Next steps
-
-To learn more about how to get started with Defender for IoT, see the following articles:
+## Next Steps
 
-- Read the Defender for IoT [overview](overview.md)
-- [Get started with Defender for IoT](getting-started.md)
+- [Tutorial: Get started with Microsoft Defender for IoT for OT security](tutorial-onboarding.md)