Cyberark-forescout-paloalto tutuorials - sensor redesign

Author: shhazam-ms

articles/defender-for-iot/organizations/media/tutorial-forescout/forescout-access-token-added-successfully.png

@@ -4,7 +4,7 @@ description: In this tutorial, you will learn how to integrate Microsoft Defende
 author: ElazarK
 ms.author: v-ekrieg
 ms.topic: tutorial
-ms.date: 11/09/2021
+ms.date: 02/08/2022
 ms.custom: template-tutorial
 ---
 
@@ -117,11 +117,10 @@ Whenever PSM authorizes a remote connection, it is  visible in the Defender for
 
 1. Sign in to the Defender for IoT sensor.
 
-1. Select **Event Timeline** from the left side panel.
+1. Select **Event timeline** from the left side panel.
 
 1. Locate any event titled PSM Remote Session.
 
-    :::image type="content" source="media/tutorial-cyberark/event.png" alt-text="A view of the Event Log screen.":::
 
 ### Auditing & forensics
 
@@ -131,12 +130,10 @@ Administrators can audit, and investigate remote access sessions by querying the
 
 1. Sign in to the Defender for IoT sensor.
 
-1. Select **Data Mining** from the left side panel.
+1. Select **Data mining** from the left side panel.
 
 1. Select **Remote Access**.
 
-    :::image type="content" source="media/tutorial-cyberark/data-mining.png" alt-text="A view of the data mining interface.":::
-
 ## Stop the Integration
 
 At any point in time, you can stop the integration from communicating.

articles/defender-for-iot/organizations/media/tutorial-forescout/new-forescout-token.png

@@ -4,7 +4,7 @@ description: In this tutorial, you will learn how to integrate Microsoft Defende
 author: ElazarK
 ms.author: v-ekrieg
 ms.topic: tutorial
-ms.date: 11/09/2021
+ms.date: 02/08/2022
 ms.custom: template-tutorial
 ---
 
@@ -62,17 +62,15 @@ To ensure communication from Defender for IoT to Forescout, you must generate an
 
 1. Sign in to the Defender for IoT sensor that will be queried by Forescout.
 
-1. Select **System Settings** > **Access Tokens** from the **General** section.
+1. Select **System Settings** > **Integrations** > **Access Tokens**.
 
-1. Select **Generate new token**.
+1. Select **Generate token**.
 
-    :::image type="content" source="media/tutorial-forescout/generate-access-tokens-screen.png" alt-text="Screenshot of the access token generation screen.":::
-
-1. Enter a token description in the **New access token** dialog box.
+1. Enter a token description in the **Description** field.
 
    :::image type="content" source="media/tutorial-forescout/new-forescout-token.png" alt-text="New access token":::
 
-1. Select **Next**. The token is then displayed in the dialog box.
+1. Select **Generate**. The token is then displayed in the dialog box.
 
    > [!NOTE]
    > Record the token in a safe place. You will need it when you configure the Forescout Platform.
@@ -192,7 +190,7 @@ You can create custom policies in Forescout using Defender for IoT conditional p
 
 1. In the Properties Tree, expand the CyberX Platform folder. The Defender for IoT following properties are available.
 
-:::image type="content" source="media/tutorial-forescout/forescout-property-tree.png" alt-text="Properties":::
+    :::image type="content" source="media/tutorial-forescout/forescout-property-tree.png" alt-text="Properties":::
 
 ## Clean up resources
 

articles/defender-for-iot/organizations/tutorial-cyberark.md

@@ -33,22 +33,18 @@ If you don't have an Azure subscription, create a [free account](https://azure.m
 
 ## Configure immediate blocking by a specified Palo Alto firewall
 
-In cases, such as malware-related alerts, you can enable automatic blocking. Defender for IoT forwarding rules are utilized to send a blocking command directly to a specific Palo Alto firewall.
+In cases, such as malware-related alerts, you can enable automatic blocking. Defender for IoT forwarding rules is utilized to send a blocking command directly to a specific Palo Alto firewall.
 
 When Defender for IoT identifies a critical threat, it sends an alert that includes an option of blocking the infected source. Selecting **Block Source** in the alert’s details activates the forwarding rule, which sends the blocking command to the specified Palo Alto firewall.
 
 **To configure immediate blocking**:
 
 1. In the left pane, select **Forwarding**.
 
-1. Select **Create Forwarding Rule**.
-
-    :::image type="content" source="media/tutorial-palo-alto/forwarding.png" alt-text="Screenshot of the forwarding alert screen.":::
+1. Select **Create rule**.
 
 1. From the Actions drop down menu, select **Send to Palo Alto NGFW**.
 
-   :::image type="content" source="media/tutorial-palo-alto/forward-rule.png" alt-text="Screenshot of the create Forwarding Rule screen.":::
-
 1. In the Actions pane, set the following parameters:
 
    - **Host**: Enter the NGFW server IP address.
@@ -66,7 +62,7 @@ When Defender for IoT identifies a critical threat, it sends an alert that inclu
 
 1. Select **Submit**.
 
-You will then need to block any suspicious source.
+You'll then need to block any suspicious source.
 
 **To block a suspicious source**:
 
@@ -108,27 +104,22 @@ The first step in creating Panorama blocking policies in Defender for IoT is to
 
 **To configure DNS lookup**:
 
-1. In the left pane, select **System Settings**.
-
-1. Select the **DNS Settings** :::image type="icon" source="media/tutorial-palo-alto/settings.png"::: button.
+1. In the console left pane, select **System settings** > **Network monitoring** > **DNS Reverse Lookup**.
+1. Select **Add DNS server**.
+1. In the **Schedule Reverse Lookup** field define the scheduling options:
+      - By specific times: Specify when to perform the reverse lookup daily.
+    - By fixed intervals (in hours): Set the frequency for performing the reverse lookup.
+1. In the **Number of Labels** field instruct Defender for IoT to automatically resolve network IP addresses to device FQDNs. <br />To configure DNS FQDN resolution, add the number of domain labels to display. Up to 30 characters are displayed from left to right.
+1. Add the following server details:
 
-1. In the **Edit DNS Settings** dialog box, set the following parameters:
-
-   - **Status**: The status of the DNS resolver.
-
-   - **DNS Server Address**: Enter the IP address, or the FQDN of the network DNS Server.
+    - **DNS Server Address**: Enter the IP address, or the FQDN of the network DNS Server.
    - **DNS Server Port**: Enter the port used to query the DNS server.
    - **Subnets**: Set the Dynamic IP address subnet range. The range that Defender for IoT reverses lookup their IP address in the DNS server to match their current FQDN name.
-   - **Schedule Reverse Lookup**: Define the scheduling options as follows:
-     - By specific times: Specify when to perform the reverse lookup daily.
-     - By fixed intervals (in hours): Set the frequency for performing the reverse lookup.
-   - **Number of Labels**: Instruct Defender for IoT to automatically resolve network IP addresses to device FQDNs. <br />To configure DNS FQDN resolution, add the number of domain labels to display. Up to 30 characters are displayed from left to right.
-
-    :::image type="content" source="media/tutorial-palo-alto/configuration.png" alt-text="Screenshot of the Configure the DNS settings screen.":::
 
-1. Select **SAVE**.
+1. Select **Save**.
+1. Turn on the **Enabled** toggle to activate the lookup.
 
-To ensure your DNS settings are correct, select **Lookup Test**. The test ensures that the DNS server IP address, and DNS server port are set correctly.
+1. To ensure your DNS settings are correct, select **Test**. The test ensures that the DNS server IP address, and DNS server port are set correctly.
 
 ## Block suspicious traffic with the Palo Alto firewall
 
@@ -181,7 +172,7 @@ Suspicious traffic will need to be blocked with the Palo Alto firewall. You can
 
 1. Select **Submit**.
 
-You will then need to block the suspicious source.
+You'll then need to block the suspicious source.
 
 **To block the suspicious source**: