IoT Asset discovery based on FW logs

Published Apr 04 2021 09:00 AM 2,099 Views
Microsoft

 

When protecting your network, you need to have full visibility on your assets. While traditional IT devices are well covered, IoT devices are becoming a bigger blind spot for security operators. IoT devices are added to environments without a proper security solution to protect and monitor them. These devices are becoming a weak spot in every environment, making the entire environment more vulnerable to attacks.

 

 To address this issue, Azure Defender for IoT and Azure Sentinel have created a dedicated workbook, named: IoT Asset Discovery. The workbook includes identification of the IoT devices and their type, the countries those IoT devices are communicating with and if there is any malicious indication related to those devices. Using this dashboard will give a basic assessment of IoT devices and their security exposure.

 

Currently this feature supports only Fortinet FW logs.

 

Although this workbook discovers IoT assets, without the need to deploy Azure Defender for IoT. In order to gain a more comprehensive and complete solution for securing and monitoring your IoT environment, we recommend using Azure Defender for IoT. Defender for IoT is built to enhance the security capability of your entire IoT environment. Natively integrated with IoT Hub and Azure Sentinel, Azure Defender for IoT will enrich your environment with unprecedented comprehensive investigation, monitoring and response capabilities.

 

To explore more about security features on the IoT platform, Join IoT Security community.

%3CLINGO-SUB%20id%3D%22lingo-sub-2232851%22%20slang%3D%22en-US%22%3EIoT%20Asset%20discovery%20based%20on%20FW%20logs%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2232851%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWhen%20protecting%20your%20network%2C%20you%20need%20to%20have%20full%20visibility%20on%20your%20assets.%20While%20traditional%20IT%20devices%20are%20well%20covered%2C%20IoT%20devices%20are%20becoming%20a%20bigger%20blind%20spot%20for%20security%20operators.%20IoT%20devices%20are%20added%20to%20environments%20without%20a%20proper%20security%20solution%20to%20protect%20and%20monitor%20them.%20These%20devices%20are%20becoming%20a%20weak%20spot%20in%20every%20environment%2C%20making%20the%20entire%20environment%20more%20vulnerable%20to%20attacks.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3BTo%20address%20this%20issue%2C%20Azure%20Defender%20for%20IoT%20and%20Azure%20Sentinel%20have%20created%20a%20dedicated%20workbook%2C%20named%3A%20%3CEM%3EIoT%20Asset%20Discovery%3C%2FEM%3E.%20The%20workbook%20includes%20identification%20of%20the%20IoT%20devices%20and%20their%20type%2C%20the%20countries%20those%20IoT%20devices%20are%20communicating%20with%20and%20if%20there%20is%20any%20malicious%20indication%20related%20to%20those%20devices.%20Using%20this%20dashboard%20will%20give%20a%20basic%20assessment%20of%20IoT%20devices%20and%20their%20security%20exposure.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ECurrently%20this%20feature%20supports%20only%20Fortinet%20FW%20logs.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAlthough%20this%20workbook%20discovers%20IoT%20assets%2C%20without%20the%20need%20to%20deploy%20Azure%20Defender%20for%20IoT.%20In%20order%20to%20gain%20a%20more%20comprehensive%20and%20complete%20solution%20for%20securing%20and%20monitoring%20your%20IoT%20environment%2C%20we%20recommend%20using%20%3CA%20href%3D%22https%3A%2F%2Fazure.microsoft.com%2Fservices%2Fazure-defender-for-iot%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EAzure%20Defender%20for%20IoT%3C%2FA%3E.%20Defender%20for%20IoT%20is%20built%20to%20enhance%20the%20security%20capability%20of%20your%20entire%20IoT%20environment.%20Natively%20integrated%20with%20%3CA%20href%3D%22https%3A%2F%2Fazure.microsoft.com%2Fservices%2Fiot-hub%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EIoT%20Hub%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Fazure.microsoft.com%2Fservices%2Fazure-sentinel%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EAzure%20Sentinel%3C%2FA%3E%2C%20Azure%20Defender%20for%20IoT%20will%20enrich%20your%20environment%20with%20unprecedented%20comprehensive%20investigation%2C%20monitoring%20and%20response%20capabilities.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ETo%20explore%20more%20about%20security%20features%20on%20the%20IoT%20platform%2C%20Join%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fiot-security%2Fbd-p%2FIoTSecurity%22%20target%3D%22_blank%22%3EIoT%20Security%20community%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2232851%22%20slang%3D%22en-US%22%3E%3CP%3EGet%20IoT%20asset%20discovery%20based%20on%20Fortinet%20firewall%20logs.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2232851%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Defender%20for%20IoT%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Sentinel%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Co-Authors
Version history
Last update:
‎Nov 02 2021 03:34 PM
Updated by:
We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE