- Module 1: Learn how to plan your deployment of Microsoft Defender for IoT to monitor your OT network.
By the end of this module, you'll be able to:
- Describe the stages and the roles involved to deploy Microsoft Defender for IoT
- Organize the locations and systems across your network into sites and zones
- Choose a sensor connection method to use for my deployment
- Identify the users and roles your teams use with Defender for IoT
- Module 2: Learn how to prepare your deployment of Microsoft Defender for IoT to monitor your OT network.
By the end of this module, you'll be able to:
- Analyze a network diagram to identify devices and subnets to monitor with Defender for IoT.
- Analyze a network diagram to identify where to place Defender for IoT network sensors and how they should be configured.
- Choose a traffic mirroring method for each sensor.
- Compare the appliance options available for use with Defender for IoT network sensors.
- Module 3: Learn how to onboard an OT sensor as part of the deployment of Microsoft Defender for IoT to monitor your OT network.
By the end of this module, you'll be able to:
- Onboard an OT sensor to Defender for IoT
- Module 4: Learn how to deploy an OT sensor to Microsoft Defender for IoT
By the end of this module, you'll be able to:
- Deploy Defender for IoT software to a virtual appliance
- Module 5: Learn how to fine tune and calibrate your deployment of Microsoft Defender for IoT to monitor your OT network.
By the end of this module, you're able to:
- Control the traffic monitored by your sensor by fine-tuning the subnets defined and detected device details
- Create a baseline of OT network traffic for your sensor to compare against when learning mode is completed
- Update the sensor from learning to operational mode when alerts accurately represent the network activity
Overview
Syllabus
- Module 1: Module 1: Plan to deploy Microsoft Defender for IoT to monitor operational technology (OT) networks
- Introduction
- Describe the process to deploy Microsoft Defender for IoT
- Identify the sites and zones for your network topology
- Determine cloud connection options for an OT network sensor
- Identify Azure and on-premises roles to assign to users
- Summary
- Module 2: Module 2: Prepare to deploy Microsoft Defender for IoT
- Introduction
- Describe the prepare phase for Defender for IoT
- Examine your network diagram
- Identify the devices and subnets to monitor with Defender for IoT
- Determine traffic mirroring methods to use
- Review appliance options
- Summary
- Module 3: Module 3: Onboard your first OT sensor to Microsoft Defender for IoT
- Introduction
- Describe the process to onboard an OT sensor to Microsoft Defender for IoT
- Plan to onboard an OT sensor to Microsoft Defender for IoT
- Exercise - Onboard an OT sensor to Defender for IoT
- Knowledge check
- Summary
- Module 4: Module 4: Deploy a sensor to Microsoft Defender for IoT for operational technology network monitoring
- Introduction
- Describe the deployment phase for Defender for IoT
- Plan to deploy an operational technology (OT) sensor
- Exercise - Deploy Defender for IoT software to a sensor
- Knowledge check
- Summary
- Module 5: Module 5: Fine-tune your Microsoft Defender for IoT OT sensor
- Introduction
- Describe the processes to fine-tune and create a baseline for an OT sensor
- Calibrate and fine tune your sensor
- Exercise - Fine-tune the defined subnets and devices
- Create a baseline of OT network traffic
- Exercise - Triage alerts in learning mode
- End learning mode after you create a baseline
- Exercise - Change sensor from learning to operational mode
- Knowledge check
- Summary
Tags
Related Courses
-
Defend against cyberthreats with Microsoft Defender XDR
-
Prepare for Copilot for Microsoft 365: Part 3 – Threat protection
-
Secure Azure services and workloads with Microsoft Defender for Cloud regulatory compliance controls
-
MS-500 part 2 - Implement and manage threat protection
-
Enhance IoT solution security by using Microsoft Defender for IoT
-
Secure your organization with Microsoft Defender for Endpoint
