Azure IoT Edge
An Azure service that is used to deploy cloud workloads to run on internet of things (IoT) edge devices via standard containers.
576 questions
Hello @Pedro Lemos,
welcome to this moderated Azure community forum.
By default the Azure IoT Edge offers quite some security out-of-the-box.
Just to name a few:
- Each IoT (Edge) has its own identity
- The IoT Hub offers only connectivity based on TLS
- The IoT Hub can filter only on certain IP ranges
- The IoT Hub can communicate with devices within a private network
- The internal module-to-module communication is secured with a certificate
- The Edge only needs/uses an outbound connection to communicate to the cloud
The Azure IoT Edge solution does not covert the Operating system.
You can use Azure Arc to manage the device operating system. Eg. deploy updates on the operation system and check metrics.
If you want to add extra security, Azure IoT Defender offers two solutions:
- Agent less, the network traffic is monitored with a service
- Agent based (this is the one you reference), an Agent is put on the OS as a daemon and provides security metrics to the cloud via the IoT Hub connection alongside the Azure IoT Edge (using the same identity management).
So, no, this is not a concept and you need to add some effort to make the edge device as secure as you need.
If the response helped, do "Accept Answer". If it doesn't work, please let us know the progress. All community members with similar issues will benefit by doing so. Your contribution is highly appreciated.