IoT Security Administrator’s Guide
    : Vertical-themed Portals
    Focus
    Download PDF
    Focus
    1. Home
    2. IoT
    3. IoT Security Administrator’s Guide
    4. IoT Security Overview
    5. Vertical-themed Portals
    Download PDF

    IoT Security Administrator’s Guide

    Vertical-themed Portals

    Table of Contents

    Vertical-themed Portals

    The IoT Security portal has different themes based on the selected business vertical.
    The IoT Security portal changes to better serve users in different industries. The portal theme that users in a given IoT Security tenant see depends on two choices:
    • The IoT Security product chosen upon purchase
    • The theme chosen by an IoT Security tenant owner

    Portal Themes

    IoT Security provides four differently themed portals for enterprise, industrial, and medical verticals:
    • Enterprise IoT Security Plus
    • Enterprise IoT Security
    • Industrial IoT Security
    • Medical IoT Security
    Enterprise
    IoT Security offers two products for enterprise IoT: Enterprise IoT Security Plus and Enterprise IoT Security.
    Enterprise IoT Security Plus is the solution for commercial enterprises and government organizations. It lets you see and secure every IoT device in your enterprise organization to meet NIST guidelines. It also helps prevent your IoT devices from becoming the target of cyberattacks. With Enterprise IoT Security Plus, you can do the following:
    • Automatically classify devices with over 50 device attributes
    • View, edit, confirm, and reclassify devices
    • Add devices with static IP addresses
    • See your IP address structure and device distribution
    • See sites for firewalls and devices
    • Generate reports for devices, network behaviors, and security risks
    • Integrate with multiple third-party products
    • See applications that devices use
    • Import policy rule recommendations to firewalls
    • Get security alerts for anomalous network activity
    • Assess risk and device vulnerabilities
    • (Optional) Retain traffic logs
    The Security Dashboard, which provides quick access to information about device inventory, alerts, and risks, is shown below. It appears in the Enterprise IoT Security Plus portal as well as in portals for Industrial IoT Security and Medical IoT Security.
    For IoT Security customers with tenants established before 12/15/2022, you can continue using the existing Executive Summary and Inventory dashboards for a limited time. They will eventually be retired and replaced.
    Enterprise IoT Security identifies devices in enterprise networks and creates a dynamic device inventory. It does not include the security features and third-party integrations available in Enterprise IoT Security Plus, Industrial OT Security, and Medical IoT Security. Enterprise IoT Security lets you do the following:
    • Automatically classify devices with 12 device attributes
    • View, edit, confirm, and reclassify devices
    • Add devices with static IP addresses
    • See your IP address structure and device distribution
    • See sites for firewalls and devices
    • Generate device reports
    The Devices page, shown below, is the default landing page after login to the Enterprise IoT Security portal. Unlike the other vertical-themed product portals, it does not include dashboards.
    For more information, see Enterprise .
    Industrial
    Industrial IoT Security is the solution for industrial corporations. It lets you see and secure every device, including specialized operational technology (OT) devices, so you can keep your operations up at all times and achieve NIST and ISA/IEC compliance. You can do the following with Industrial IoT Security:
    • Get everything in Enterprise IoT Security Plus
    • Detect OT device anomalies
    • Use Purdue levels for device modeling and visualization (see Network Visualizations)
    • Create customized rules for process integrity (see Create Alert Rules)
    As in the portal for Enterprise IoT Security Plus, the Industrial IoT Security portal also includes the Security dashboard.
    It's not uncommon for industrial networks to include one or more air-gapped segments. These are areas of the network that do not allow ingress or egress connections between devices in the air-gapped network segment and devices in any other private network segment or with the public network. Through the use of next-generation firewalls configured as security telemetry gateways, you can provide IoT Security services for device in such networks.
    Medical
    Medical IoT Security is the solution for healthcare providers. It lets you see and secure every device on your network, including specialized medical devices, so you can deliver high-quality patient care and achieve HIPAA compliance. Use Medical IoT Security to do the following:
    • Get everything in Enterprise IoT Security Plus
    • Detect medical device anomalies
    • Assess medical device risk leveraging FDA recalls, PHI identification, and MDS2
    • Track medical device utilization
    The portal for Medical IoT Security displays two pages that are relevant only to medical IoT and only appear when the Medical IoT Security theme is activated. One is for Food and Drug Administration (FDA) recalls and another is for Manufacturer Disclosure Statement for Medical Device Safety (MDS2) forms. When using the Medical IoT Security theme, the portal also includes two dashboards with data just about medical IoT devices: the Utilization dashboard and, shown below, BioMed dashboard.
    For more information, see Medical IoT.

    Switch Portal Themes

    A tenant can only have one theme at a time for their IoT Security tenant; however, it’s possible for tenant owners to switch themes. When users first log in to a tenant and a theme has already been defined by the IoT Security product that was ordered, then that theme is automatically loaded by default. However, if you purchased multiple IoT Security products with different themes (or if you have an IoT Security product purchased prior to December 15, 2022), then IoT Security prompts owners to select a theme when they initially log in to the portal. If an owner doesn’t make a selection, IoT Security shows the Enterprise IoT Security Plus theme and continues to prompt owners to select a theme upon each login until one of them makes a selection. Once a selection has been made, all other users in the same tenant will also see the same theme when they access the portal.
    To switch vertical themes, log in as a user with owner privileges, select AdministrationAboutLicense. The status indicates which theme is currently in use. (You can also see the number of subscribed firewalls and the license start and expiration dates here.) Click Switch next to the name of the theme that's currently in use.
    Select a new theme, and then click Confirm.
    As an owner, you can switch themes for your tenant as many times as you like.

    Create a Trial Enterprise IoT Security Tenant

    If you have a production license for Enterprise IoT Security Plus, Industrial IoT Security, or Medical IoT Security and want to see what Enterprise IoT Security is like, you can create a one-time trial tenant and assign up to five of your firewalls to it. The trial is valid for 30 days. During that time, both the production and trial tenants consume log data that firewalls assigned to the trial tenant send to the logging service. When the trial period ends and the trial tenant is automatically deleted, the production IoT Security tenant alone continues consuming the log data from the firewalls.
    1. To initiate a trial, log in to the IoT Security portal with a user account that has Owner privileges.
    2. Select AdministrationAboutLicense and then click Request next to Enterprise IoT Security in the Trial section.
    3. Choose up to five firewalls that you want to use for the trial and then Save.
      A message appears explaining that a trial tenant for Enterprise IoT Security is being created, the chosen firewalls will be associated with it, and that the entire process typically takes about ten minutes.
      When the process is complete, another message appears stating that the trial tenant has been created and the chosen firewalls have been associated with it. This message also includes the name of the trial tenant.
      The trial tenant creation and firewall assignments are also recorded in Logs & ReportsAudit Log.
    4. On AdministrationAboutLicense, the button next to Enterprise IoT Security in the Trial section changes from Request to Enter. To access the trial tenant portal, click Enter.
      A login prompt appears for the trial tenant in a new browser window.
    5. Log in with the same credentials you used to log in to the production IoT Security tenant.
      The Enterprise IoT Security portal opens to the Resource Center and is ready for use as a trial tenant. During the 30-day trial, both the IoT Security tenant and the Enterprise IoT Security trial tenant will consume logs from the firewalls assigned to the trial tenant. You can log in to both tenants and compare the functionality of each.
    6. To exit the trial tenant and return to the production tenant, navigate to AdministrationAboutLicense and then click Enter next to IoT Security in the Production section.
      The trial tenant browser window remains open while the production tenant opens in a new browser window.
    After the trial ends, the trial tenant is automatically deleted while the production tenant continues consuming log data from the firewalls.
    If you have a trial license for IoT Security and want to try out the Enterprise IoT Security product, log in to the IoT Security portal with a user account that has Owner privileges, select AdministrationAboutLicense, and then click Manage Trial. Select Enterprise and then Confirm your decision. To go back to the IoT Security product, return to the License page, click Manage Trial again, select Enterprise Plus, and Confirm.

    © 2024 Palo Alto Networks, Inc. All rights reserved.