The document discusses the Internet of Things (IoT) landscape, highlighting forecasted growth and the need for comprehensive IoT solutions by 2020, which include various Azure services and management practices. It emphasizes the importance of secure device communication, efficient data processing, and maintaining data integrity, while offering best practices for implementing Azure IoT solutions. Key recommendations involve proactive device management, security measures, and documentation from the initial stages of development.

3. • Tom Kerkhove
• You can find me

4. 25 BILLION
Connected “things”
will be in use by 2020
Gartner
$7.2 TRILLION
worldwide market for IoT solutions
by 2020
IDC: Worldwide and Regional Internet of Things (IoT) 2014–2020 Forecast

5. Platform Services
Infrastructure Services
Web Apps
Mobile
Apps
API
Management
API Apps
Logic Apps
Notification
Hubs
Content
Delivery
Network (CDN)
Media
Services
BizTalk
Services
Hybrid
Connections
Service Bus
Storage
Queues
Hybrid
Operations
Backup
StorSimple
Azure Site
Recovery
Import/Export
SQL
Database
DocumentDB
Redis
Cache
Azure
Search
Storage
Tables
Data
Warehouse Azure AD
Health Monitoring
AD Privileged
Identity
Management
Operational
Analytics
Cloud
Services
Batch
RemoteApp
Service
Fabric
Visual Studio
App
Insights
Azure
SDK
VS Online
Domain Services
HDInsight Machine
Learning
Stream
Analytics
Data
Factory
Event
Hubs
Mobile
Engagement
Data
Lake
IoT Hub
Data
Catalog
Security &
Management
Azure Active
Directory
Multi-Factor
Authentication
Automation
Portal
Key Vault
Store/
Marketplace
VM Image Gallery
& VM Depot
Azure AD
B2C
Scheduler

10. HTTP POST /api/event?sensorId=123
Cloud Gateway

11. HTTPS POST /api/event?sensorId=123
Securely store your credentials & keys
Use a Trusted Platform Model (TPM) if possible

12. • High scale telemetry ingestion service
• Ingres of millions of events per second
• HTTP/AMQP protocol support
• Each Event Hub supports
• Uses a data log-approach

13. Send over HTTPS/AMQP
Never expose an enpoint on the device for callbacks
Close all ports that are not required
Follow the Service Assisted Communication pattern

14. Send over HTTPS/AMQP

15. • How will the devices connect?

16. • Bi-directional device <-> cloud
• Up to 10 million devices
• Device Management
• Protocol Support
• Operations Monitoring

17. • Endpoints for devices
• Endpoints for cloud-components
• Device Management
IoT Hub
Device id
C2D queue
endpoint
D2C send
endpoint
Device …
Device …
Device …
D2C receive
endpoint
C2D send endpoint
IoT Hub
management
Send time-limited commands to devices
Assign a time-to-live (TLL) to your commands so that offline
devices don’t perform actions while it’s no longer needed

18. Send over HTTPS/AMQP
Physically lock down your device
This avoids tampering with your devices or installing other software
Encrypt device storage
This avoids potential information disclosure when hard drive is stolen

19. Send over HTTPS/AMQP

21. Provision device XYZ
Activation Key ABC
Provision API
Securely store your credentials & keys
Burn it into the silicone or use a TPM if possible
Device ID Connection Status Device State Auth Key
<Generated ID> Disconnected Inactive <Auth Key>

22. Activate device XYZ
Activation Key ABC
Provision API
Securely store your credentials & keys
Burn it into the silicone or use a TPM if possible
Gets device-specific auth key
Device ID Connection Status Device State Auth Key
<Generated ID> Disconnected Active <Auth Key>

23. Command: Update
Blob Storage SAS URI
App v2
App v1

26. Hot Data
Warm Data
Cold Data
Archived Data

27. Near-Real-Time Processing
Azure Stream Analytics
Batch Processing
Azure Data Lake HDInsights / Analytics
Custom Processing
Machine Learning

28. IoT Hub Table Storage Document DbEvent Hubs
Data Lake StoreBlob Storage(Elastic) SQL Database SQL Data Warehouse

30. • Protect your data at rest, it’s free of charge!
• Protect your privates
• Only secure what needs to be secured

31. • Understand how services store your data
• Replicate mission critical data to a different region

32. • Enabling replication in Azure
• Only want to replicate a subset?

35. • Keep track of all your data sources with Azure Data
Catalog

36. Move & transform you data with Azure Data Factory

37. • No high-level overview of your components in
Azure
• Document your data sets
• Do this from the start

40. 40

41. • Explore the Pre-Configured Solutions
https://azureiotsuite.com
https://gallery.cortanaintelligence.com

43. MyDriving Reference Implementation

44. Microsoft Azure IoT Reference Architecture

45. • Service Assisted Communication by Clemens Vasters
• Best Practices for Creating IoT Solutions with Azure
(//BUILD/ 2015)
• Official Azure documentation about Security

46. • Cloud Design Patterns: Prescriptive Architecture
Guidance for Cloud Applications by Microsoft
Patterns & Practices
• Mastering Azure Analytics by Zoiner Tejada
• I <3 Logs by Jah Kreps

47. 47

48. • Think Big, Start Small
• Think about Device Management from the start
• Know the limits and design around them
• Build security from the ground up

49. 49

50. 50