Strengthening Security in Azure IoT Hub: Transitioning to TLS 1.2+ and Planning for TLS 1.3 by info.odysseyx@gmail.com October 15, 2024 written by info.odysseyx@gmail.com October 15, 2024 0 comment 2 views 2 In line with broader Azure efforts to adopt TLS 1.2+ across all services Azure IoT Hub will officially remove support for Transport Layer Security (TLS) 1.0 and 1.1 starting July 1.castle2025. Microsoft’s implementation of previous TLS versions is not known to be vulnerable, but adopting TLS 1.2 and later versions significantly improves security through stronger cryptographic algorithms, perfect forward secrecy, and more resilient cipher suites. Why TLS 1.2+? TLS 1.2 offers significant advantages over previous versions. Perfect Forward Secrecy (PFS): PFS ensures that past communications remain secure even if long-term keys are compromised. More powerful encryption suites: TLS 1.2 supports more modern and stronger encryption algorithms, helping make data and device connections more resistant to potential attacks. Better performance: TLS 1.2 is designed to be faster and more efficient, helping reduce latency in secure communications. Additionally, we are committed to helping support TLS1.3 The coming years (2025) will deliver more secure cipher suites and faster handshakes. These forward-thinking investments enable Azure IoT Hub to stay ahead of evolving security threats and provide faster, more secure, and more efficient communications for IoT devices. This means customers who are now transitioning to TLS 1.2 will be well-positioned for the future as we roll out TLS 1.3 support across our services. Recommended Action To prevent possible service interruptions after July 1castleIn 2025, ensure devices connected to Azure IoT Hub are using TLS 1.2 or higher. then: If your device is already using TLS 1.2 or higher exclusively, you don’t need to take any additional action. If your devices are still dependent on TLS 1.0 or 1.1, switch to TLS 1.2 or higher by July 1.castle2025. TLS version monitoring and analysis Azure IoT Hub emits resource logs for several categories that can be analyzed using: Azure Monitor logs. And to support this transition, Azure IoT Hub provides insight into client connections, allowing you to monitor which version of TLS your device is using. You can leverage this feature to see the impact of these changes on your IoT solution. To view these logs, follow these steps: 1. Enable diagnostic settings in the monitoring section for your Azure IoT Hub. Make sure the “Connections” category is selected. 2. Go to the log and use the following query to find recently connected devices and their TLS versions: An example of a query is shown in the screenshot below. Note: HTTPS connections do not generate events in Azure Monitor logs. For more information about Azure IoT Hub TLS support, see: Azure IoT Hub TLS support | microsoft run. Source link Share 0 FacebookTwitterPinterestEmail info.odysseyx@gmail.com previous post Save money on your Sentinel ingestion costs with Data Collection Rules next post URGENT: Updated course release for MS-4017 You may also like A New Dawn of Software Defined Networking (SDN) in Windows Server 2025 November 5, 2024 Get AI ready: Empowering developers in the era of AI November 5, 2024 Announcing the General Availability of Windows Server IoT 2025! November 5, 2024 America’s Partner Blog | Partners Make More Possible: Education November 4, 2024 Turn Microsoft Copilot into a personal assistant with Scheduled Prompts November 4, 2024 Sync identities from Rippling to Microsoft Entra ID November 4, 2024 Leave a Comment Cancel Reply Save my name, email, and website in this browser for the next time I comment.