IotSecurityRecommendationType Enum

Authentication schema used for pull an edge module from an ACR repository does not use Service Principal Authentication.

IoT agent message size capacity is currently underutilized, causing an increase in the number of sent messages. Adjust message intervals for better utilization.

Identified security related system configuration issues.

You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used by Edge modules in your solution.

Logging is disabled for this edge module.

A minority within a device security group has inconsistent Edge Module settings with the rest of their group.

Install the Azure Security of Things Agent.

IP Filter Configuration should have rules defined for allowed traffic and should deny all other traffic by default.

An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose your IoT hub to malicious intenders.

A listening endpoint was found on the device.

An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by default and define rules to allow necessary communication to/from the device.

A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.

A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports.

Edge module is configured to run in privileged mode, with extensive Linux capabilities or with host-level network access (send/receive data to host machine).

Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an illegitimate device impersonating a legitimate device. It also exposes the risk of device impersonation by an attacker.

Insecure TLS configurations detected. Immediate upgrade recommended.