Microsoft recently launched the Security Program for Azure IoT, which helps customers understand, manage and deploy IoT faster and with full confidence that their devices, assets and data are secure. Microsoft also offered guidance on the security built into Azure IoT Suite and Azure IoT Hub. Today, they announced a security Azure IoT feature: IP filtering.
This new feature enables customers to instruct IoT Hub to only accept connections from certain IP addresses, to reject certain IP addresses or a combination of both. These rules apply any time a device or a back-end application is connecting on any supported protocols (currently AMQP, MQTT, AMQP/WS, MQTT/WS, HTTP/1). Any application from an IPv4 address that matches a rejecting IP rule receives an unauthorized 401 status code without specific mention of the IP rule in the message. And this filter allows maximum 10 rules each rejecting or accepting an individual IPv4 address or a subnet using the CIDR-notation format.