IoT device management is such an essential IoT service that you'd find it hard to find a large-scale and production-grade IoT solution that doesn't use it.

In large-scale IoT solutions, you need to have full control and management over deployed IoT devices, which are typically in the thousands or even millions. If you don't have an efficient way to manage and control that fleet of devices, then many issues can affect your IoT business – operational, support, bad customer experience, and security issues, to mention just a few.

An IoT device management capability offers a broad spectrum of functionalities that will support any IoT solution, such as device provisioning and authentication, device configuration and control, device monitoring, device diagnostics and troubleshooting, and firmware and software updates and maintenance.

In Chapter 1, Introduction to the IoT – The Big Picture, we explained the...

Managing and controlling remote-connected devices is not a new concept; our mobile phone devices, for example, are remotely managed. With mobile phones, whether they are smart or non-smart, mobile operators can push some configurations to the end user's mobile phone device through an SMS bearer, for example, to configure the mobile phone's internet access point or any other features in the device. Mobile operators or administrators can also manage the whole mobile device of the end user remotely.

So, the concept is not new, but IoT brings some challenges to that concept, such as the largescale (that is, a massive number of connected IoT devices that need to be managed), lowpower (that is, the devices are in sleep or deep-sleep mode most of the time, so devices are not on or connected most of the time), and lowcost of IoT devices (that is, the devices are constrained and limited in resources).

Conceptually, and from a solution point...

AWS IoT Device Management is one of the AWS IoT platform services that AWS offers to enable IoT customers to onboard, organize, monitor, and remotely manage their IoT -connected devices at scale.

Broadly, AWS IoT Device Management provides the following services or features:

• Device provisioning and registration: This feature covers different IoT device provisioning and registration flows into AWS IoT Core, such as single or bulk provisioning and auto-device registration and provisioning (such as Just-in-Time Registration JITR and JITP). You'll find more on this feature in the following sections.
• Fleet indexing and searching services: This feature enables customers to gain more visibility and insights into the health and status of their device fleet. The indexing and searching service depends and counts on two main sources – the AWS IoT device registry, where the metadata of the IoT devices or IoT things are stored (as explained in...

As the name suggests, this service is a fully managed device security service that helps in securing the IoT devices that are onboarded and provisioned in the AWS IoT platform.

The AWS IoT Device Defender service continuously audits the IoT devices against IoT configurations that you define to make sure the devices are kept secure and are not deviating from the security best practices.

So, broadly, we can say that the AWS IoT Device Defender service offers the following features:

• Audit device configuration for security vulnerabilities: AWS IoT, continuously or on demand, audits the IoT device-related resources, such as a device's X.509 certificates, IoT policies, connection settings, and account settings, against the AWS IoT security best practices. To give an example, the audit checks whether the principle of least privilege is used or not, whether there is a shared certificate used with IoT devices or not, whether conflicting MQTT client IDs...

In this chapter, you have learned about IoT device management platforms and solutions, what capabilities and solution building blocks they provide, and how to select the best IoT device management platform or solution for your IoT solutions.

You have also learned about the different device management protocols that are used and supported in IoT device management solutions. You have learned how the LwM2M protocol is the next-generation and industry-leading IoT device management protocol. You also learned how the MQTT protocol is used to build a device management solution besides being used mainly for telemetry purposes.

To get some practical sense of IoT device management solutions, we explored one of them, AWS IoT Device Management. We learned about the different AWS IoT Device Management features, such as device provisioning and registration, fleet indexing and searching services, Fleet Hub, AWS IoT Jobs, and AWS IoT secure tunneling.

You also learned about the IoT...