Comprehensive IoT security solution—including hardware (crossover microcontroller), OS, and cloud components for IoT device security—to actively protect your devices, your business, and your customers
Unlock the value of IoT with confidence in your device security
With billions of new devices connected each year, it's more important than ever to secure yours. Help protect your data, privacy, physical safety, and infrastructure with Azure Sphere. It's built on decades of Microsoft experience in hardware, software, and cloud services to provide a turnkey security solution for IoT devices.
Defense in depth provides multiple layers of protection to help guard devices against and respond to threats.
Deployment flexibility helps you secure existing equipment and build protection into new IoT investments.
Over-the-air (OTA) updates make it easy to add new features and improve performance throughout device lifecycles.
Error reporting and automatic security updates help you stay ahead of new and evolving threats.
Protect your IoT devices and equipment with defense in depth
- Azure Sphere–certified chips from hardware partners include built-in Microsoft security technology to provide connectivity and a dependable hardware root of trust.
- Azure Sphere OS adds layers of protection and ongoing security updates to create a trustworthy platform for new IoT experiences.
- Azure Sphere Security Service brokers trust for device-to-cloud communication, detects threats, and renews IoT device security.
- Microsoft best-in-class security experts monitor emerging threats, design updates, and provide a decade of ongoing servicing.
Maximize the value of equipment that's already in place (brownfield scenarios)
Bring the benefits of connectivity to legacy equipment that's already in service—brownfield equipment—without exposing it to the internet. With an Azure Sphere guardian module, IoT retrofits are more secure, substantially easier, and more cost-effective than ever.Learn more
Build new IoT devices that stay highly secured (greenfield scenarios)
With Azure Sphere, manufacturers and solution providers can build devices that are secure from the start and that stay secure throughout the device lifetime. Give your customers differentiated value and peace of mind while growing your business. Research by Greenberg Strategy shows that security can help drive market share.
Wireless network connectivity: The first commercially available Azure Sphere chip, the MediaTek MT3620, offers built-in dual-band wireless network connectivity for 2.4GHz and 5GHz bands. Extend connectivity to wired Ethernet with an external Microchip ENC28J60 controller.
Ethernet connectivity: Connect your Azure Sphere device to a public 10Mbps Ethernet network through standard TCP or UDP networking to communicate with Azure IoT or your own cloud services.
Bluetooth LE connectivity: Some scenarios may require connecting Azure Sphere to wireless networks via an additional Bluetooth Low Energy (BLE) chip. Explore BLE options through our rapidly growing partner ecosystem.
Cellular connectivity: Stay secure with Azure Sphere's software update infrastructure, certificate-based authentication, and Azure integration while connecting over a cellular network. Explore options for cellular connectivity through our rapidly growing partner ecosystem.
Our hardware ecosystem
A global network of Microsoft partners delivers revolutionary new IoT hardware—from microcontroller units (MCUs) and crossovers to modules, development kits, and guardian devices—to bring Azure Sphere to a broad range of customers and applications.
Microsoft works with silicon partners who create Azure Sphere–certified chips. These chips are the heart of every Azure Sphere–based device. They contain Microsoft security technology that enables end-to-end, secured connectivity and a hardware root of trust.
This cross-over class of MCUs includes built-in Microsoft security technology and wireless network connectivity, and combines the versatility and power of an Arm Cortex-A7 processor with the low overhead and real-time guarantees of a Cortex-M class processor.
Get up and running quickly and easily test different hardware designs. Azure Sphere development kits feature on-board LEDs and buttons, easy-to-use connectors, and integrated programming and debugging circuitry compatible with the Azure Sphere SDK.
Avnet MT3620 Starter Kit
Connectors include easy expandability options and a range of MikroE Click and Grove modules.
Seeed MT3620 Dev Board
Add-on expansion shields enable Ethernet connectivity and support for Grove modules.
Seeed MT3630 Mini Dev Board
This board is designed for smaller prototypes and built around the AI-Link module for a quick path from prototype to commercialization.
qiio PoC in a Box
The cellular development kit is the development version of the q200 Guardian with additional connectors for fast prototyping of solutions, WiFi and GNSS included alongside cellular.
Modules for new IoT devices
Build new, connected devices with Azure Sphere modules. One of the challenges of device design is ensuring that Wi-Fi performs well and complies with applicable regulations. These modules remove this obstacle and reduce time to market by providing a tested and production-ready Wi-Fi radio subsystem that’s built around an Azure Sphere–certified chip. Modules provide a range of integrated functionalities and regulatory certifications for target use cases.
This production-ready, dual-band Wi-Fi module is available in two versions: with an integrated antenna and with an external U.FL antenna connector. Both versions are pin- and footprint-compatible. The stamp-hole (castellated) pin design simplifies quality assurance.
This single-band Wi-Fi module is designed for cost-sensitive applications. It simplifies quality assurance with stamp-hole (castellated) pin design.
USI Wi-Fi module with Bluetooth option
With support for Wi-Fi, Bluetooth Low Energy, and Bluetooth 5 Mesh, this module can also work as an NFC tag for non-contact Bluetooth pairing and device provisioning. Available for prototyping.
qiio Concentrator XN
The product is designed for greenfield applications and supports cellular (2G, 3G, 4G), dual-band WiFi, ethernet (WAN) to connect to Microsoft Azure. For geo-positioning it is equiped with GNSS and qMAPS. This product is pin-compatible to its 5G IoT compagnion the Concentrator XNL.
qiio Concentrator XNL
The 5G IoT compangion of the Concentrator XN supports cellular (5G IoT (LTE-M, NB2)), dual-band WiFi, ethernet (WAN) to connect to Azure. For geo-positioning it is equiped with GNSS and qMAPS. This product is pin-compatible to its LTE IoT compagnion the Concentrator XN.
Guardian modules for retrofitting existing equipment
Guardian modules provide a quick path to securely connect existing equipment that either doesn’t support connectivity or doesn’t support it securely. A guardian module serves as an intermediary by physically attaching to the equipment via an existing peripheral and to the internet via Wi-Fi or Ethernet. The critical equipment itself is never exposed to the internet. Guardian modules often come as complete hardware solutions.
Avnet Guardian 100
The Avnet Guardian 100 attaches to and secures existing equipment via Ethernet or USB, and securely transfers data to and from the cloud over dual-band Wi-Fi.
qiio q200 Guardian
This worldwide cellular device for brownfield IoT applications works from the edge to the cloud upon delivery. It comes ready with embedded software and fully integrated with Azure. Must be prototyped first with qiio development kit.
Trusted by companies of all sizes
Natarjan “Venkat” Venkatakrishnan, VP of Global Equipment, Starbucks
"Any time we can create additional moments of connection between our partners and customers we want to explore and activate. Our machines are what allow our partners to create that special beverage, and ensuring they are working properly is critical."
Jason Slater, Technology Solutions Architect, PURELL SMARTLINK Technology
"We work hand-in-hand with hospital IT staff and take a defense-in-depth approach. Azure Sphere will allow us to really button up that last leg of our stack—hardware—to ensure we have the best protection against any potential security risks."
Daniele Perlini, Chairman of Elettrone
"EBBY, built around Azure Sphere, is the first Personal Energy Manager—an HEMS solution that works 24/7 to clean the electricity and protects against grid noise, surges, or lightning. It automatically allows us to reduce energy and natural gas consumptions and get conscious of our habits."
The seven properties of highly secured devices
Our research on bringing high-value security to low-cost devices identified seven essential properties needed to make devices highly secured. Easily build these properties into your IoT devices with Azure Sphere.
Hardware-based root of trust
Defense in depth
Small, trusted computing base
Azure Sphere pricing
Access the all-in-one IoT device security solution at one low price, with no consumption fees.
Start using Azure Sphere
Documentation, learning resources, and community
Explore quickstarts, how-to guides, tutorials, and API reference documentation.Explore now
IoT tech community blog
Check out the latest features, demos, and technical updates.See what’s new
Read Azure Sphere white papers.Download now
Watch live-streamed events about how to build IoT solutions, and learn more about IoT scenarios like intelligent edge, DevOps, and asset tracking.Start watching
Device Partner Center
Get information about licensing. Please note that you will need to register to access.Get licensing and update
Explore comprehensive support options that are available to meet your needs.Get support
Dive into the business and technical opportunities that Azure Sphere presents across industries.Register now
Azure Sphere updates, blogs, and announcements
Frequently asked questions about Azure Sphere
Azure Sphere components are tightly integrated and sold together at a single, one-time cost—delivering a highly secure solution for building connected devices and scaling your IoT deployment.
Azure Sphere works with a diverse group of expert hardware manufacturers and their broad ecosystem of vendors to design specialized Azure Sphere–certified chips that meet the needs of various markets. Extensive research and testing contribute to the development of the security technology and architecture for each chip.
Azure Sphere does not require you to pay any ongoing fees. The one-time cost you pay for your MCU chip includes access to the Azure Sphere OS and Azure Sphere Security Service, plus OS updates for the lifetime of your chip.
If you already have connection-capable devices and equipment deployed within your organization, or if you’re considering connecting devices for the first time, Azure Sphere can help you protect your devices with guardian modules.
Guardian modules are physical attachments that require little or no equipment redesign. They process data and control equipment without ever exposing the equipment to the network. Guardian modules protect your operational equipment from disabling attacks, simplify device retrofit projects, and boost efficiency through over-the-air (OTA) updates and IoT connectivity.
Azure Sphere is engineered to integrate with any cloud service, public or private. You can connect to other clouds for app data while running Azure Sphere or optimize efficiencies by using Azure Sphere alongside Visual Studio and Azure IoT.
Azure Sphere provides a complement to Windows IoT. Windows IoT provides a best-in-class solution for devices with MPU-class processing power or rich user experiences. Azure Sphere fortifies IoT devices with Microsoft security innovations and expertise in hardware, software, and the cloud.
Azure Sphere supports coordinated vulnerability disclosure and encourages responsible reporting to Microsoft by security researchers and customers. If you believe you have potentially discovered or are affected by a security-related vulnerability with Azure Sphere, please contact Microsoft directly at firstname.lastname@example.org. Make sure to include clear, concise, and reproducible steps documented either in writing or video format to help our security response team quickly reproduce, understand, and address the issue.