The Internet of Things is a network of physical devices that connect to and exchange data with services and other devices over the Internet. The Azure IoT ecosystem plays a significant role in facilitating these connections efficiently.

Microsoft Azure provides a suite of managed IoT services that facilitate secure, bi-directional communication between devices and cloud applications, enabling telemetry ingestion and remote device control. This article brings together practical insights and real-world experience with Azure IoT solutions.

IoT Cloud Service

Source: https://learn.microsoft.com/en-us/azure/iot/iot-introduction

Azure IoT ecosystem overview

Azure offers a comprehensive suite of IoT services that form a powerful ecosystem for managing connected devices, processing data, and enabling digital transformation. The key components include:

  • Azure IoT Hub – The central cloud gateway for managing and communicating with IoT devices, providing secure, scalable, and bi-directional messaging.
  • Azure Event Hub – A fully managed, real-time data streaming platform that ingests millions of events per second and enables the integration of diverse IoT devices for analysis and processing.
  • Azure Device Provisioning Service (DPS) – Helps automate the provisioning of devices at scale, reducing manual intervention and configuration overhead.
  • Azure IoT Plug and Play – Enables seamless device integration using pre-defined models, simplifying interoperability and reducing development effort.
  • Azure Digital Twins – Creates virtual representations of physical devices, allowing for advanced monitoring, simulation, and analysis.
  • Azure IoT Central – A managed IoT application platform that simplifies device connectivity, data visualisation and solution deployment with minimal development effort.
  • Azure Stream Analytics – A real-time analytics service that can process large data streams, such as telemetry from IoT devices. It allows users to set up real-time dashboards, alerts and integrated analytics solutions.

What is Azure IoT Hub?

Azure IoT Hub is at the core of the Azure IoT ecosystem, serving as a fully managed cloud service that facilitates seamless communication between IoT devices and cloud applications. Acting as a message broker, it enables bi-directional communication, allowing devices to send telemetry data and receive remote commands from IoT applications.

By handling secure messaging, device state management, and telemetry processing, Azure IoT Hub simplifies complex operations so developers can focus on business logic. Once a device is connected, developers can use the Azure IoT SDK to check reported properties, update desired properties, process telemetry, and send cloud-to-device commands.

When designing device-to-cloud communications, key considerations include:

  1. Which communication protocol (MQTT, AMQP, HTTP) best suits your needs?
  2. What is the most efficient mechanism for sending data between the device and the cloud?
  3. How should security requirements be balanced with performance and cost?

Choosing the right communication mechanism

One of the most significant assets of IoT solutions is the ability to communicate between devices and applications. Azure IoT Hub enables device-to-cloud and cloud-to-device communication.

Device can send data to the cloud via the following mechanisms:

  • Device-to-Cloud (D2C) message
  • Updating reported Device Twin properties
  • Send data via the File Upload mechanism of IoT Hub

Cloud can communicate with the device by using:

  • Cloud-to-Device (C2D) message
  • Updating desired Device Twin properties
  • Call Direct method exposed on the device
Comparison of Device-to-Cloud (D2C) and Cloud-to-Device (C2D) communication

D2C messages are commonly used to send device telemetry data that changes over time, such as temperature or pressure sensor values. D2C messages can also be used to send device alerts or requests to the cloud to perform some action. It is worth mentioning that D2C messages are counted and aligned to 4 KB size, for example, if a message size is 6 KB, it is counted as 2 messages. The maximum size of an Azure IoT Hub Device-to-Cloud message is 256 KB.

Use case for D2C messages: A temperature sensor sends real-time data every 10 seconds. If the value exceeds a threshold, an alert is triggered in the cloud.

Device Twin is typically used to exchange information between device and cloud that does not change often and can be treated as configuration, such as frequency of telemetry data sent by device, information about device location, or number of connected sensors. Each device in the Azure IoT Hub has a device twin record in the registry, and this device twin has a reported properties section that can be updated by the device, and a desired properties section that can be updated by the cloud backend. Note that the total size of the device twin – including tags, desired properties, reported properties and metadata – cannot exceed 64KB.

Device Twin

Source: https://learn.microsoft.com/en-us/azure/iot-hub/iot-hub-devguide-device-twins

The File Upload mechanism can be used when there is a need to send large amounts of data from the device to the cloud. It allows up to 5GB of data to be sent with the cost of just a few small messages to negotiate the connection. It can be useful to send device logs or telemetry collected during internet connection failure.

IoT Hub allows direct methods exposed on the device to be invoked by providing the device ID, method name and JSON payload. IoT Hub encapsulates all low-level details such as topic name format and message format in MQTT, providing developers with a powerful mechanism to execute commands (such as restart device) on the device or request some data (such as get installed sensors). The Azure IoT SDK allows developers to work with the device as if it were a server with an exposed, simple API.

Choosing the right communication protocol depends on the specific requirements of your devices and the environment in which they operate. The Azure IoT Hub architecture supports multiple protocols for device communication, each suitable for different scenarios.

  • MQTT (Message Queuing Telemetry Transport) for lightweight, low-power devices with intermittent connectivity
  • AMQP (Advanced Message Queuing Protocol) for enterprise applications requiring robust messaging features and high throughput
  • HTTP for devices that cannot maintain a persistent connection or are behind strict firewalls
  • AMQP over WebSockets for enterprise environments where devices need to traverse firewalls and proxies
  • MQTT over WebSockets for lightweight devices that need to traverse firewalls and proxies

MQTT is the most common choice for IoT deployments due to its lightweight nature. It is important to note that Azure IoT Hub does not support all features of MQTT version 3.1.1 and does not support MQTT version 5.

Protocol Selection Guide

To summarise, MQTT is best for low-power IoT devices, AMQP is ideal for enterprise messaging, and HTTP is suited to constrained environments with firewall restrictions.

Common challenges and how they can be overcome

Scalability & message throughput limitations

Scaling an IoT solution requires balancing performance, cost, and device provisioning complexity. Azure IoT Hub provides a Device Provisioning Service (DPS) that enables zero-touch device provisioning at scale, seamlessly and automatically, without any user interaction. You configure it once, and then each new device, when connected to the Internet, automatically connects to the DPS, authenticates, connects to the IoT Hub, and starts communicating with the cloud.

When it comes to scalability it is important to consider different aspects like:

  • Device volume & growth – How many active devices will be provisioned and managed? What is the expected growth over the next 6–12 months?
  • Telemetry frequency – How often should devices send telemetry data to the cloud?
  • Data transfer size – How much data will each transfer contain?
  • Maintenance budget – What is the allocated budget for device maintenance per month or year?

Azure IoT Hub provides flexible scaling options to meet your needs, so you can efficiently optimise both cost and performance.

Scaling options:

  • Horizontal scaling – Increase the number of IoT Hub units. For example, if an S1 instance handles up to 400,000 messages per day and your message volume grows to 600,000 messages, you can scale horizontally by adding an additional S1 unit (scaling from 1 to 2 instances).
  • Vertical scaling – Upgrade to a higher price point (e.g. from S1 to S2 or S3) to benefit from increased processing capacity and throughput. This option provides greater performance but at a higher cost.
  • Automated provisioning – Use Azure IoT Device Provisioning Service (DPS) to streamline and automate device provisioning across multiple IoT Hubs, making it easier to manage a distributed environment.

Below is a table with limits and quotas for operations per tier:

Limits and quotas for operations per tier

Security concerns

Each device must be authenticated before it can communicate with the IoT Hub. Authentication can be achieved using either a symmetric key or an X.509 certificate, depending on the security requirements and capabilities of the device.

Symmetric key authentication is ideal for devices with limited computing resources that cannot handle complex cryptographic operations. It offers quick and easy setup, making it suitable for test environments or small-scale deployments. This method is appropriate where security requirements are moderate, and the risk of key compromise is acceptable.

X.509 certificate authentication provides a higher level of security, making it the preferred option when stronger authentication mechanisms are required. It is suitable for devices that can manage certificates and perform cryptographic operations. This method is often required to comply with stringent security standards and regulations and allows scalable certificate management through Certificate Authorities (CAs).

Symmetric Key vs X.509 Certificates

For production environments, X.509 certificates are strongly recommended due to their enhanced security and better scalability, while symmetric keys are more suitable for development or small-scale deployments. When using symmetric keys, regular key rotation is required to mitigate security risks.

Latency & connectivity issues

Depending on the requirements, different strategies and mechanisms can be chosen when designing the solution. For mission-critical applications that require real-time decisions independent of cloud connectivity, Azure IoT Edge enables local processing with cloud synchronisation. If possible, message delivery is acceptable, a retry mechanism can be used along with support for communication protocols such as message queuing or heartbeats.

The IoT Hub uses device twins to synchronise device states. Devices can retrieve desired configurations when they reconnect, ensuring they are always up to date.

Cost optimisation

When it comes to optimising costs, it is important to consider aspects such as:

  • How many active devices are planned to be provisioned and managed, and what is the potential growth
  • How often telemetry should be sent from devices to the cloud
  • How large is the payload planned to be sent per telemetry transfer
  • What is the budget for device maintenance per month/year

Depending on the answers to the above questions, Azure IoT Hub offers different options that should help developers find the most appropriate solution.

What can help optimise an IoT solution?

  • Telemetry frequency – Reducing the frequency of data transmission (for example, sending data every minute instead of every second) can significantly reduce costs.
  • Data payload size – Use compressed JSON or binary payloads to minimise data transfer costs.
  • Batching messages – Aggregating data before sending, rather than sending frequent small messages, improves efficiency and reduces costs.
  • Choosing the right pricing tier – Monitoring actual usage helps avoid over-provisioning and ensures cost-effective scaling.

Optimising telemetry frequency and payload size can significantly reduce costs without sacrificing critical insight. The general intention is to minimise the number of messages and the size of the payload to the minimum required to meet business needs. For example, if the business case is to know when the temperature changes, it may not be necessary to send the same temperature sensor value every minute.

Check out our custom IoT application development services

Learn more
Learn more

Cost reduction through efficient file upload

In one of our projects, we had a requirement to minimise the overall cost of the solution where devices were collecting data every 15 seconds, but data needed to be sent to the cloud once an hour. In this case, sending telemetry would have been expensive because Azure IoT Hub counts messages in 4 KB chunks. We decided to use a file upload mechanism that sends 1 hour of collected telemetry in 1 file, which dramatically reduced the cost and allowed us to fit the solution into the budget.

Best practices for Azure IoT development

From a development perspective, it is important to have tools for developing IoT solutions. Azure provides an IoT SDK that handles low-level details, allowing both device and back-end developers to focus on high-level functionality. If there is a need to prove a business idea, Azure IoT Central can be a good starting point.

Azure Portal has monitoring tools that provide information on various metrics, such as the number of connected devices or the total number of messages sent by devices. IoT Hub has a device registry where it is possible to filter any device and check its Device Twin properties or call Direct Method from Azure Portal. Application Insights provides a comprehensive log analysis tool.

Azure IoT Explorer can help track telemetry, which can be very helpful during development, even before backend development has started.All of this provides developers with out-of-the-box solutions that simplify the development process.

Wrapping up

Building an IoT solution from scratch can be a challenging task, but Azure IoT services and tools help developers build solid, reliable, scalable solutions more easily and quickly. There is no one-size-fits-all solution in IoT, but understanding the capabilities of Azure IoT allows developers to design scalable, secure, and cost-effective solutions tailored to their needs.

If you’re looking for expert guidance on optimising your IoT solution, get in touch with our team by filling out the form below!

About the author

Iurii Liadskyi

IoT Domain Consultant, Software Architect