×

Did you know that your internet is out of date?

Your browser is out of date, and may not be compatible with our website.

Just click on the icons to download a compatible browser. 

Close this window

By closing this window you acknowledge that your experience on this website may be degraded. 

/content/tridium/us/en/search.html
Outage Notification: On Saturday, June 5,12:30-2:30 p.m. EDT (6:30 to 8:30 p.m. UDT), this website will undergo planned maintenance. Thank you for your patience.
Niagara Cyber Defense
Niagara Cyber Defense

Niagara Cyber Defense

Your Partner on the Journey to Cyber Security

Over the last 20 years, Tridium has steadily invested in improving the cyber defenses native to all of our Niagara products. Because cybersecurity is as much about people and processes as technology, we’ve also provided guidance to Niagara systems integrators, business partners, and facility managers to deploy control systems with a cybersecurity mindset. Niagara Framework® can be the engine running control supervisors, field devices, and lower-level IP-enabled edge devices, with the additional advantage that customers have a unified means to manage their cyber posture at all levels. Of course, such a multi-tiered cyber defense approach works best when all Niagara instances are assured of the latest security features, enhancements, and updates through a Software Maintenance Agreement (SMA). 

Key Features

Single Sign-On with Niagara as an Identity Provider:

  • SSO allows users to login into one station and access all other connected stations via a browser without having to re-authenticate. 
  • Eliminates need to manually configure and manage an external IdP. 

Third-Party Module Signing:  

  • Niagara now enforces the signing of newly added modules and makes administrators aware of any existing, unsigned third-party modules.
  • Automatically eliminates the risk that modules may have been tampered with or come from an untrustworthy source.

Secure Boot

  •  JACE® 8000 will only boot-up with digitally signed trusted software, providing assurance against alteration 
Data Encryption
  • Both JACE® 8000 and Niagara Supervisor have encryption that meets the FIPS 140-2 federal standard. 
  • Meets encryption standards for mission-critical industries such as banking and for US government contracts.
  • Data is encrypted when sent/received, as well as at rest
Built in PKI management tools
  • Niagara can integrate with any PKI infrastructure, LDAP directories, Kerberos

Security Audit Log:

  • Provides users with a history of who, or what, is logging into or changing security-related settings on a Niagara instance

Niagara Security Dashboard

Niagara Security Dashboard is a centralized, easy-to-read and actionable view on the security posture of your entire Niagara infrastructure. The dashboard alerts you in the event that any Niagara station in your network is set to allow non-secure connections. It displays the status of required certificates for each station and identifies whether running software modules and program objects are signed by their developers. You can see all the potential cyber issues at a glance and be able to remediate them quickly for the protection of your buildings.

Station View shows individual services including User Service, Fox Service, Web Service, Login Service, Authentication Service, and Module Permissions.  The Supervisor view shows all JACEs on your network, so Niagara users can quickly identify issues and triage outliers.

Let's Discuss Your Cyber Needs

Niagara Cyber Defense Resources

BACnet Secure Connect &
Niagara 4 Data Sheet

Niagara Cybersecurity Processes & Capabilities

White Paper - Cybersecurity and the IoT - Threats, Best Practices and Lessons Learned

Niagara 4 Hardening Guide

View all Technical Bulletins available on the Resource Center

Cybersecurity Best Practices TridiumTalk

Join the Niagara Community