Issue
Procedures and processes to secure I/A Series Niagara 4 Systems
Product Line
TAC IA Series
Environment
I/A Series Niagara 4 Systems
Cause
- Users accessing system without permission
- Potential damage done by malicious entry to the system
Resolution
The attached document describes how to implement security best practices in an I/A Series Niagara 4 system. While it is impossible to make any system completely impenetrable, there are many ways to build up a system that is more resistant to attacks. In particular, this document describes how you can help make an I/A Series Niagara 4 system more secure by carefully configuring and using:
- Passwords
- System Passphrase
- Platform Account Management
- Station Account Management
- Role and Permission Management
- Authentication
- TLS and Certificate Management
- Module Installation
- Additional Settings
- External Factors
Please note that while all of these steps should be taken to protect your I/A Series Niagara 4 system, they do not constitute a magic formula. Many factors affecting security and vulnerabilities in one area can affect security in another; it doesn’t mean much to configure a system expertly if your JACE is left physically unsecured where anyone can access it.
Note: Schneider Electric strongly recommends upgrading to the latest I/A Series N4 version maintenance build that implements numerous security updates. Before updating any system, make sure to review the build included documentation to understand the behavioral impacts of the security enhancements and JACE hardware platforms supported.
Download the Niagara 4 Hardening Guide for more details.
