Issue
Procedures and processes to secure I/A Series Niagara 4 Systems
Product Line
TAC IA Series
Environment
I/A Series Niagara 4 Systems
Cause
- Users accessing system without permission
- Potential damage done by malicious entry to the system
Resolution
The attached document describes how to implement security best practices in an I/A Series Niagara 4 system. While it is impossible to make any system completely impenetrable, there are many ways to build up a system that is more resistant to attacks. In particular, this document describes how you can help make an I/A Series Niagara 4 system more secure by carefully configuring and using:
- Passwords
- System Passphrase
- Platform Account Management
- Station Account Management
- Role and Permission Management
- Authentication
- TLS and Certificate Management
- Module Installation
- Additional Settings
- External Factors
Please note that while all of these steps should be taken to protect your I/A Series Niagara 4 system, they do not constitute a magic formula. Many factors affecting security and vulnerabilities in one area can affect security in another; it doesn’t mean much to configure a system expertly if your JACE is left physically unsecured where anyone can access it.
Note: Schneider Electric strongly recommends upgrading to the latest I/A Series N4 version maintenance build that implements numerous security updates. Before updating any system, make sure to review the build-included documentation to understand the behavioral impacts of the security enhancements and JACE hardware platforms supported.
Download the Niagara 4 Hardening Guide_2023 for more details.
