Issue
Procedures and processes to secure I/A Series G3 (AX) Systems
Environment
I/A Series Niagara G3 (AX) Systems
Cause
- Users accessing system without permission
- Potential damage done by malicious entry to the system
Resolution
The attached document describes how to implement security best practices in an I/A Series Niagara G3 system. While it is impossible to make any system completely impenetrable, there are many ways to build up a system that is more resistant to attacks. In particular, this document describes how you can help make an I/A Series Niagara G3 system more secure by carefully configuring and using.
- Passwords
- Accounts and Permissions
- Authentication
- TLS and Certificate Management
- JACE-8000 Settings
- Additional Settings
Please note that while all of these steps should be taken to protect your I/A Series Niagara G3 system, they do not constitute a magic formula. Many factors affecting security and vulnerabilities in one area can affect security in another; it doesn't mean much to configure a system expertly if your JACE is left physically unsecured where anyone can access it.
Note: Schneider Electric strongly recommends upgrading to the latest I/A Series G3 version 3.8 maintenance build that implements numerous security updates. Before updating any system, make sure to review the build included documentation to understand the behavioral impacts of the security enhancements.
Download the Niagara AX Hardening Guide for more details.
