HiveMQ Security

Products Products
- Try HiveMQ
  
  Download a free trial of the HiveMQ Broker with 5+ enterprise extensions or try it on the cloud.
  
  Get started for free
- - HiveMQ Broker
  - HiveMQ Cloud
  - Editions
  - Pricing
  - Support
  - Services
- Tools and Extensions
- Open Source
MQTT MQTT
- Confidently choose the right MQTT platform for your organization.
  
  Read Buyer’s Guide
- Guides
Solutions Solutions
- Learn how Industrial IoT is improving pharma manufacturing.
  
  Read the whitepaper
- By Industry
- By Technology
Customers
Learn Learn
- Watch our exciting new video case study to learn how Rimac is accelerating the future of connected cars.
  
  Watch now
- - Blog
  - Articles
  - Whitepapers
  - eBooks
  - Case Studies
- - Webinars
  - Videos
  - Events
  - Newsletter
  - Data Sheets
Company Company
Contact

Security is a key concern for any IoT application. HiveMQ implements the security features required for safe and secure enterprise IT and OT deployments.

Key Features

TLS / SSL Encryption

Secure communication between HiveMQ and MQTT clients
Secure communication between HiveMQ cluster nodes
Native TLS/SSL support for increased performance
OCSP Stapling caches the result of the OCSP responder with the Broker so individual MQTT clients no longer need to check OCSP

Authentication & Authorization

Username & password
OAuth 2.0 (JWT)
X.509 client certificates
Fine-grained & dynamic permissions
Support of external data sources for credentials, roles and permissions
Lightweight Directory Access Protocol (LDAP)

Overload Protection

Throttles overactive publishing clients so HiveMQ broker is not overloaded
Dramatically improves the resiliency of a HiveMQ cluster

Tracing of accesses

Access log for MQTT clients
Audit log for Control Center actions

HiveMQ Security Architecture

More Resources

Read our blog post about Enterprise Security Extension

Blog Article "A better solution for IoT Security and MQTT"

Documentation

Download Enterprise Security Extension

HiveMQ Enterprise Security Extension (ESE) Key Features
	Integration with third party enterprise security systems, includes support for authentication and authorization using SQL databases, OAuth 2.0 and LDAP
	Preprocessing of authentication and authorization data coming from a MQTT client
	A structured access log for tracking security related device information
	Allow for fine-grained authorization rules that can specify permissions for specific clients or a group of clients
	Access control for the HiveMQ Control Center
	Download ESE

Security Features in HiveMQ Broker

HiveMQ Broker Security Features
	Default support for TLS
	Support for Java Key Store and Java Trust Stores to store X.509 certificates and encryption keys
	Configuration to limit valid Cipher Suites
	Cluster overload protection that allows for throttling MQTT clients
	Increase performance via native SSL support (Enterprise Edition Only)
	OCSP stapling to increase performance of client TLS connection (Enterprise Edition Only)
	A structured audit log for tracking security related control center user information (Enterprise Edition Only)
	Download HiveMQ