HiveMQ Security

Security is a key concern for any IoT application. HiveMQ implements the security features required for safe and secure enterprise IT and OT deployments.

Key Features

TLS / SSL Encryption

  • Secure communication between HiveMQ and MQTT clients
  • Secure communication between HiveMQ cluster nodes
  • Native TLS/SSL support for increased performance
  • OCSP Stapling caches the result of the OCSP responder with the Broker so individual MQTT clients no longer need to check OCSP

Authentication & Authorization

  • Username & password
  • OAuth 2.0 (JWT)
  • X.509 client certificates
  • Fine grained & dynamic permissions
  • Support of external data sources for credentials, roles and permissions
  • Lightweight Directory Access Protocol (LDAP)

Overload Protection

  • Throttles overactive publishing clients so HiveMQ broker is not overloaded
  • Dramatically improves the resiliency of a HiveMQ cluster

Tracing of accesses

  • Access log for MQTT clients
  • Audit log for Control Center actions

HiveMQ Security Architecture

HiveMQ Enterprise Security Extension (ESE) Key Features
Integration with third party enterprise security systems, includes support for authentication and authorization using SQL databases, OAuth 2.0 and LDAP
Preprocessing of authentication and authorization data coming from a MQTT client
A structured access log for tracking security related device information
Allow for fine-grained authorization rules that can specify permissions for specific clients or a group of clients
Access control for the HiveMQ Control Center
Download ESE

Security Features in HiveMQ Broker

HiveMQ Broker Security Features
Default support for TLS
Support for Java Key Store and Java Trust Stores to store X.509 certificates and encryption keys
Configuration to limit valid Cipher Suites
Cluster overload protection that allows for throttling MQTT clients
Increase performance via native SSL support (Enterprise Edition Only)
OCSP stapling to increase performance of client TLS connection (Enterprise Edition Only)
A structured audit log for tracking security related control center user information (Enterprise Edition Only)
Download HiveMQ

Contact us to discuss how HiveMQ can add security to your MQTT and IoT deployment.