Is it me or does "trusted certificate" and self-signed being in the same sentence make one shutter. Wonder if selfies only apply to code signing or if that applies to any TLS connection Niagara makes since the selfi-CA cert would be in the trust store?In Niagara 4.9, all modules must be signed by valid, trusted certificate (may be self-signed).
What's the expiration on these code signing certs? Do my drivers stop working when that happens??
And it sucks up another ~40Mb memory vs 4.8
Tridium is pleased to announce the general availability of Niagara Framework® 4.9. This release incorporates important new features and functionality to support Niagara users in cyber security, visualization, rapid deployment, edge control, connectivity, certification, and IT compliance. We hope you will upgrade soon to take advantage of all that is built into Niagara 4.9 as detailed below.
NEW IN NIAGARA 4.9
- Single Sign-On with Niagara as an Identity Provider: Securely navigate Niagara Stations using Single Sign-On (SSO) with Niagara as the identity provider (IdP), instead of manually configuring and managing an external IdP. SSO allows users to login into one station and access all other connected stations via a browser without having to re-authenticate.
- Enhanced Graphics with Tag-Based Visualization: Create a graphical user interface (GUI) for your Niagara station based entirely on tags. Tag based PX bindings allow you to create graphics and assign them semantic tags from the dictionary of your choice once, and then reuse any number of times.
- Edge 10 – IO Expansion: Edge 10 now supports two IO-R-34 modules and allows control of both onboard and remote IO with ACE. Utilize the Edge 10 for more applications by enabling critical control of field equipment that require additional IO modules. License refresh required.
Updates to Niagara MQTT driver to support AWS (Amazon Web Services) Authentication.
- Cloud Connectivity: New connectivity options reduce the time and complexity of integrating Niagara with cloud solutions:
New JSON Toolkit makes it easy to construct bespoke messages into required formats for cloud communication.
- Improved Edge Tools: The latest updates make it easier to upgrade installed application templates and provide greater flexibility when defining and configuring peer device and/or station proxies upon installation of an application template.
- Niagara Proxy Service Enhancements: The Niagara Proxy Service now supports HTTPS connections and a digest authentication scheme, facilitating improved IT compliance and enabling modern web services that utilize secure connectivity behind corporate IT proxy servers.
- Niagara Security History Log: The Security History Log provides users with an understanding of who, or what, is logging into or changing security related settings on your Niagara instance
- Third-Party Module Signing: The security posture of any Niagara installation is stronger when all third-party modules are signed. Niagara now enforces this best practice and makes administrators aware of unsigned modules, automatically eliminating the risk that modules may have been tampered with or come from an untrustworthy source. To allow developers sufficient time to transition to signing their code, this feature began its rollout in Niagara 4.8. In Niagara 4.9, all modules must be signed by valid, trusted certificate (may be self-signed).
- ACE on Third-Party Hardware: Originally released in 4.8 for Edge 10, Niagara's ACE deterministic engine enables users to make changes to logic and load the updated code without a complete shutdown. When shut-down is necessary, start-up is faster with ACE. Niagara 4.9 gives third-party vendors creating controllers powered by Niagara the option to include ACE on their platforms. ACE is available to partners as Early Access to be officially released in 4.10. Look for announcements from your favorite ‘Powered By Niagara’ controller as ACE is rolled out.
- HTML5 Video Streaming: Milestone and Axis video drivers have been updated to eliminate java dependencies in the browser. View video streams associated with alarms directly from the Niagara alarm console and add video links to your system graphics to enhance building intelligence. With HTML5 streaming, mobile devices can also access these video streams, enabling remote users to quickly assess situations in their facility and react accordingly.
- Updated OS and Enterprise Applications: In Niagara 4.9, we have added support for a number of new operating systems and enterprise applications (new additions in bold type). As with all software products, we must also deprecate support for some operating systems and enterprise applications. Here is the list of deprecated products that will not be supported as of Niagara 4.9.
HOW TO GET STARTED
- Cyber Security Update: Niagara 4.9 includes a fix to a TLS timeout issue that could occur during a failed TLS handshake.
- Get familiar with the breaking changes with this release.
- Learn about some of the new features of 4.9 with our free Niagara 4.9 training courses on Tridium University.
- Review new Niagara 4.9 documentation.
- Read more about Niagara 4.9 and IT Network Scanners.
- Review the upgrade considerations prior to upgrading to Niagara 4.9.
- New license features were added for Single Sign On. When deploying Niagara 4.9, Tridium recommends refreshing your license to pick up the new features added to the Niagara 4 Supervisor, JACE-8000, and Edge 10 parts.
- Download the Niagara 4.9 Supervisor data sheet.
- Join the TridiumTalk on July 23 to learn more about the new features of Niagara 4.9. Register today!