NGINX and IoT: Adding Protocol Awareness for MQTT
Speaker: Liam Crilly, Director of Product Management, NGINX, Inc.
In this presentation, Liam Crilly from NGINX will give a detailed overview of the problem the team set out to solve for HiveMQ around security and load balancing. To improve IoT security, it is best practice to use TLS to encrypt the MQTT data passing between clients and upstream servers. We will look in depth at how NGINX Plus can be used to easily offload this process facilitating the encrypted transport. We will look at how an additional layer of security using client certificate authentication and a powerful scripting language called nginScript can be used to harden an MQTT deployment and in turn ensuring that messages are received are from a trusted and genuine device.
Lastly, we set out to solve an issue of application persistence in an internet facing production deployment. In many cases IoT devices are connecting over the internet and building a session based on their IP address becomes unreliable, for this the session is identified by the clientId provided by the client on connection establishment. We will showcase how nginScript is used to extract this unique client identifier from the initial connection passing through NGINX Plus and in turn is used to build a sticky session to the backend server.
This solution has been implemented and in turn helped solve issues around security hardening, offloading of TLS encryption of the MQTT transport and has allowed the implantation of a platform agnostic approach to proxying and load balancing within the applications infrastructure.
Additional Details:
MQTT is a lightweight, open and scalable protocol that was originally published in 1999 for communication with remote oil fields. It was updated for IoT use cases in 2013 and has since become one of the top protocols of choice for many IoT deployments. With the increased production IoT deployments and the staggering amount of devices connecting to MQTT brokers, the demand for a high performant load balancer with advanced functionality is more than ever a critical factor to the success of their implementation.
Learn more about NGINX: http://bit.ly/2wCoSSL
Like us on Facebook: http://bit.ly/2xktd0r
Follow us on Twitter: http://bit.ly/2xcdZeM
Watch video NGINX and IoT: Adding Protocol Awareness for MQTT online without registration, duration hours minute second in high quality. This video was added by user NGINX 20 September 2017, don't forget to share it with your friends and acquaintances, it has been viewed on our site 5,014 once and liked it 62 people.