Periscope Security

Owned by Mark Fenimore
Last updated: Apr 23, 2018
2 min read

Secure by Default

The Periscope Dashboard software was developed to run as a "Service" on any instance of Niagara 4.X + or as an application on SkySpark 3.X +. Periscope is provided to customers in the form of a compiled .JAR file (Niagara module) or as a .POD for SkySpark, along with a corresponding license file that must also be installed on the client's server where Niagara or SkySpark resides. As Periscope requires no outside internet access (unless it is being hosted by a 3rd party), Niagara and/or SkySpark therefore serve as the primary software platforms that must be scrutinized to ensure network security is not compromised in any way.

Periscope User Access

Periscope utilizes usernames, passwords, and corresponding permissions, roles, and read and write capabilities that may have been configured in the host software for requisite end user access privileges. Best practices should be followed in regards to assigning these access rights and sharing of any accounts and/or passwords. 


Network Details

Periscope is accessed through a modern browser by navigating to  http(s)://IP_of_host/periscope. Niagara's default settings will provide HTTPS access to Periscope via port 443. This is often overridden by operators to HTTP, however, so be sure proper settings are entered in the Web Services configuration in Niagara to adhere with your installation's security requirements.

SkySpark offers similar HTTPS capability, but you must add your server's private key and certificate chain to the skyarc keystore to enable (see https://skyfoundry.com/doc/docSkySpark/Crypto for instructions).











Niagara Security

For additional peace of mind when it comes to the security of all Niagara instances, consider nProtex. Activelogix has digitized the Niagara security hardening guides for AX and N4 applications, providing on-demand reporting as it relates to threats to their system's security.