This final part assumes your infrastructure and Erlang VM are already hardened, as described in Part 2. We now move to the layers most SREs and security teams interact with day‑to‑day: TLS termination, MQTT‑level authentication and authorization, administrative access, and disaster recovery.
This second article focuses on the foundation beneath EMQX: the Linux kernel, network stack, and Erlang VM. If Part 1 explained why security and reliability converge for a stateful MQTT broker, this part shows where that convergence actually bites in production: file descriptors, TCP behavior under load, firewall rules, and Erlang distribution security.
This article is the first in a three-part series on hardening EMQX for large‑scale IoT production use. Here we frame security as a core reliability concern, explain why MQTT’s stateful nature changes the threat model, and end with a practical checklist you can apply directly to your own clusters.
This article will introduce the basic principles of Token-Based Authentication based on JWT, and how to build your own JWKS Endpoint.
Understand what authorization is and common methods in MQTT. Learn how to use ACLs to control access to MQTT messaging.
Discuss the strategies to enhance IoT operating system security from multiple perspectives.
This blog will look at how rate limit can enhance the security of MQTT brokers and IoT platforms.
This blog post will focus specifically on TLS and its ability to ensure the integrity, confidentiality, and authenticity of MQTT communication.
We will explore token-based authentication and OAuth 2.0, explaining their concepts and demonstrating their implementation in MQTT.
Enhanced authentication is a novel authentication framework introduced in MQTT 5.0. It offers a range of alternative methods that are more secure than traditional password authentication.
We will explain the key aspects of MQTT security and how to incorporate security into your IoT system from the beginning of your design process.
In this article, we explain how authentication works in MQTT, what security risks it solves, and introduce the first authentication method: password-based authentication