Digital Identity for the Edge

ForgeRock Edge Security

Need Secure Edge Computing that Protects IoT?


Secure Edge Devices for IoT

The internet of things (IoT) is revolutionizing industries with connected devices that can streamline processes and allow companies to create innovative operational architectures, but it is not without risk. It is necessary that IoT devices are trusted and their data is secured.

ForgeRock Edge Security offers identity-driven security by creating trusted identities, and ensuring the ongoing authenticity and authorization of connected devices and their transactions or data streams. Combined with the ForgeRock Identity Platform, the innovative capabilities support trusted authentication and granular relationship-based authorization decisions for common IoT design patterns, including device-to-device, device-to-service, and user-to-device.

ForgeRock Edge Security (composed of the Identity Edge Controller and the Identity Message Broker) can help you close the IoT security gap and build trusted identity relationships with a secure solution that includes contextual security, open standards, and IoT-grade scalability.

Webinar– Security On The Edge: A New Way To Think About
Securing the Internet of Things



Datasheet: Get an overview of ForgeRock Edge Security

Download Now


Guide: Top 12 requirements for an IoT-ready identity platform

Download the Guide


White Paper: Deploy a secure IoT architecture to support customer and industrial IoT use cases

Get Best Practices

Identity Edge Controller

Trust begins with identity. In order to ensure the integrity of the entire system, it is crucial to securely establish and maintain the full lifecycle of IoT devices. These identities and their associated credentials must be trusted and usable across numerous connected ecosystems to prevent man-in-the-middle and other types of attacks.

The Identity Edge Controller (IEC) runs on smart edge devices, providing edge privacy and integrity, including secure device attestation. With a broad range of deployment options, even where network access is not guaranteed, you can ensure trusted relationships between devices at all times. IEC enables devices to harness further capabilities of the platform such as standards-based tokens, authentication, and authorization between devices, and between devices and other cloud or distributed microservices.

  • Secure device attestation and on-boarding of trusted device identities
  • Device authentication and authorization
  • Proxied on-boarding of simple and constrained edge devices
  • Secure configuration endpoints for connected devices and services
  • Root of Trust-based signing and encryption
IIOT Industrial Internet of Things

Identity Message Broker

Organizations today need a way to secure and identity-enable industrial IoT data flows that don’t speak HTTPS. Unfortunately, many IoT data flows using popular protocols like MQTT lack secure authentication and authorization.

The Identity Message Broker (IMB) compliments device security provided by the Identity Edge Controller by providing message-level security over native IoT protocols. The IMB installs on-premise, in the cloud, or on the edge, and can receive data streams from thousands of IoT devices. It authenticates the source and secures the data, and authorizes data flows. The IMB can even be configured to install on the same hardware as the Identity Edge Controller, providing an all in one IoT edge security solution.

  • Authentication and authorization enforcement for MQTT secures and hardens the sending and receiving of MQTT dataflows between an edge client and the cloud in Internet of Things (IoT) systems
  • Evaluate access policies at the moment of action
  • Token-based validation of devices enables revocation and expiration of credentials, ensuring device identity