Online Help

Products

    Pages

        Security at Crestron | Security Advisories | Resources & Documentation | Report Vulnerability

        Security at Crestron

        Thousands of companies across hundreds of industries, government agencies, universities, and more have standardized on Crestron products. They trust and rely on Crestron to make their lives simpler and work/ education environments secure. Central to that success is Crestron’s unwavering commitment to network security. Simply put, “If it’s on the network, it must be secure.” Clients need to know who and what is on their network.


        Our process

        A secure system, of course, doesn’t just happen. There are large number of considerations that need to be accounted for throughout the development process. Crestron allocates and dedicates resources to define the problem spaces and document the appropriate solutions.

        Step 1 - Identifying risks that are applicable to the systems and identifying assumptions about the operating environment.

        Step 2 - All source code is reviewed to ensure not only proper functionality, but also conformance to security guidelines.

        Step 3 - Source code is subjected to scans using automated tools that review code for common errors and security holes.

        Step 4 - A rigorous testing process is in place once the software/firmware is compiled and loaded into systems. Each night, the latest code is built and automated tests are run to ensure system stability. Included in these tests are standard network scanning tools to ensure there are no unauthorized ports, etc. which have been open.


        Providing network security at the product level.

        Enterprise IT departments categorize devices that don’t support these features as a security risk.

        • AES Encryption
          Ensures secure transmissions. The same protocol banks use to protect transactions on the Internet.
        • 802.1x Authentication
          Ensures that every device on the network is explicitly authorized by the IT department.
        • Active Directory®
          Centralized credential management ensures that only authorized users gain access.
        • JITC Certification
          Crestron products have received approval by the Joint Interoperability Test Command (JITC) of the U.S. Department of Defense Information Systems Agency (DISA) and have been added to the Unified Capabilities (UC) Approved Products List (APL).
        • PKI Authentication
          Required when simple passwords are inadequate to confirm the identity of the parties involved in a particular action or communication, and to validate the information being transferred.
        • TLS
          The most widely used security protocol, TLS provides privacy and data integrity between two applications communicating over a network.
        • SSH Network Protocol
          Encrypts and protects communications, whereas Telnet, used in other Network AV products, does not.
        • HTTPS
          The secure version of HTTP, HTTPS encrypts the data sent between your web browser and the website you’re connected to, ensuring the privacy and integrity of the exchanged data. The “S” at the end of HTTPS stands for “Secure.”
        • Secure CIP
          Ensures communications between Crestron control processors and DM NVX devices are secure.